Scanned pages/files
Request | Server response | Status |
http://www.umastera.ru/ | 200 OK Content-Length: 39116 Content-Type: text/html | clean |
http://www.umastera.ru/wp-content/themes/CherryFramework/js/jquery-1.7.2.min.js?ver=1.7.2 | 200 OK Content-Length: 94840 Content-Type: text/javascript | clean |
http://www.umastera.ru/wp-content/themes/CherryFramework/js/jquery-migrate-1.2.1.min.js?ver=1.2.1 | 200 OK Content-Length: 7199 Content-Type: text/javascript | clean |
http://www.umastera.ru/wp-includes/js/swfobject.js?ver=2.2-20120417 | 200 OK Content-Length: 10231 Content-Type: text/javascript | clean |
http://www.umastera.ru/wp-content/themes/CherryFramework/js/modernizr.js?ver=2.0.6 | 200 OK Content-Length: 12314 Content-Type: text/javascript | clean |
http://www.umastera.ru/wp-content/themes/CherryFramework/js/jflickrfeed.js?ver=1.0 | 200 OK Content-Length: 1078 Content-Type: text/javascript | clean |
http://www.umastera.ru/wp-content/plugins/cherry-plugin/lib/js/jquery.easing.1.3.js?ver=1.3 | 200 OK Content-Length: 3307 Content-Type: text/javascript | clean |
http://www.umastera.ru/wp-content/themes/CherryFramework/js/custom.js?ver=1.0 | 200 OK Content-Length: 7471 Content-Type: text/javascript | clean |
http://www.umastera.ru/wp-content/themes/CherryFramework/bootstrap/js/bootstrap.min.js?ver=2.3.0 | 200 OK Content-Length: 28756 Content-Type: text/javascript | clean |
http://www.umastera.ru/wp-content/plugins/cherry-plugin/lib/js/elasti-carousel/jquery.elastislide.js?ver=1.2.6 | 200 OK Content-Length: 6252 Content-Type: text/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) (function(j,c,l){c.fn.touchwipe=function(a){var b={min_move_x:20,min_move_y:20,wipeLeft:function(){},wipeRight:function(){},wipeUp:function(){},wipeDown:function(){},preventDefaultEvents:!0};a&&c.extend(b,a);this.each(function(){function a(){this.removeEventListener("touchmove",c);d=null;k=!1}function c(h){b.preventDefaultEvents&&h.preventDefault();if(k){var f=d-h.touches[0].pageX;h=e-h.touches[0].pageY;Math.abs(f)>=b.min_move_x?(a(),0<f?b.wipeLeft():b.wipeRight()):Math.abs new c.elastislide(a,this))});return this}})(window,jQuery); Antivirus reports:
| ||
http://www.umastera.ru//maps.googleapis.com/maps/api/js?v=3.exp&sensor=false&ver=4.0.1/ | HTTP/1.1 301 Moved Permanently Cache-Control: no-cache, must-revalidate, max-age=0 Connection: close Date: Wed, 04 Mar 2015 10:30:33 GMT Pragma: no-cache Location: http://www.umastera.ru/maps.googleapis.com/maps/api/js?v=3.exp&sensor=false&ver=4.0.1/ Server: Apache/2.2.15 (Red Hat) mod_rpaf/0.6 PHP/5.4.30 Content-Length: 0 Content-Type: text/html; charset=UTF-8 Expires: Wed, 11 Jan 1984 05:00:00 GMT X-Cache: MISS from t7.ht-systems.ru X-Cache-Lookup: MISS from t7.ht-systems.ru:6666 X-Pingback: http://www.umastera.ru/xmlrpc.php X-Powered-By: PHP/5.4.30 | clean |
http://www.umastera.ru/maps.googleapis.com/maps/api/js?v=3.exp&sensor=false&ver=4.0.1/ | 404 Not Found Content-Length: 21935 Content-Type: text/html | clean |
http://www.umastera.ru/wp-content/themes/CherryFramework/js/jquery.mobile.customized.min.js | 200 OK Content-Length: 17219 Content-Type: text/javascript | clean |
http://www.umastera.ru/wp-content/plugins/contact-form-7/includes/js/jquery.form.min.js?ver=3.51.0-2014.06.20 | 200 OK Content-Length: 15248 Content-Type: text/javascript | clean |
http://www.umastera.ru/wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=4.0.2 | 200 OK Content-Length: 9658 Content-Type: text/javascript | clean |
http://www.umastera.ru/wp-content/themes/CherryFramework/js/superfish.js?ver=1.5.3 | 200 OK Content-Length: 2913 Content-Type: text/javascript | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: umastera.ru
Result:
GET / HTTP/1.1
Host: umastera.ru
Result:
Second query (visit from search engine):
GET / HTTP/1.1
Host: umastera.ru
Referer: http://www.google.com/search?q=umastera.ru
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: umastera.ru
Referer: http://www.google.com/search?q=umastera.ru
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=umastera.ru
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://umastera.ru/
Result: umastera.ru is not infected or malware details are not published yet.
Result: umastera.ru is not infected or malware details are not published yet.