Scanned pages/files
Request | Server response | Status |
http://vmshop.ru/ | 200 OK Content-Length: 24524 Content-Type: text/html | suspicious |
Suspicious code found <!-- Yandex.Metrika informer --> <a href="http://metrika.yandex.ru/stat/?id=18775561&from=informer" target="_blank" rel="nofollow"><img src="//bs.yandex.ru/informer/18775561/3_0_61639DFF_41437DFF_1_pageviews" style="width:88px; height:31px; border:0;" alt="ßíäåêñ.Ìåòðèêà" title="ßíäåêñ.Ìåòðèêà: äàííûå çà ñåãîäíÿ (ïðîñìîòðû, âèçèòû è óíèêàëüíûå ïîñåòèòåëè)" onclick="try{Ya.Metrika.informer({i:this,id:18775561,lang:'ru'});return false}catch(e){}"/></a> (function() { var ga = document.createElement('script'); ga.type = 'text/javascript'; ga.async = true; ga.src = ('https:' == document.location.protocol ? 'https://ssl' : 'http://www') + '.google-analytics.com/ga.js'; var s = document.getElementsByTagName('script')[0]; s.parentNode.insertBefore(ga, s); })(); </script> <script type="text/javascript" src="//yandex.st/share/share.js" charset="utf-8"></script> | ||
http://vmshop.ru/js/bottom.js | 200 OK Content-Length: 1886 Content-Type: application/x-javascript | clean |
http://vmshop.ru/personal/cart/ | 200 OK Content-Length: 13536 Content-Type: text/html | suspicious |
Suspicious code found <!-- Yandex.Metrika informer --> <a href="http://metrika.yandex.ru/stat/?id=18775561&from=informer" target="_blank" rel="nofollow"><img src="//bs.yandex.ru/informer/18775561/3_0_61639DFF_41437DFF_1_pageviews" style="width:88px; height:31px; border:0;" alt="ßíäåêñ.Ìåòðèêà" title="ßíäåêñ.Ìåòðèêà: äàííûå çà ñåãîäíÿ (ïðîñìîòðû, âèçèòû è óíèêàëüíûå ïîñåòèòåëè)" onclick="try{Ya.Metrika.informer({i:this,id:18775561,lang:'ru'});return false}catch(e){}"/></a> (function() { var ga = document.createElement('script'); ga.type = 'text/javascript'; ga.async = true; ga.src = ('https:' == document.location.protocol ? 'https://ssl' : 'http://www') + '.google-analytics.com/ga.js'; var s = document.getElementsByTagName('script')[0]; s.parentNode.insertBefore(ga, s); })(); </script> <script type="text/javascript" src="//yandex.st/share/share.js" charset="utf-8"></script> | ||
http://vmshop.ru/bitrix/js/main/ajax.js | 200 OK Content-Length: 35508 Content-Type: application/x-javascript | clean |
http://vmshop.ru/login/?register=yes&backurl=%2Flogin%2F | 200 OK Content-Length: 14418 Content-Type: text/html | suspicious |
Suspicious code found <!-- Yandex.Metrika informer --> <a href="http://metrika.yandex.ru/stat/?id=18775561&from=informer" target="_blank" rel="nofollow"><img src="//bs.yandex.ru/informer/18775561/3_0_61639DFF_41437DFF_1_pageviews" style="width:88px; height:31px; border:0;" alt="ßíäåêñ.Ìåòðèêà" title="ßíäåêñ.Ìåòðèêà: äàííûå çà ñåãîäíÿ (ïðîñìîòðû, âèçèòû è óíèêàëüíûå ïîñåòèòåëè)" onclick="try{Ya.Metrika.informer({i:this,id:18775561,lang:'ru'});return false}catch(e){}"/></a> (function() { var ga = document.createElement('script'); ga.type = 'text/javascript'; ga.async = true; ga.src = ('https:' == document.location.protocol ? 'https://ssl' : 'http://www') + '.google-analytics.com/ga.js'; var s = document.getElementsByTagName('script')[0]; s.parentNode.insertBefore(ga, s); })(); </script> <script type="text/javascript" src="//yandex.st/share/share.js" charset="utf-8"></script> | ||
http://vmshop.ru/catalog/ | 200 OK Content-Length: 13433 Content-Type: text/html | suspicious |
Suspicious code found <!-- Yandex.Metrika informer --> <a href="http://metrika.yandex.ru/stat/?id=18775561&from=informer" target="_blank" rel="nofollow"><img src="//bs.yandex.ru/informer/18775561/3_0_61639DFF_41437DFF_1_pageviews" style="width:88px; height:31px; border:0;" alt="ßíäåêñ.Ìåòðèêà" title="ßíäåêñ.Ìåòðèêà: äàííûå çà ñåãîäíÿ (ïðîñìîòðû, âèçèòû è óíèêàëüíûå ïîñåòèòåëè)" onclick="try{Ya.Metrika.informer({i:this,id:18775561,lang:'ru'});return false}catch(e){}"/></a> (function() { var ga = document.createElement('script'); ga.type = 'text/javascript'; ga.async = true; ga.src = ('https:' == document.location.protocol ? 'https://ssl' : 'http://www') + '.google-analytics.com/ga.js'; var s = document.getElementsByTagName('script')[0]; s.parentNode.insertBefore(ga, s); })(); </script> <script type="text/javascript" src="//yandex.st/share/share.js" charset="utf-8"></script> | ||
http://vmshop.ru/about/ | 200 OK Content-Length: 13362 Content-Type: text/html | suspicious |
Suspicious code found <!-- Yandex.Metrika informer --> <a href="http://metrika.yandex.ru/stat/?id=18775561&from=informer" target="_blank" rel="nofollow"><img src="//bs.yandex.ru/informer/18775561/3_0_61639DFF_41437DFF_1_pageviews" style="width:88px; height:31px; border:0;" alt="ßíäåêñ.Ìåòðèêà" title="ßíäåêñ.Ìåòðèêà: äàííûå çà ñåãîäíÿ (ïðîñìîòðû, âèçèòû è óíèêàëüíûå ïîñåòèòåëè)" onclick="try{Ya.Metrika.informer({i:this,id:18775561,lang:'ru'});return false}catch(e){}"/></a> (function() { var ga = document.createElement('script'); ga.type = 'text/javascript'; ga.async = true; ga.src = ('https:' == document.location.protocol ? 'https://ssl' : 'http://www') + '.google-analytics.com/ga.js'; var s = document.getElementsByTagName('script')[0]; s.parentNode.insertBefore(ga, s); })(); </script> <script type="text/javascript" src="//yandex.st/share/share.js" charset="utf-8"></script> | ||
http://vmshop.ru/faq/ | 200 OK Content-Length: 19611 Content-Type: text/html | suspicious |
Suspicious code found <!-- Yandex.Metrika informer --> <a href="http://metrika.yandex.ru/stat/?id=18775561&from=informer" target="_blank" rel="nofollow"><img src="//bs.yandex.ru/informer/18775561/3_0_61639DFF_41437DFF_1_pageviews" style="width:88px; height:31px; border:0;" alt="ßíäåêñ.Ìåòðèêà" title="ßíäåêñ.Ìåòðèêà: äàííûå çà ñåãîäíÿ (ïðîñìîòðû, âèçèòû è óíèêàëüíûå ïîñåòèòåëè)" onclick="try{Ya.Metrika.informer({i:this,id:18775561,lang:'ru'});return false}catch(e){}"/></a> (function() { var ga = document.createElement('script'); ga.type = 'text/javascript'; ga.async = true; ga.src = ('https:' == document.location.protocol ? 'https://ssl' : 'http://www') + '.google-analytics.com/ga.js'; var s = document.getElementsByTagName('script')[0]; s.parentNode.insertBefore(ga, s); })(); </script> <script type="text/javascript" src="//yandex.st/share/share.js" charset="utf-8"></script> | ||
http://vmshop.ru/clients/ | 200 OK Content-Length: 14254 Content-Type: text/html | suspicious |
Suspicious code found <!-- Yandex.Metrika informer --> <a href="http://metrika.yandex.ru/stat/?id=18775561&from=informer" target="_blank" rel="nofollow"><img src="//bs.yandex.ru/informer/18775561/3_0_61639DFF_41437DFF_1_pageviews" style="width:88px; height:31px; border:0;" alt="ßíäåêñ.Ìåòðèêà" title="ßíäåêñ.Ìåòðèêà: äàííûå çà ñåãîäíÿ (ïðîñìîòðû, âèçèòû è óíèêàëüíûå ïîñåòèòåëè)" onclick="try{Ya.Metrika.informer({i:this,id:18775561,lang:'ru'});return false}catch(e){}"/></a> (function() { var ga = document.createElement('script'); ga.type = 'text/javascript'; ga.async = true; ga.src = ('https:' == document.location.protocol ? 'https://ssl' : 'http://www') + '.google-analytics.com/ga.js'; var s = document.getElementsByTagName('script')[0]; s.parentNode.insertBefore(ga, s); })(); </script> <script type="text/javascript" src="//yandex.st/share/share.js" charset="utf-8"></script> | ||
http://vmshop.ru/delivery/ | 200 OK Content-Length: 12699 Content-Type: text/html | suspicious |
Suspicious code found <!-- Yandex.Metrika informer --> <a href="http://metrika.yandex.ru/stat/?id=18775561&from=informer" target="_blank" rel="nofollow"><img src="//bs.yandex.ru/informer/18775561/3_0_61639DFF_41437DFF_1_pageviews" style="width:88px; height:31px; border:0;" alt="ßíäåêñ.Ìåòðèêà" title="ßíäåêñ.Ìåòðèêà: äàííûå çà ñåãîäíÿ (ïðîñìîòðû, âèçèòû è óíèêàëüíûå ïîñåòèòåëè)" onclick="try{Ya.Metrika.informer({i:this,id:18775561,lang:'ru'});return false}catch(e){}"/></a> (function() { var ga = document.createElement('script'); ga.type = 'text/javascript'; ga.async = true; ga.src = ('https:' == document.location.protocol ? 'https://ssl' : 'http://www') + '.google-analytics.com/ga.js'; var s = document.getElementsByTagName('script')[0]; s.parentNode.insertBefore(ga, s); })(); </script> <script type="text/javascript" src="//yandex.st/share/share.js" charset="utf-8"></script> | ||
http://vmshop.ru/personal/ | 200 OK Content-Length: 13387 Content-Type: text/html | suspicious |
Suspicious code found <!-- Yandex.Metrika informer --> <a href="http://metrika.yandex.ru/stat/?id=18775561&from=informer" target="_blank" rel="nofollow"><img src="//bs.yandex.ru/informer/18775561/3_0_61639DFF_41437DFF_1_pageviews" style="width:88px; height:31px; border:0;" alt="ßíäåêñ.Ìåòðèêà" title="ßíäåêñ.Ìåòðèêà: äàííûå çà ñåãîäíÿ (ïðîñìîòðû, âèçèòû è óíèêàëüíûå ïîñåòèòåëè)" onclick="try{Ya.Metrika.informer({i:this,id:18775561,lang:'ru'});return false}catch(e){}"/></a> (function() { var ga = document.createElement('script'); ga.type = 'text/javascript'; ga.async = true; ga.src = ('https:' == document.location.protocol ? 'https://ssl' : 'http://www') + '.google-analytics.com/ga.js'; var s = document.getElementsByTagName('script')[0]; s.parentNode.insertBefore(ga, s); })(); </script> <script type="text/javascript" src="//yandex.st/share/share.js" charset="utf-8"></script> | ||
http://vmshop.ru/contacts/ | 200 OK Content-Length: 14990 Content-Type: text/html | suspicious |
Suspicious code found <!-- Yandex.Metrika informer --> <a href="http://metrika.yandex.ru/stat/?id=18775561&from=informer" target="_blank" rel="nofollow"><img src="//bs.yandex.ru/informer/18775561/3_0_61639DFF_41437DFF_1_pageviews" style="width:88px; height:31px; border:0;" alt="ßíäåêñ.Ìåòðèêà" title="ßíäåêñ.Ìåòðèêà: äàííûå çà ñåãîäíÿ (ïðîñìîòðû, âèçèòû è óíèêàëüíûå ïîñåòèòåëè)" onclick="try{Ya.Metrika.informer({i:this,id:18775561,lang:'ru'});return false}catch(e){}"/></a> (function() { var ga = document.createElement('script'); ga.type = 'text/javascript'; ga.async = true; ga.src = ('https:' == document.location.protocol ? 'https://ssl' : 'http://www') + '.google-analytics.com/ga.js'; var s = document.getElementsByTagName('script')[0]; s.parentNode.insertBefore(ga, s); })(); </script> <script type="text/javascript" src="//yandex.st/share/share.js" charset="utf-8"></script> | ||
http://vmshop.ru/news/obnovlenie_kollektsii_/ | 200 OK Content-Length: 12450 Content-Type: text/html | suspicious |
Suspicious code found <!-- Yandex.Metrika informer --> <a href="http://metrika.yandex.ru/stat/?id=18775561&from=informer" target="_blank" rel="nofollow"><img src="//bs.yandex.ru/informer/18775561/3_0_61639DFF_41437DFF_1_pageviews" style="width:88px; height:31px; border:0;" alt="ßíäåêñ.Ìåòðèêà" title="ßíäåêñ.Ìåòðèêà: äàííûå çà ñåãîäíÿ (ïðîñìîòðû, âèçèòû è óíèêàëüíûå ïîñåòèòåëè)" onclick="try{Ya.Metrika.informer({i:this,id:18775561,lang:'ru'});return false}catch(e){}"/></a> (function() { var ga = document.createElement('script'); ga.type = 'text/javascript'; ga.async = true; ga.src = ('https:' == document.location.protocol ? 'https://ssl' : 'http://www') + '.google-analytics.com/ga.js'; var s = document.getElementsByTagName('script')[0]; s.parentNode.insertBefore(ga, s); })(); </script> <script type="text/javascript" src="//yandex.st/share/share.js" charset="utf-8"></script> | ||
http://vmshop.ru/news/kak_vyvesti_pyatna_s_detskoy_odezhdy_obshchie_printsipy/ | 200 OK Content-Length: 13726 Content-Type: text/html | suspicious |
Suspicious code found <!-- Yandex.Metrika informer --> <a href="http://metrika.yandex.ru/stat/?id=18775561&from=informer" target="_blank" rel="nofollow"><img src="//bs.yandex.ru/informer/18775561/3_0_61639DFF_41437DFF_1_pageviews" style="width:88px; height:31px; border:0;" alt="ßíäåêñ.Ìåòðèêà" title="ßíäåêñ.Ìåòðèêà: äàííûå çà ñåãîäíÿ (ïðîñìîòðû, âèçèòû è óíèêàëüíûå ïîñåòèòåëè)" onclick="try{Ya.Metrika.informer({i:this,id:18775561,lang:'ru'});return false}catch(e){}"/></a> (function() { var ga = document.createElement('script'); ga.type = 'text/javascript'; ga.async = true; ga.src = ('https:' == document.location.protocol ? 'https://ssl' : 'http://www') + '.google-analytics.com/ga.js'; var s = document.getElementsByTagName('script')[0]; s.parentNode.insertBefore(ga, s); })(); </script> <script type="text/javascript" src="//yandex.st/share/share.js" charset="utf-8"></script> | ||
http://vmshop.ru/news/odezhda_dlya_novorozhdennykh_proizvedennaya_iz_organicheskikh_tkaney/ | 200 OK Content-Length: 13808 Content-Type: text/html | suspicious |
Suspicious code found <!-- Yandex.Metrika informer --> <a href="http://metrika.yandex.ru/stat/?id=18775561&from=informer" target="_blank" rel="nofollow"><img src="//bs.yandex.ru/informer/18775561/3_0_61639DFF_41437DFF_1_pageviews" style="width:88px; height:31px; border:0;" alt="ßíäåêñ.Ìåòðèêà" title="ßíäåêñ.Ìåòðèêà: äàííûå çà ñåãîäíÿ (ïðîñìîòðû, âèçèòû è óíèêàëüíûå ïîñåòèòåëè)" onclick="try{Ya.Metrika.informer({i:this,id:18775561,lang:'ru'});return false}catch(e){}"/></a> (function() { var ga = document.createElement('script'); ga.type = 'text/javascript'; ga.async = true; ga.src = ('https:' == document.location.protocol ? 'https://ssl' : 'http://www') + '.google-analytics.com/ga.js'; var s = document.getElementsByTagName('script')[0]; s.parentNode.insertBefore(ga, s); })(); </script> <script type="text/javascript" src="//yandex.st/share/share.js" charset="utf-8"></script> |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: vmshop.ru
Result:
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Thu, 17 Apr 2014 19:43:22 GMT
Pragma: no-cache
Server: nginx/1.4.1
Vary: Accept-Encoding
Content-Type: text/html; charset=windows-1251
Expires: Thu, 19 Nov 1981 08:52:00 GMT
P3P: policyref="/bitrix/p3p.xml", CP="NON DSP COR CUR ADM DEV PSA PSD OUR UNR BUS UNI COM NAV INT DEM STA"
Set-Cookie: PHPSESSID=244f6c90ee48de5e80a607a9b51e95f0; path=/; domain=vmshop.ru
Set-Cookie: BITRIX_SM_SALE_UID=41296; expires=Sun, 12-Apr-2015 19:43:22 GMT; path=/; domain=vmshop.ru
X-Powered-By: PHP/5.3.18
X-Powered-CMS: Bitrix Site Manager (a3ee1ea75de07d2c14695ec1b01546b9)
GET / HTTP/1.1
Host: vmshop.ru
Result:
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Thu, 17 Apr 2014 19:43:22 GMT
Pragma: no-cache
Server: nginx/1.4.1
Vary: Accept-Encoding
Content-Type: text/html; charset=windows-1251
Expires: Thu, 19 Nov 1981 08:52:00 GMT
P3P: policyref="/bitrix/p3p.xml", CP="NON DSP COR CUR ADM DEV PSA PSD OUR UNR BUS UNI COM NAV INT DEM STA"
Set-Cookie: PHPSESSID=244f6c90ee48de5e80a607a9b51e95f0; path=/; domain=vmshop.ru
Set-Cookie: BITRIX_SM_SALE_UID=41296; expires=Sun, 12-Apr-2015 19:43:22 GMT; path=/; domain=vmshop.ru
X-Powered-By: PHP/5.3.18
X-Powered-CMS: Bitrix Site Manager (a3ee1ea75de07d2c14695ec1b01546b9)
Second query (visit from search engine):
GET / HTTP/1.1
Host: vmshop.ru
Referer: http://www.google.com/search?q=vmshop.ru
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: vmshop.ru
Referer: http://www.google.com/search?q=vmshop.ru
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=vmshop.ru
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://vmshop.ru/
Result: vmshop.ru is not infected or malware details are not published yet.
Result: vmshop.ru is not infected or malware details are not published yet.