Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=vrazvode.ru
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://vrazvode.ru/
Result: The website is marked by Yandex as SMS-fraud resource. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Yandex as SMS-fraud resource. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://vrazvode.ru/ | 200 OK Content-Length: 7376 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) function empty(id) { byID(id).style.backgroundImage = 'url(/design/templates/front/old/images/field.png)'; } var defaultop = 'дÑÑгие опеÑаÑоÑÑ'; $(function() { $('#mail').bind('keyup', function(e) { if(e.keyCode==13) { CheckMail(); } }); $('#pass').bind('keyup', function(e) { if(e.keyCode==13) { CheckPassword(); } });< s.find('span').text(suggestion.address); s.find('b').text(suggestion.domain); s.slideDown('fast'); }, empty: function(){ s.slideUp('fast'); } }); s.find('a').on('click', function(){ $(this).hasClass('apply') && e.val($(this).text()); s.slideUp('fast'); return false; }); }); }) Antivirus reports:
| ||
http://vrazvode.ru/design/scripts/global.js | 200 OK Content-Length: 2884 Content-Type: application/javascript | clean |
http://ajax.googleapis.com/ajax/libs/jquery/1.7.1/jquery.min.js | 200 OK Content-Length: 93868 Content-Type: text/javascript | clean |
http://vrazvode.ru/design/scripts/jquery.mailcheck.js | 200 OK Content-Length: 3853 Content-Type: application/javascript | clean |
http://vrazvode.ru/design/scripts/front.js | 200 OK Content-Length: 3401 Content-Type: application/javascript | clean |
http://vrazvode.ru/?run=rules | 200 OK Content-Length: 5026 Content-Type: text/html | clean |
http://vrazvode.ru/lib/jquery/jquery-1.7.1.js | 200 OK Content-Length: 248235 Content-Type: application/javascript | clean |
http://vrazvode.ru/lib/jquery/jquery-tools-min.js | 200 OK Content-Length: 44727 Content-Type: application/javascript | clean |
http://vrazvode.ru/lib/jquery/ui/core-min.js | 200 OK Content-Length: 3027 Content-Type: application/javascript | clean |
http://vrazvode.ru/lib/jquery/ui/widget-min.js | 200 OK Content-Length: 2996 Content-Type: application/javascript | clean |
http://vrazvode.ru/lib/jquery/ui/mouse-min.js | 200 OK Content-Length: 2622 Content-Type: application/javascript | clean |
http://vrazvode.ru/lib/jquery/ui/draggable-min.js | 200 OK Content-Length: 18348 Content-Type: application/javascript | clean |
http://vrazvode.ru/lib/jquery/ui/droppable-min.js | 200 OK Content-Length: 5769 Content-Type: application/javascript | clean |
http://vrazvode.ru/lib/jquery/ui/ui.datepicker.js | 200 OK Content-Length: 70078 Content-Type: application/javascript | clean |
http://vrazvode.ru/design/scripts/global-jquery.js | 200 OK Content-Length: 438 Content-Type: application/javascript | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: vrazvode.ru
Result:
HTTP/1.1 200 OK
Cache-Control: no-cache
Cache-Control: no-store, must-revalidate
Connection: close
Date: Thu, 26 Feb 2015 13:25:11 GMT
Server: nginx
Content-Length: 7376
Content-Type: text/html; charset=UTF-8
Expires: Thu, 26 Feb 2015 13:25:10 GMT
X-Powered-By: PHP/5.4.38
...7376 bytes of data.
GET / HTTP/1.1
Host: vrazvode.ru
Result:
HTTP/1.1 200 OK
Cache-Control: no-cache
Cache-Control: no-store, must-revalidate
Connection: close
Date: Thu, 26 Feb 2015 13:25:11 GMT
Server: nginx
Content-Length: 7376
Content-Type: text/html; charset=UTF-8
Expires: Thu, 26 Feb 2015 13:25:10 GMT
X-Powered-By: PHP/5.4.38
...7376 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: vrazvode.ru
Referer: http://www.google.com/search?q=vrazvode.ru
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: vrazvode.ru
Referer: http://www.google.com/search?q=vrazvode.ru
Result:
The result is similar to the first query. There are no suspicious redirects found.