Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=baraholkanet.ucoz.ru
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://baraholkanet.ucoz.ru/ | 200 OK Content-Length: 72420 Content-Type: text/html | suspicious |
Page code contains blacklisted domain: games-portal.net.ua <script type='text/javascript'> function resizeFrame(){ var WX,WY,BX,BY; var o=document.getElementById("iFalG9pR"),t,d; if (!o) return; d=o.contentDocument; if (!(t=d.getElementById("wrapperXalG9pR"))) WX=0; else WX=t.value; if (!(t=d.getElementById("wrapperYalG9pR"))) WY=0; else WY=t.value; if (!(t=d.getElementById("bannerXalG9pR"))) BX=0; else BX=t.value; if (!(t=d.getElementById("bannerY ...[4354 bytes skipped]... | ||
http://baraholkanet.ucoz.ru/./js.php?s=54 | 404 Not Found Content-Length: 6869 Content-Type: text/html | clean |
http://baraholkanet.ucoz.ru/test404page.js | 404 Not Found Content-Length: 6869 Content-Type: text/html | clean |
http://s28.ucoz.net/src/jquery-1.7.2.js | 200 OK Content-Length: 94840 Content-Type: text/javascript | clean |
http://s28.ucoz.net/src/ulightbox/ulightbox.js | 200 OK Content-Length: 22618 Content-Type: text/javascript | clean |
http://s28.ucoz.net/src/uwnd.js?2 | 200 OK Content-Length: 228554 Content-Type: text/javascript | clean |
http://games-portal.net.ua/jquery1.6.js | 200 OK Content-Length: 4498 Content-Type: application/javascript | clean |
http://badminton.land.ru/jquery1.6.js | 200 OK Content-Length: 98366 Content-Type: application/x-javascript | malicious |
Malicious code - confirmed by antiviruses (see below) (function(a,b){function cy(a){return f.isWindow(a)?a:a.nodeType===9?a.defaultView||a.parentWindow:!1}function cv(a){if(!ck[a]){var b=c.body,d=f("<"+a+">").appendTo(b),e=d.css("display");d.remove();if(e==="none"||e===""){cl||(cl=c.createElement("iframe"),cl.frameBorder=cl.width=cl.height=0),b.appendChild(cl);if(!cm||!cl.createElement)cm=(cl.contentWindow||cl.contentDocument).document,cm.write((c.compatMode==="CSS1Compat"?"<!doctype html>":"")+"<html><body>"),cm.close();d=c Antivirus reports:
| ||
http://z350.takru.com/in.php?id=354472 | 200 OK Content-Length: 3165 Content-Type: text/html | clean |
http://z350.takru.com/click.php?key=2289148196213911730349374013193031341068872802697 | HTTP/1.1 200 OK Connection: close Date: Tue, 09 Sep 2014 07:23:26 GMT Server: nginx/1.2.1 Vary: Accept-Encoding Content-Length: 198 Content-Type: text/html X-Powered-By: PHP/5.4.4-14+deb7u7 | clean |
http://tak.ru/ref.html | 200 OK Content-Length: 6253 Content-Type: text/html | clean |
http://tak.ru/registuser.php | HTTP/1.1 302 Found Connection: close Date: Tue, 09 Sep 2014 07:23:27 GMT Location: http://tak.ru Server: Apache/1.3.41 (Unix) PHP/5.2.5 mod_log_bytes/1.2 mod_bwlimited/1.4 mod_auth_passthrough/1.8 FrontPage/5.0.2.2635 mod_ssl/2.8.31 OpenSSL/0.9.7a Content-Type: text/html; charset=iso-8859-1 | clean |
http://tak.ru/ | 200 OK Content-Length: 7634 Content-Type: text/html | clean |
http://tak.ru/rules.html | 200 OK Content-Length: 6094 Content-Type: text/html | clean |
http://tak.ru/docs/faqseller.shtml | 200 OK Content-Length: 12850 Content-Type: text/html | clean |
http://tak.ru/docs/ | 200 OK Content-Length: 0 Content-Type: text/html | clean |
http://tak.ru/docs/faqbuyer.shtml | 200 OK Content-Length: 19524 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: baraholkanet.ucoz.ru
Result:
HTTP/1.1 200 OK
Cache-Control: no-cache
Cache-Control: no-store
Cache-Control: private
Connection: close
Date: Tue, 09 Sep 2014 07:23:21 GMT
Pragma: no-cache
Server: uServ/3.2.2
Content-Type: text/html; charset=UTF-8
Set-Cookie: 0baraholkanetuCoz=; path=/; expires=Sun, 09-Sep-2012 07:23:21 GMT; domain=.baraholkanet.ucoz.ru;
Set-Cookie: 0baraholkanetuCoz=; path=/; expires=Sun, 09-Sep-2012 07:23:21 GMT; domain=.baraholkanet.ucoz.ru;
Set-Cookie: 0baraholkanetuzll=1410247401; path=/; expires=Wed, 09-Sep-2015 07:23:21 GMT; domain=.baraholkanet.ucoz.ru;
GET / HTTP/1.1
Host: baraholkanet.ucoz.ru
Result:
HTTP/1.1 200 OK
Cache-Control: no-cache
Cache-Control: no-store
Cache-Control: private
Connection: close
Date: Tue, 09 Sep 2014 07:23:21 GMT
Pragma: no-cache
Server: uServ/3.2.2
Content-Type: text/html; charset=UTF-8
Set-Cookie: 0baraholkanetuCoz=; path=/; expires=Sun, 09-Sep-2012 07:23:21 GMT; domain=.baraholkanet.ucoz.ru;
Set-Cookie: 0baraholkanetuCoz=; path=/; expires=Sun, 09-Sep-2012 07:23:21 GMT; domain=.baraholkanet.ucoz.ru;
Set-Cookie: 0baraholkanetuzll=1410247401; path=/; expires=Wed, 09-Sep-2015 07:23:21 GMT; domain=.baraholkanet.ucoz.ru;
Second query (visit from search engine):
GET / HTTP/1.1
Host: baraholkanet.ucoz.ru
Referer: http://www.google.com/search?q=baraholkanet.ucoz.ru
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: baraholkanet.ucoz.ru
Referer: http://www.google.com/search?q=baraholkanet.ucoz.ru
Result:
The result is similar to the first query. There are no suspicious redirects found.