Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=bdk.ru
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://bdk.ru/
Result: The website is marked by Yandex as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Yandex as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://bdk.ru/ | 200 OK Content-Length: 9387 Content-Type: text/html | clean |
http://bdk.ru/images/script.js | 200 OK Content-Length: 16672 Content-Type: application/x-javascript | malicious |
Malicious code - confirmed by antiviruses (see below) var docType = "HTML"; var isSafari = navigator.appVersion && navigator.appVersion.indexOf("Safari",0)>=0; var IE = (document.all) ? true : false; if(navigator.userAgent.indexOf("Opera") != -1) var O = true; var agent = navigator.userAgent; var version = parseFloat(navigator.appVersion); var isOpera = agent.indexOf("Opera") > -1; var isIE = agent.indexOf("compatible") > -1 && agent.indexOf("MSIE") > -1 && !isOpera; Antivirus reports:
| ||
http://bdk.ru/images/ajax.js | 200 OK Content-Length: 4679 Content-Type: application/x-javascript | malicious |
Malicious code - confirmed by antiviruses (see below) function updateCallback(xmlHttp, parm) { var txt = xmlHttp.responseText; var elm = document.getElementById( parm ); if( !elm ) return; elm.innerHTML = txt; } function formembers(ln) { var url = base_url + "ajax.members.php?ln=" + ln ; AjaxRequestData( updateCallback, "members", false, url, null ); } function NewAjaxObject() { var xmlHttp; try { xmlHttp=new XMLHttpRequest(); } catch (e) { try { xmlHttp=new Antivirus reports:
| ||
http://bdk.ru/js/jquery-1.6.2.min.js | 200 OK Content-Length: 94005 Content-Type: application/x-javascript | clean |
http://bdk.ru/statistika_js.php | 200 OK Content-Length: 152 Content-Type: text/javascript | clean |
http://bdk.ru/test404page.js | 404 Not Found Content-Length: 351 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: bdk.ru
Result:
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Wed, 08 Oct 2014 10:11:29 GMT
Pragma: no-cache
Server: DataPalm/3.5
Content-Type: text/html; charset=utf-8
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Set-Cookie: PHPSESSID=e30d25bc32411632a07066b87dd2702d; path=/
GET / HTTP/1.1
Host: bdk.ru
Result:
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Wed, 08 Oct 2014 10:11:29 GMT
Pragma: no-cache
Server: DataPalm/3.5
Content-Type: text/html; charset=utf-8
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Set-Cookie: PHPSESSID=e30d25bc32411632a07066b87dd2702d; path=/
Second query (visit from search engine):
GET / HTTP/1.1
Host: bdk.ru
Referer: http://www.google.com/search?q=bdk.ru
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: bdk.ru
Referer: http://www.google.com/search?q=bdk.ru
Result:
The result is similar to the first query. There are no suspicious redirects found.