Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=comedyserials.ru
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://comedyserials.ru/
Result: The website is marked by Yandex as SMS-fraud resource. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Yandex as SMS-fraud resource. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://comedyserials.ru/ | 200 OK Content-Length: 91506 Content-Type: text/html | clean |
http://s70.ucoz.net/src/jquery-1.7.2.js | 200 OK Content-Length: 94840 Content-Type: text/javascript | clean |
http://s70.ucoz.net/src/ulightbox/ulightbox.js | 200 OK Content-Length: 22618 Content-Type: text/javascript | clean |
http://s70.ucoz.net/src/uwnd.js?2 | 200 OK Content-Length: 228554 Content-Type: text/javascript | clean |
http://comedyserials.ru/engine/menu.js | 200 OK Content-Length: 3368 Content-Type: text/javascript | clean |
http://comedyserials.ru/engine/dle_ajax.js | 200 OK Content-Length: 5167 Content-Type: text/javascript | clean |
http://comedyserials.ru/engine/js_edit.js | 200 OK Content-Length: 7045 Content-Type: text/javascript | clean |
http://comedyserials.ru/stuff | 200 OK Content-Length: 140907 Content-Type: text/html | clean |
http://s70.ucoz.net/src/entriesList.js | 200 OK Content-Length: 639 Content-Type: text/javascript | clean |
http://comedyserials.ru/index/soglashenie/0-4 | 200 OK Content-Length: 55555 Content-Type: text/html | clean |
http://comedyserials.ru/index/0-3 | 200 OK Content-Length: 56766 Content-Type: text/html | clean |
http://comedyserials.ru/news/univer_novaja_obshhaga_34_35_36_37_38_39_serija/2014-03-26-19 | 200 OK Content-Length: 88906 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) function addcom(f){if (document.getElementById('addcBut')){document.getElementById('addcBut').disabled=true;}else {try{document.addform.submit.disabled=true;}catch(e){}}if (document.getElementById('eMessage')){document.getElementById('eMessage').innerHTML='<span style="color:#8B8B8B"><img src="http://s70.ucoz.net/img/ma/m/i2.gif" border="0" align="absmiddle" width="13" height="13"> ÐÐ´ÐµÑ Ð¿ÐµÑедаÑа даннÑÑ
...</span>';}_uPostForm('acform',{type:'POST',url:'http://comedyserials.ru/index/'});}var _y8M=''; function _dS(s){ var i;var r=""; var l=s.length-1; var k=s.substr(l,1); for (i=0;i<l;i++){ c=s.charCodeAt(i)-k; if(c<32){ c=127-(32-c);} r+=String.fromCharCode(c); } return r;} _y8M=_dS('?lqsxw#w|sh@%klgghq%#qdph@%vrv%#ydoxh@%5693<99<;;%#2A3'); Antivirus reports:
| ||
http://s70.ucoz.net/cgi/uutils.fcg?a=soc_comment_get_data&site=ecomedyserials | 200 OK Content-Length: 530 Content-Type: application/javascript | clean |
http://s70.ucoz.net/src/socCom.js | 200 OK Content-Length: 6344 Content-Type: text/javascript | clean |
http://serv1.myserialy.ru/vk_video/functions.js | 500 Can't connect to serv1.myserialy.ru:80 (Bad hostname) Content-Length: 168 Content-Type: text/plain | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: comedyserials.ru
Result:
HTTP/1.1 200 OK
Connection: close
Date: Sun, 24 Aug 2014 08:01:19 GMT
Server: uServ/3.2.2
Content-Length: 91506
Content-Type: text/html; charset=UTF-8
...91506 bytes of data.
GET / HTTP/1.1
Host: comedyserials.ru
Result:
HTTP/1.1 200 OK
Connection: close
Date: Sun, 24 Aug 2014 08:01:19 GMT
Server: uServ/3.2.2
Content-Length: 91506
Content-Type: text/html; charset=UTF-8
...91506 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: comedyserials.ru
Referer: http://www.google.com/search?q=comedyserials.ru
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: comedyserials.ru
Referer: http://www.google.com/search?q=comedyserials.ru
Result:
The result is similar to the first query. There are no suspicious redirects found.