Scanned pages/files
Request | Server response | Status |
http://dou3-vol.narod.ru/ | 200 OK Content-Length: 16392 Content-Type: text/html | clean |
http://dou3-vol.narod.ru/news.html | 200 OK Content-Length: 15144 Content-Type: text/html | clean |
http://dou3-vol.narod.ru/index.html | 200 OK Content-Length: 16392 Content-Type: text/html | clean |
http://dou3-vol.narod.ru/history.html | 200 OK Content-Length: 12480 Content-Type: text/html | clean |
http://dou3-vol.narod.ru/dokument.html | 200 OK Content-Length: 29085 Content-Type: text/html | clean |
http://dou3-vol.narod.ru/sotrudn.html | 200 OK Content-Length: 38080 Content-Type: text/html | clean |
http://dou3-vol.narod.ru/fotoalbom.html | 200 OK Content-Length: 19672 Content-Type: text/html | clean |
http://dou3-vol.narod.ru/fizich.html | 200 OK Content-Length: 22896 Content-Type: text/html | clean |
http://dou3-vol.narod.ru/poznavat.html | 200 OK Content-Length: 10370 Content-Type: text/html | clean |
http://dou3-vol.narod.ru/fgos.html | 200 OK Content-Length: 19797 Content-Type: text/html | clean |
http://dou3-vol.narod.ru/ecolog.html | 200 OK Content-Length: 19144 Content-Type: text/html | clean |
http://dou3-vol.narod.ru/gb | 200 OK Content-Length: 38049 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) function ban_item(id){if (confirm('ÐÑ Ð´ÐµÐ¹ÑÑвиÑелÑно Ñ
оÑиÑе акÑивиÑоваÑÑ Ð´Ð°Ð½Ð½Ñй маÑеÑиал?')){var img=document.getElementById('bi'+id);img.src='http://s204.ucoz.net/img/fr/EmnAjax.gif';_uPostForm('',{url:'http://dou3-vol.narod.ru/gb/'+id+'-10'});}}function del_item(id){if (confirm('ÐÑ Ð¿Ð¾Ð´ÑвеÑждаеÑе Ñдаление?')){var img=document.getElementById('dib'+id);img.src='http://s204.ucoz.net/img/fr/EmnAjax.gif';_uPostForm('',{url:'http'+' Antivirus reports:
| ||
http://s204.ucoz.net/src/jquery-1.7.2.js | 200 OK Content-Length: 94840 Content-Type: text/javascript | clean |
http://s204.ucoz.net/src/ulightbox/ulightbox.js | 200 OK Content-Length: 39848 Content-Type: text/javascript | clean |
http://s204.ucoz.net/src/uwnd.js?2 | 200 OK Content-Length: 228798 Content-Type: text/javascript | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: dou3-vol.narod.ru
Result:
HTTP/1.1 200 OK
Connection: close
Date: Mon, 14 Apr 2014 05:09:49 GMT
Server: uServ/3.2.2
Content-Type: text/html; charset=UTF-8
GET / HTTP/1.1
Host: dou3-vol.narod.ru
Result:
HTTP/1.1 200 OK
Connection: close
Date: Mon, 14 Apr 2014 05:09:49 GMT
Server: uServ/3.2.2
Content-Type: text/html; charset=UTF-8
Second query (visit from search engine):
GET / HTTP/1.1
Host: dou3-vol.narod.ru
Referer: http://www.google.com/search?q=dou3-vol.narod.ru
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: dou3-vol.narod.ru
Referer: http://www.google.com/search?q=dou3-vol.narod.ru
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=dou3-vol.narod.ru
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://dou3-vol.narod.ru/
Result: dou3-vol.narod.ru is not infected or malware details are not published yet.
Result: dou3-vol.narod.ru is not infected or malware details are not published yet.