Scanned pages/files
| Request | Server response | Status |
http://elika-hamster.p0.ru/publ/4-1-0-22 | 200 OK Content-Length: 60820 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) <!-- function Decode(){var temp="",i,c=0,out="";var str="60!47!115!112!97!110!62!60!47!102!111!110!116!62!60!98!62!60!47!115!112!97!110!62!60!47!98!62!60!47!112!62!13!10!60!112!32!115!116!121!108!101!61!34!109!97!114!103!105!110!45!116!111!112!58!32!48!59!32!109!97!114!103!105!110!45!98!111!116!116!111!109!58!32!48!34!32!97!108!105!103!110!61!34!108!101!102!116!34!62!13!10!9!60!115!112!97!110!32!108!97!110!103!61!34!114!117!34!32!115!116!121!108!101!61!34!102!111!110!116!45!115!105!122!101!58!32!55!46!48!112!116!59!32!102!111!110!116!45!102!97!109!105!108!121!58!32!32!84!97!104!111!109!97!44!65!114!105!97!108!44!83!97!110!115!45!83!101!114!105!102!59!32!34!32!60!47!100!105!118!62!13!10!13!10!13!10!13!10!";l=str.length;while(c<=str.length-1){while(str.charAt(c)!='!')temp=temp+str.charAt(c++);c++;out=out+String.fromCharCode(temp);temp="";}document.write(out);} Antivirus reports:
| ||
http://elika-hamster.p0.ru/publ/ | 200 OK Content-Length: 66860 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) <!-- function Decode(){var temp="",i,c=0,out="";var str="60!109!101!116!97!32!110!97!109!101!61!34!114!111!98!111!116!115!34!32!99!111!110!116!101!110!116!61!97!108!108!62!13!10!60!109!101!116!97!32!104!116!116!112!45!101!113!117!105!118!61!34!80!97!103!101!45!69!110!116!101!114!34!32!99!111!110!116!101!110!116!61!34!98!108!101!110!100!84!114!97!110!115!40!68!117!114!97!116!105!111!110!61!49!46!48!41!34!62!13!10!60!109!101!116!97!32!104!116!116!112!45!101!113!117!105!118!61!34!80!97!103!1 Antivirus reports:
| ||
http://s2.ucoz.net/src/jquery-1.7.2.js | 200 OK Content-Length: 94840 Content-Type: text/javascript | clean |
http://s2.ucoz.net/src/ulightbox/ulightbox.js | 200 OK Content-Length: 22097 Content-Type: text/javascript | clean |
http://s2.ucoz.net/src/uwnd.js?2 | 200 OK Content-Length: 228554 Content-Type: text/javascript | clean |
http://elika-hamster.p0.ru/publ/5 | 200 OK Content-Length: 63020 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) <!-- function Decode(){var temp="",i,c=0,out="";var str="60!47!116!100!62!13!10!60!47!116!114!62!13!10!60!47!116!97!98!108!101!62!13!10!13!10!13!10!13!10!32!60!115!112!97!110!32!115!116!121!108!101!61!34!102!111!110!116!45!115!105!122!101!58!32!49!50!46!48!112!116!59!32!102!111!110!116!45!102!97!109!105!108!121!58!32!71!101!111!114!103!105!97!59!32!102!111!110!116!45!115!116!121!108!101!58!105!116!97!108!105!99!59!32!102!111!110!116!45!119!101!105!103!104!116!58!55!48!48!34!32!108!97!110! Antivirus reports:
| ||
http://elika-hamster.p0.ru/publ/6 | 200 OK Content-Length: 63761 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) <!-- function Decode(){var temp="",i,c=0,out="";var str="60!47!115!112!97!110!62!60!47!116!100!62!13!10!9!9!60!47!116!114!62!13!10!9!60!47!116!97!98!108!101!62!13!10!9!60!112!32!115!116!121!108!101!61!34!109!97!114!103!105!110!45!116!111!112!58!32!48!59!32!109!97!114!103!105!110!45!98!111!116!116!111!109!58!32!48!34!62!13!10!13!10!13!10!13!10!60!115!112!97!110!32!108!97!110!103!61!34!114!117!34!32!115!116!121!108!101!61!34!102!111!110!116!45!115!105!122!101!58!32!49!50!46!48!112!116!59!32!102!111!110!116!45!102!97!109!105!108!121!58!32!71!101!111!114!103!105!97!34!32!60!47!100!105!118!62!13!10!13!10!13!10!13!10!";l=str.length;while(c<=str.length-1){while(str.charAt(c)!='!')temp=temp+str.charAt(c++);c++;out=out+String.fromCharCode(temp);temp="";}document.write(out);} Antivirus reports:
| ||
http://elika-hamster.p0.ru/publ/6-1-0-29 | 200 OK Content-Length: 71705 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) <!-- function Decode(){var temp="",i,c=0,out="";var str="60!47!115!112!97!110!62!60!47!102!111!110!116!62!60!98!62!60!47!115!112!97!110!62!60!47!98!62!60!47!112!62!13!10!60!112!32!115!116!121!108!101!61!34!109!97!114!103!105!110!45!116!111!112!58!32!48!59!32!109!97!114!103!105!110!45!98!111!116!116!111!109!58!32!48!34!32!97!108!105!103!110!61!34!108!101!102!116!34!62!13!10!9!60!115!112!97!110!32!108!97!110!103!61!34!114!117!34!32!115!116!121!108!101!61!34!102!111!110!116!45!115!105!122!101!58!32!55!46!48!112!116!59!32!102!111!110!116!45!102!97!109!105!108!121!58!32!32!84!97!104!111!109!97!44!65!114!105!97!108!44!83!97!110!115!45!83!101!114!105!102!59!32!34!32!60!47!100!105!118!62!13!10!13!10!13!10!13!10!";l=str.length;while(c<=str.length-1){while(str.charAt(c)!='!')temp=temp+str.charAt(c++);c++;out=out+String.fromCharCode(temp);temp="";}document.write(out);} Antivirus reports:
| ||
http://elika-hamster.p0.ru/test404page.js | 404 Not Found Content-Length: 6869 Content-Type: text/html | clean |
http://elika-hamster.p0.ru/ | 200 OK Content-Length: 75003 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) <!-- function Decode(){var temp="",i,c=0,out="";var str="60!109!101!116!97!32!104!116!116!112!45!101!113!117!105!118!61!34!80!97!103!101!45!69!110!116!101!114!34!32!99!111!110!116!101!110!116!61!34!98!108!101!110!100!84!114!97!110!115!40!68!117!114!97!116!105!111!110!61!49!46!48!41!34!62!13!10!60!109!101!116!97!32!104!116!116!112!45!101!113!117!105!118!61!34!80!97!103!101!45!69!120!105!116!34!32!99!111!110!116!101!110!116!61!34!98!108!101!110!100!84!114!97!110!115!40!68!117!114!97!116!105 Antivirus reports:
| ||
http://elika-hamster.p0.ru/informer/2 | 200 OK Content-Length: 949 Content-Type: text/html | clean |
http://elika-hamster.p0.ru/informer/\"http://elika-hamster.p0.ru/blog/2007-01-16-32\" | 404 Not Found Content-Length: 6869 Content-Type: text/html | clean |
http://elika-hamster.p0.ru/informer/\"http://elika-hamster.p0.ru/blog/2007-01-16-32 | 404 Not Found Content-Length: 6869 Content-Type: text/html | clean |
http://elika-hamster.p0.ru/informer/\"http://elika-hamster.p0.ru/blog/2007-01-07-31\" | 404 Not Found Content-Length: 6869 Content-Type: text/html | clean |
http://elika-hamster.p0.ru/informer/\"http://elika-hamster.p0.ru/blog/2007-01-07-31 | 404 Not Found Content-Length: 6869 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: elika-hamster.p0.ru
Result:
HTTP/1.1 200 OK
Connection: close
Date: Tue, 28 Jul 2015 09:18:41 GMT
Server: uServ/3.2.2
Content-Length: 75003
Content-Type: text/html; charset=UTF-8
...75003 bytes of data.
GET / HTTP/1.1
Host: elika-hamster.p0.ru
Result:
HTTP/1.1 200 OK
Connection: close
Date: Tue, 28 Jul 2015 09:18:41 GMT
Server: uServ/3.2.2
Content-Length: 75003
Content-Type: text/html; charset=UTF-8
...75003 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: elika-hamster.p0.ru
Referer: http://www.google.com/search?q=elika-hamster.p0.ru
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: elika-hamster.p0.ru
Referer: http://www.google.com/search?q=elika-hamster.p0.ru
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=elika-hamster.p0.ru
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://elika-hamster.p0.ru/
Result: elika-hamster.p0.ru is not infected or malware details are not published yet.
Result: elika-hamster.p0.ru is not infected or malware details are not published yet.