Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=en-school2.at.ua
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://en-school2.at.ua/
Result: The website is marked by Yandex as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Yandex as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://en-school2.at.ua/ | 200 OK Content-Length: 92926 Content-Type: text/html | suspicious |
Page code contains blacklisted domain: uvk5.at.ua <html> <head> <meta http-equiv="content-type" content="text/html; charset=UTF-8"> <title>Ð¡Ð°Ð¹Ñ ÑÐºÐ¾Ð»Ñ â2 г.ÐнеÑÐ³Ð¾Ð´Ð°Ñ - ÐÐ»Ð°Ð²Ð½Ð°Ñ ÑÑÑаниÑа</title> <link type="text/css" rel="StyleSheet" href="/.s/src/css/805.css" /> <link type="text/css" rel="StyleSheet" href="http://s23.ucoz.net/src/base.css" /> <link type="text/css" rel="StyleSheet" href="http://s23. ...[4517 bytes skipped]... | ||
http://s23.ucoz.net/src/jquery-1.6.1.js | 200 OK Content-Length: 101532 Content-Type: text/javascript | clean |
http://s23.ucoz.net/src/ulightbox/ulightbox.js | 200 OK Content-Length: 22618 Content-Type: text/javascript | clean |
http://s23.ucoz.net/src/uwnd.js?2 | 200 OK Content-Length: 228554 Content-Type: text/javascript | clean |
http://en-school2.at.ua/widget/?1;1%20%D1%81%D0%B5%D0%BD%D1%82%D1%8F%D0%B1%D1%80%D1%8F%202014%20%D0%B3%D0%BE%D0%B4%D0%B0%20%D0%BD%D0%B0%D1%88%D0%B5%D0%B9%20%D1%88%D0%BA%D0%BE%D0%BB%D0%B5%20%D0%B8%D1%81%D0%BF%D0%BE%D0%BB%D0%BD%D1%8F%D0%B5%D1%82%D1%81%D1%8F%2035%20%D0%BB%D0%B5%D1%82.%20%D0%92%D1%81%D0%B5%D1%85%20%D1%81%20%D1%8E%D0%B1%D0%B8%D0%BB%D0%B5%D0%B5%D0%BC!|FF0000|99FFFF|12|30|left | 200 OK Content-Length: 410 Content-Type: text/javascript | clean |
http://101widgets.com/00020901/160/160 | 200 OK Content-Length: 256 Content-Type: text/html | clean |
http://101widgets.com/test404page.js | 404 Not Found Content-Length: 276 Content-Type: text/html | clean |
http://101widgets.com/00000712/170/222 | 200 OK Content-Length: 256 Content-Type: text/html | clean |
http://en-school2.at.ua/widget/?16;12|3366FF|F6F6F6|FFFFFF|180|1|%D0%93%D0%B0%D0%B7%D0%B5%D1%82%D0%B0%20%22%D0%92%D1%80%D0%B5%D0%BC%D1%8F%20%D0%B8%20%D0%BC%D1%8B%22|http%3A%2F%2Fenvim.info%2F|%D0%9D%D0%9C%D0%A6|http%3A%2F%2Fnmc.at.ua%2F%2F | 200 OK Content-Length: 1209 Content-Type: text/javascript | clean |
http://en-school2.at.ua/widget/?16;12|6666FF|F0F0F0|FFFFFF|180|1|||||%D0%9D%D0%92%D0%9A%20%E2%84%961|http%3A%2F%2Fenvk1.3dn.ru%2F | 200 OK Content-Length: 1169 Content-Type: text/javascript | clean |
http://en-school2.at.ua/widget/?16;12|6666FF|F0F0F0|FFFFFF|180|1|||||||%D0%AD%D0%91%D0%93%20%22%D0%93%D0%B0%D1%80%D0%BC%D0%BE%D0%BD%D0%B8%D1%8F%22|http%3A%2F%2Febggarmoniya.ucoz.ua%2F | 200 OK Content-Length: 1199 Content-Type: text/javascript | clean |
http://en-school2.at.ua/widget/?16;12|6666FF|F0F0F0|FFFFFF|180|1|||||||||%D0%9E%D0%9E%D0%A8%20%E2%84%964|http%3A%2F%2Foosh-4.ucoz.ru%2Fgb%2F | 200 OK Content-Length: 1186 Content-Type: text/javascript | clean |
http://en-school2.at.ua/widget/?16;12|6666FF|E0E0E0|FFFFFF|180|1|||||||||||%D0%9D%D0%92%D0%9A%20%E2%84%965|http%3A%2F%2Fuvk5.at.ua%2F | 200 OK Content-Length: 1185 Content-Type: text/javascript | malicious |
Malicious code found. Script contains blacklisted domain: uvk5.at.ua (function() { var pars=[0,'12','6666FF','E0E0E0','FFFFFF','180','1','','','','','','','','','','','ÐÐÐ â5','http://uvk5.at.ua/']; var mname = "slm_"+Math.round(Math.random() * 10000); document.write("<style type='text/css'> #"+mname+" li a{ color:"+pars[2]+"; text-decoration:none; letter-spacing:1px; font-size:"+pars[1]+"; font-weight:bold; float:left; background-color:"+pars[3]+"; padding-left:3px; line-height:25px; } #"+mname+" { margin:0px; padding:0px; width:"+pars[5]+";} #"+mname+" li{ margin-top:2px; list-style-type:none; clear:both; display:bl ...[734 bytes skipped]... Decoded script: <style type='text/css'> #slm_5925 li a{ color:6666FF; text-decoration:none; letter-spacing:1px; font-size:12; font-weight:bold; float:left; background-color:E0E0E0; padding-left:3px; line-height:25px; } #slm_5925 { margin:0px; padding:0px; width:180;} #slm_5925 li{ margin-top:2px; list-style-type:none; clear:both; display:block; overflow:auto; overflow: -moz-scrollbars-none;} #slm_5925 li div{ float:left; background-color:E0E0E0; overflow-x:hidden; overflow: -moz-scrollbars-none; }</style><ul id="slm_5925"><li><a href="http://uvk5.at.ua/">ÐÐÐ â5</a></li></ul> | ||
http://en-school2.at.ua/widget/?16;12|6666FF|E0E0E0|FFFFFF|180|1|||||||||||||%D0%9E%D0%9E%D0%A8%20%E2%84%966|http%3A%2F%2Foosh6.ucoz.ru%2F | 200 OK Content-Length: 1194 Content-Type: text/javascript | clean |
http://en-school2.at.ua/widget/?16;12|6666FF|F0F0F0|FFFFFF|180|1|||||||||||||%D0%9E%D0%9E%D0%A8%20%E2%84%967|http%3A%2F%2Feoosh7.ucoz.ru%2F | 200 OK Content-Length: 1195 Content-Type: text/javascript | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: en-school2.at.ua
Result:
HTTP/1.1 200 OK
Connection: close
Date: Fri, 19 Sep 2014 21:56:21 GMT
Server: uServ/3.2.2
Content-Length: 92926
Content-Type: text/html; charset=UTF-8
...92926 bytes of data.
GET / HTTP/1.1
Host: en-school2.at.ua
Result:
HTTP/1.1 200 OK
Connection: close
Date: Fri, 19 Sep 2014 21:56:21 GMT
Server: uServ/3.2.2
Content-Length: 92926
Content-Type: text/html; charset=UTF-8
...92926 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: en-school2.at.ua
Referer: http://www.google.com/search?q=en-school2.at.ua
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: en-school2.at.ua
Referer: http://www.google.com/search?q=en-school2.at.ua
Result:
The result is similar to the first query. There are no suspicious redirects found.