Scanned pages/files
| Request | Server response | Status |
http://evsyutkinyicu.narod.ru/693.html | 200 OK Content-Length: 21659 Content-Type: text/html | suspicious |
Suspicious code. Script contains iFrame. document.write(unescape(' %3C%73%63%72%69%70%74%3E%0A%76%61%72%20%74%65%6D%70%3D%22%22%2C%69%2C%63%3D%30%2C%6F%75%74%3D%22%22%3B%20%76%61%72%20%73%74%72%3D%22%36%30%21%31%31%35%21%39%39%21%31%31%34%21%31%30%35%21%31%31%32%21%31%31%36%21%36%32%21%31%30%21%31%31%38%21%39%37%21%31%31%34%21%33%32%21%31%31%36%21%31%30%31%21%31%30%39%21%31%31%32%21%36%31%21%33%34%21%33%34%21%34%34%21%31%30%35%21%34%34%21%39%39%21%36%31%21%34%38%21%34%34%21%31%31%31 ...[3552 bytes skipped]... Decoded script: <table align=center> <tr> <td> <iframe src='http://advertix.ru/go/go.php?sid=7' id="myFrame" frameborder="0" vspace="0" hspace="0" marginwidth="0" marginheight="0" width="800" scrolling="no" height="450" > </iframe> </td> </tr> </table> <tr> <td> <iframe src='http://advertix.ru/go/go.php?sid=7' id="myFrame" frameborder="0" vspace="0" hspace="0" marginwidth="0" marginheight="0" width="800" scrolling="no" ...[383 bytes skipped]... | ||
http://s207.ucoz.net/cgi/uutils.fcg?a=get_preroll_cookie&r=0.681686372598417 | 200 OK Content-Length: 25 Content-Type: application/javascript | clean |
http://evsyutkinyicu.narod.ru/abnl/?adsdata=TqyzwpgebuVL3QwIKBzd1jEzIqOtwj1RkzNBYEq8Nn48fbq9YZw2s3qaxiRVLAkDnsq5fxZ5zVgbhsESKnYaOnLbP9h4DwJ24w0nBSpm2gzavk61s;h4yFRf3FY3jSvjl0VHM6bwxCFGvggbEPWBwtjPJUl^^HgxUbkuS2gCgVgYEtVQkw61mXLOm96T4ycAvxIa3Uoo | 200 OK Content-Length: 2509 Content-Type: application/javascript | clean |
http://evsyutkinyicu.narod.ru/871.html | 200 OK Content-Length: 20096 Content-Type: text/html | suspicious |
Suspicious code. Script contains iFrame. document.write(unescape(' %3C%73%63%72%69%70%74%3E%0A%76%61%72%20%74%65%6D%70%3D%22%22%2C%69%2C%63%3D%30%2C%6F%75%74%3D%22%22%3B%20%76%61%72%20%73%74%72%3D%22%36%30%21%31%31%35%21%39%39%21%31%31%34%21%31%30%35%21%31%31%32%21%31%31%36%21%36%32%21%31%30%21%31%31%38%21%39%37%21%31%31%34%21%33%32%21%31%31%36%21%31%30%31%21%31%30%39%21%31%31%32%21%36%31%21%33%34%21%33%34%21%34%34%21%31%30%35%21%34%34%21%39%39%21%36%31%21%34%38%21%34%34%21%31%31%31 ...[3552 bytes skipped]... Decoded script: <table align=center> <tr> <td> <iframe src='http://advertix.ru/go/go.php?sid=7' id="myFrame" frameborder="0" vspace="0" hspace="0" marginwidth="0" marginheight="0" width="800" scrolling="no" height="450" > </iframe> </td> </tr> </table> <tr> <td> <iframe src='http://advertix.ru/go/go.php?sid=7' id="myFrame" frameborder="0" vspace="0" hspace="0" marginwidth="0" marginheight="0" width="800" scrolling="no" ...[383 bytes skipped]... | ||
http://s207.ucoz.net/cgi/uutils.fcg?a=get_preroll_cookie&r=0.514562548464252 | 200 OK Content-Length: 25 Content-Type: application/javascript | clean |
http://evsyutkinyicu.narod.ru/abnl/?adsdata=f0DR;danBACiwpu4hlhvCEt;Gds9rSBE1KJK7XcD1WC479n9!4P55exM5J^14kXzn2f0GcLspFivhqeamyBfPsU4D8hEAZEYGaHCD7tKK0Z20u2IKL7ZGmimp17gWbYt6GQhhrD5UFx8F6rQXkLFQJBHe2vTv1Tqj^6ssCXNZNZRQlRbYYVAPDjXZD12AKPfBk2uRW0;7V;o | 200 OK Content-Length: 2525 Content-Type: application/javascript | clean |
http://evsyutkinyicu.narod.ru/905.html | 200 OK Content-Length: 23754 Content-Type: text/html | suspicious |
Suspicious code. Script contains iFrame. document.write(unescape(' %3C%73%63%72%69%70%74%3E%0A%76%61%72%20%74%65%6D%70%3D%22%22%2C%69%2C%63%3D%30%2C%6F%75%74%3D%22%22%3B%20%76%61%72%20%73%74%72%3D%22%36%30%21%31%31%35%21%39%39%21%31%31%34%21%31%30%35%21%31%31%32%21%31%31%36%21%36%32%21%31%30%21%31%31%38%21%39%37%21%31%31%34%21%33%32%21%31%31%36%21%31%30%31%21%31%30%39%21%31%31%32%21%36%31%21%33%34%21%33%34%21%34%34%21%31%30%35%21%34%34%21%39%39%21%36%31%21%34%38%21%34%34%21%31%31%31 ...[3552 bytes skipped]... Decoded script: <table align=center> <tr> <td> <iframe src='http://advertix.ru/go/go.php?sid=7' id="myFrame" frameborder="0" vspace="0" hspace="0" marginwidth="0" marginheight="0" width="800" scrolling="no" height="450" > </iframe> </td> </tr> </table> <tr> <td> <iframe src='http://advertix.ru/go/go.php?sid=7' id="myFrame" frameborder="0" vspace="0" hspace="0" marginwidth="0" marginheight="0" width="800" scrolling="no" ...[383 bytes skipped]... | ||
http://s207.ucoz.net/cgi/uutils.fcg?a=get_preroll_cookie&r=0.1951047649356 | 200 OK Content-Length: 25 Content-Type: application/javascript | clean |
http://evsyutkinyicu.narod.ru/abnl/?adsdata=8ivQ685aAU;ZhnWEbS4n1AKvaOD;ewiTmc3NSzgF^hH^nWhweu!ncm14iFkLkpnI;1A2q9fyW;dqL6HJ2rlXdGf2Udc4qHpN14xEpr^S!sjwpPVXtjgNl0VvXLxzNOLvDgcUE0nQQRwuQ7mZfhptuAnBcaiz5cW0KcCs720dmuJE2e47k!R^ccqAv!SwPAz!!Xah3;oo | 200 OK Content-Length: 2509 Content-Type: application/javascript | clean |
http://evsyutkinyicu.narod.ru/648.html | 200 OK Content-Length: 21177 Content-Type: text/html | suspicious |
Suspicious code. Script contains iFrame. document.write(unescape(' %3C%73%63%72%69%70%74%3E%0A%76%61%72%20%74%65%6D%70%3D%22%22%2C%69%2C%63%3D%30%2C%6F%75%74%3D%22%22%3B%20%76%61%72%20%73%74%72%3D%22%36%30%21%31%31%35%21%39%39%21%31%31%34%21%31%30%35%21%31%31%32%21%31%31%36%21%36%32%21%31%30%21%31%31%38%21%39%37%21%31%31%34%21%33%32%21%31%31%36%21%31%30%31%21%31%30%39%21%31%31%32%21%36%31%21%33%34%21%33%34%21%34%34%21%31%30%35%21%34%34%21%39%39%21%36%31%21%34%38%21%34%34%21%31%31%31 ...[3552 bytes skipped]... Decoded script: <table align=center> <tr> <td> <iframe src='http://advertix.ru/go/go.php?sid=7' id="myFrame" frameborder="0" vspace="0" hspace="0" marginwidth="0" marginheight="0" width="800" scrolling="no" height="450" > </iframe> </td> </tr> </table> <tr> <td> <iframe src='http://advertix.ru/go/go.php?sid=7' id="myFrame" frameborder="0" vspace="0" hspace="0" marginwidth="0" marginheight="0" width="800" scrolling="no" ...[383 bytes skipped]... | ||
http://s207.ucoz.net/cgi/uutils.fcg?a=get_preroll_cookie&r=0.409141487647393 | 200 OK Content-Length: 25 Content-Type: application/javascript | clean |
http://evsyutkinyicu.narod.ru/abnl/?adsdata=Tj31VR7DI5ZA08b1bIB8reNL^OSK2KDnYftV2j^MZmHrKKkjADXwXLl2b1cOx4L^RaZ62zUCnbbRccKFZ8jHD7B!Q7NN55ur97h8Dqbj!3HvaQOEjBHZII1DqPD5MZmv9c5MkeDctUslY!FazY;2EcXR2KweCNmga!CNLP1q5AhNxi9P24aDti^PwjtIUFTtkXIhpUoo | 200 OK Content-Length: 2513 Content-Type: application/javascript | clean |
http://evsyutkinyicu.narod.ru/675.html | 200 OK Content-Length: 23648 Content-Type: text/html | suspicious |
Suspicious code. Script contains iFrame. document.write(unescape(' %3C%73%63%72%69%70%74%3E%0A%76%61%72%20%74%65%6D%70%3D%22%22%2C%69%2C%63%3D%30%2C%6F%75%74%3D%22%22%3B%20%76%61%72%20%73%74%72%3D%22%36%30%21%31%31%35%21%39%39%21%31%31%34%21%31%30%35%21%31%31%32%21%31%31%36%21%36%32%21%31%30%21%31%31%38%21%39%37%21%31%31%34%21%33%32%21%31%31%36%21%31%30%31%21%31%30%39%21%31%31%32%21%36%31%21%33%34%21%33%34%21%34%34%21%31%30%35%21%34%34%21%39%39%21%36%31%21%34%38%21%34%34%21%31%31%31 ...[3552 bytes skipped]... Decoded script: <table align=center> <tr> <td> <iframe src='http://advertix.ru/go/go.php?sid=7' id="myFrame" frameborder="0" vspace="0" hspace="0" marginwidth="0" marginheight="0" width="800" scrolling="no" height="450" > </iframe> </td> </tr> </table> <tr> <td> <iframe src='http://advertix.ru/go/go.php?sid=7' id="myFrame" frameborder="0" vspace="0" hspace="0" marginwidth="0" marginheight="0" width="800" scrolling="no" ...[383 bytes skipped]... | ||
http://s207.ucoz.net/cgi/uutils.fcg?a=get_preroll_cookie&r=0.721931460787175 | 200 OK Content-Length: 25 Content-Type: application/javascript | clean |
http://evsyutkinyicu.narod.ru/abnl/?adsdata=;pjtnnpBHSCNwrqP;mvWVzx2Ld4552EdhhRgaT3KdBTSQr8nXqu7emydnp;SaPhnXxkB2MmVwzxMmy2NrAOaIrff7E44m0b7xXp85CqqDpTFM^IF0QmCUP78Rb^aBWwhmbgaB8z!Av!CkatFyTMQRG7U^2gdZ;6rxZIc!ib4lsA^H3D8RcCXz517jgC^WthIFVIhuUoo | 200 OK Content-Length: 2525 Content-Type: application/javascript | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: evsyutkinyicu.narod.ru
Result:
GET / HTTP/1.1
Host: evsyutkinyicu.narod.ru
Result:
Second query (visit from search engine):
GET / HTTP/1.1
Host: evsyutkinyicu.narod.ru
Referer: http://www.google.com/search?q=evsyutkinyicu.narod.ru
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: evsyutkinyicu.narod.ru
Referer: http://www.google.com/search?q=evsyutkinyicu.narod.ru
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=evsyutkinyicu.narod.ru
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://evsyutkinyicu.narod.ru/
Result: evsyutkinyicu.narod.ru is not infected or malware details are not published yet.
Result: evsyutkinyicu.narod.ru is not infected or malware details are not published yet.