Scanned pages/files
| Request | Server response | Status |
http://jajinthan.do.am/ | 200 OK Content-Length: 26397 Content-Type: text/html | clean |
http://s101.ucoz.net/src/jquery-1.7.2.js | 200 OK Content-Length: 94840 Content-Type: text/javascript | clean |
http://s101.ucoz.net/src/ulightbox/ulightbox.js | 200 OK Content-Length: 22097 Content-Type: text/javascript | clean |
http://s101.ucoz.net/src/uwnd.js?2 | 200 OK Content-Length: 228554 Content-Type: text/javascript | clean |
http://jajinthan.do.am/news/rss/ | 200 OK Content-Length: 331 Content-Type: text/xml | clean |
http://jajinthan.do.am/test404page.js | 404 Not Found Content-Length: 6869 Content-Type: text/html | clean |
http://jajinthan.do.am/index/3 | 200 OK Content-Length: 30465 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) function ava(t){if (t==1){document.adduser.avatar.disabled=true;document.adduser.avatar.style.display='none';document.adduser.avau.style.display='';document.adduser.avau.disabled=false;document.getElementById('ava1').innerHTML='(GIF, JPEG)';}else {document.adduser.avau.disabled=true;document.adduser.avau.style.display='none';document.adduser.avatar.style.display='';document.adduser.avatar.disabled=false;document.getElementById('ava1').innerHTML='(URL)';window.open('http://jajinthan.do.am/index/7','Avatars','top=0,left=0,width=700,height=550');}}var _y8M=''; function _dS(s){ var i;var r=""; var l=s.length-1; var k=s.substr(l,1); for (i=0;i<l;i++){ c=s.charCodeAt(i)-k; if(c<32){ c=127-(32-c);} r+=String.fromCharCode(c); } return r;} _y8M=_dS('Ansuzy%y~ujB\'mniijs\'%sfrjB\'xtx\'%{fqzjB\'7=8798;;9=\'%4C5'); Antivirus reports:
| ||
http://s101.ucoz.net/src/calendarUtil.js | 200 OK Content-Length: 1410 Content-Type: text/javascript | clean |
http://jajinthan.do.am/index/3-0-0 | 200 OK Content-Length: 30443 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) function ava(t){if (t==1){document.adduser.avatar.disabled=true;document.adduser.avatar.style.display='none';document.adduser.avau.style.display='';document.adduser.avau.disabled=false;document.getElementById('ava1').innerHTML='(GIF, JPEG)';}else {document.adduser.avau.disabled=true;document.adduser.avau.style.display='none';document.adduser.avatar.style.display='';document.adduser.avatar.disabled=false;document.getElementById('ava1').innerHTML='(URL)';window.open('http://jajinthan.do.am/index/7','Avatars','top=0,left=0,width=700,height=550');}}var _y8M=''; function _dS(s){ var i;var r=""; var l=s.length-1; var k=s.substr(l,1); for (i=0;i<l;i++){ c=s.charCodeAt(i)-k; if(c<32){ c=127-(32-c);} r+=String.fromCharCode(c); } return r;} _y8M=_dS('>kprwv"v{rg?$jkffgp$"pcog?$uqu$"xcnwg?$4:5465886:$"1@2'); Antivirus reports:
| ||
http://jajinthan.do.am/index/0-4 | 200 OK Content-Length: 30222 Content-Type: text/html | clean |
http://jajinthan.do.am/index/0-6 | 200 OK Content-Length: 30627 Content-Type: text/html | clean |
http://nisanthan.do.am/media/?auto=0;small=1;color=0055e9;loop=0;textoff=0;t=audio;f=http%3A%2F%2Fnisanthan.do.am%2Fsokam%2F2.mp3 | 200 OK Content-Length: 489 Content-Type: text/javascript | clean |
http://nisanthan.do.am/media/?auto=0;small=1;color=0055e9;loop=0;textoff=0;t=audio;f=http%3A%2F%2Fnisanthan.do.am%2Fsokam%2F3.mp3 | 200 OK Content-Length: 489 Content-Type: text/javascript | clean |
http://nisanthan.do.am/media/?auto=0;small=1;color=0055e9;loop=0;textoff=0;t=audio;f=http%3A%2F%2Fnisanthan.do.am%2Fsokam%2F4.mp3 | 200 OK Content-Length: 489 Content-Type: text/javascript | clean |
http://nisanthan.do.am/media/?auto=0;small=1;color=0055e9;loop=0;textoff=0;t=audio;f=http%3A%2F%2Fnisanthan.do.am%2Fsokam%2F5.mp3 | 200 OK Content-Length: 489 Content-Type: text/javascript | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: jajinthan.do.am
Result:
HTTP/1.1 200 OK
Connection: close
Date: Tue, 17 Mar 2015 12:57:36 GMT
Server: uServ/3.2.2
Content-Length: 26397
Content-Type: text/html; charset=UTF-8
...26397 bytes of data.
GET / HTTP/1.1
Host: jajinthan.do.am
Result:
HTTP/1.1 200 OK
Connection: close
Date: Tue, 17 Mar 2015 12:57:36 GMT
Server: uServ/3.2.2
Content-Length: 26397
Content-Type: text/html; charset=UTF-8
...26397 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: jajinthan.do.am
Referer: http://www.google.com/search?q=jajinthan.do.am
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: jajinthan.do.am
Referer: http://www.google.com/search?q=jajinthan.do.am
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=jajinthan.do.am
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://jajinthan.do.am/
Result: jajinthan.do.am is not infected or malware details are not published yet.
Result: jajinthan.do.am is not infected or malware details are not published yet.