Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=moda-retro.ru
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://www.moda-retro.ru/ | 200 OK Content-Length: 33098 Content-Type: text/html | suspicious |
Page code contains blacklisted domain: mobapeople.com <!DOCTYPE html> <script type='text/javascript'> function resizeFrame(){ var WX,WY,BX,BY; var o=document.getElementById("iFaFxxv1Jm"),t,d; if (!o) return; d=o.contentDocument; if (!(t=d.getElementById("wrapperXaFxxv1Jm"))) WX=0; else WX=t.value; if (!(t=d.getElementById("wrapperYaFxxv1Jm"))) WY=0; else WY=t.value; if (!(t=d.getElementById("bannerXaFxxv1Jm"))) BX=0; else BX=t.value; ...[4212 bytes skipped]... | ||
http://mobapeople.com/8v0n2hh3me28xrp1gld0d0112cr70j11 | 200 OK Content-Length: 7945 Content-Type: text/javascript | clean |
http://s86.ucoz.net/src/jquery-1.7.2.js | 200 OK Content-Length: 94840 Content-Type: text/javascript | clean |
http://s86.ucoz.net/src/ulightbox/ulightbox.js | 200 OK Content-Length: 22618 Content-Type: text/javascript | clean |
http://s86.ucoz.net/src/uwnd.js?2 | 200 OK Content-Length: 228554 Content-Type: text/javascript | suspicious |
Page code contains blacklisted domain: pics.smotri.com jQuery.ajaxSettings.traditional=true; /* * jQuery Form Plugin * version: 3.17 (25-SEP-2012) * @requires jQuery v1.3.2 or later * * Examples and documentation at: http://malsup.com/jquery/form/ * Project repository: https://github.com/malsup/form * Dual licensed under the MIT and GPL licenses: * http://malsup.github.com/mit-license.txt * http://malsup.github.com/gpl-license-v2.txt */ (funct ...[3752 bytes skipped]... | ||
http://qwertypay.com/any/shop_tovar/2/qwertypaycom.js?aff=blakmore&color=DCDCDC&blocks=7&width=180 | 200 OK Content-Length: 238 Content-Type: text/html | clean |
http://qwertypay.com/test404page.js | HTTP/1.1 200 OK Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Connection: close Date: Fri, 05 Sep 2014 20:26:33 GMT Pragma: no-cache Server: nginx Vary: Accept-Encoding Content-Type: text/html;charset=UTF-8 Expires: Thu, 19 Nov 1981 08:52:00 GMT Set-Cookie: QWERTYPAY=c963fffc552f02cc7dab6fb73280e1ba; path=/ | clean |
http://qwertypay.com/ | 200 OK Content-Length: 24347 Content-Type: text/html | clean |
http://qwertypay.com/js/jquery-1.4.4.min.js | 200 OK Content-Length: 86207 Content-Type: application/x-javascript | clean |
http://qwertypay.com/js/pages.js | 200 OK Content-Length: 4048 Content-Type: application/x-javascript | clean |
http://qwertypay.com/js/cameraz.js | 200 OK Content-Length: 4538 Content-Type: application/x-javascript | clean |
http://qwertypay.com/js/camera.min.js | 200 OK Content-Length: 39035 Content-Type: application/x-javascript | clean |
http://qwertypay.com/js/jquery-ui.min.js | 200 OK Content-Length: 200719 Content-Type: application/x-javascript | clean |
http://qwertypay.com/js/superfish.js | 200 OK Content-Length: 2683 Content-Type: application/x-javascript | clean |
http://qwertypay.com/js/scripts.js | 200 OK Content-Length: 1640 Content-Type: application/x-javascript | clean |
http://qwertypay.com/js/fx.js | 200 OK Content-Length: 1133 Content-Type: application/x-javascript | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: moda-retro.ru
Result:
GET / HTTP/1.1
Host: moda-retro.ru
Result:
Second query (visit from search engine):
GET / HTTP/1.1
Host: moda-retro.ru
Referer: http://www.google.com/search?q=moda-retro.ru
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: moda-retro.ru
Referer: http://www.google.com/search?q=moda-retro.ru
Result:
The result is similar to the first query. There are no suspicious redirects found.