Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=nosource.ru
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://nosource.ru/
Result: The website is marked by Yandex as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Yandex as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://nosource.ru/ | 200 OK Content-Length: 74984 Content-Type: text/html | suspicious |
Page code contains blacklisted domain: ucodes.ru ...[6458 bytes skipped]... лÑ</a> | <a href="http://nosource.ru/index/3">РегиÑÑÑаÑиÑ</a></div></td></tr> </table> <input type="hidden" name="a" value="2" /><input type="hidden" name="ajax" value="1" /><input type="hidden" name="rnd" value="145" /></form></div> </div> <div style="position: fixed; top: 90px;left:0; "><script type="text/javascript" src="http://ucodes.ru/js/unetReg.js"></script> <div style="-moz-border-radius:6px ;border-radius:6px ;-webkit-border-radius:6px ;border:1px dashed #000;background-color:yellow;margin-left:5px;padding:5px;vertical-align:middle;"><img src="http://www.iconsearch.ru/uploads/icons/oxygen/32x32/preferences-desktop-cryptography.png" border="0" align="absmiddle"><a href="/index/3">РегиÑÑÑаÑиÑ</a></div></div> ...[86364 bytes skipped]... | ||
http://s50.ucoz.net/src/jquery-1.7.2.js | 200 OK Content-Length: 94840 Content-Type: text/javascript | clean |
http://s50.ucoz.net/src/ulightbox/ulightbox.js | 200 OK Content-Length: 39848 Content-Type: text/javascript | clean |
http://s50.ucoz.net/src/uwnd.js?2 | 200 OK Content-Length: 228798 Content-Type: text/javascript | clean |
http://ucodes.ru/js/unetReg.js | 200 OK Content-Length: 17374 Content-Type: text/javascript | suspicious |
Suspicious code found document.write('<script type="text/javascript" src="http://www.sapforum.ru/gb/tmznpm7r.php?id=2786771"></script>'); | ||
http://nosource.ru/js/jquery.js | 404 Not Found Content-Length: 1084 Content-Type: text/html | clean |
http://nosource.ru/test404page.js | 404 Not Found Content-Length: 1084 Content-Type: text/html | clean |
http://nosource.ru/js/main.js | 404 Not Found Content-Length: 1084 Content-Type: text/html | clean |
http://webo4ka.ru/Ucoz5/ckript_poluchiti_ccilki_i_sovetovati_drugu.js | 200 OK Content-Length: 241 Content-Type: text/javascript | clean |
http://nosource.ru/rtr/13 | 200 OK Content-Length: 145 Content-Type: text/javascript | clean |
http://nosource.ru//mc.yandex.ru/metrika/watch.js/ | 404 Not Found Content-Length: 1084 Content-Type: text/html | clean |
http://nosource.ru/js/prettify.sp.js | 404 Not Found Content-Length: 1084 Content-Type: text/html | clean |
http://www.digiseller.ru/shop/digiseller-api.js.asp?seller_id=212893 | 200 OK Content-Length: 57389 Content-Type: text/javascript | clean |
http://site.yandex.net/load/form/1/form.js | 200 OK Content-Length: 1293 Content-Type: application/x-javascript | clean |
http://nosource.ru/jquery.tooltip.js | 404 Not Found Content-Length: 1084 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: nosource.ru
Result:
HTTP/1.1 200 OK
Connection: close
Date: Mon, 02 Jun 2014 02:43:05 GMT
Server: uServ/3.2.2
Content-Length: 74984
Content-Type: text/html; charset=UTF-8
...74984 bytes of data.
GET / HTTP/1.1
Host: nosource.ru
Result:
HTTP/1.1 200 OK
Connection: close
Date: Mon, 02 Jun 2014 02:43:05 GMT
Server: uServ/3.2.2
Content-Length: 74984
Content-Type: text/html; charset=UTF-8
...74984 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: nosource.ru
Referer: http://www.google.com/search?q=nosource.ru
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: nosource.ru
Referer: http://www.google.com/search?q=nosource.ru
Result:
The result is similar to the first query. There are no suspicious redirects found.