Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=notebook-net.ru
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://notebook-net.ru/
Result: The website is marked by Yandex as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Yandex as suspicious. - visiting this web site may harm your computer.
Details are available here.
Malicious/Suspicious Redirects
Request | Server response | Status |
URL: http://notebook-net.ru/ (imitation of visitor from search engine) GET / HTTP/1.1 Host: notebook-net.ru Referer: http://www.google.com/search?q=redirect+check1 | HTTP/1.1 302 Found Connection: close Date: Sun, 13 Jul 2014 04:15:12 GMT Location: http://www.caribsoft-online.biz/templates/rhuk_solarflare_ii/images/index.php Server: nginx/1.2.9 Vary: Accept-Encoding Content-Length: 0 Content-Type: text/html; charset=UTF-8 X-Powered-By: PHP/5.2.17 | malicious |
URL: http://www.caribsoft-online.biz/templates/rhuk_solarflare_ii/images/index.php (imitation of visitor from search engine) GET /templates/rhuk_solarflare_ii/images/index.php HTTP/1.1 Host: www.caribsoft-online.biz Referer: http://www.google.com/search?q=redirect+check2 | HTTP/1.1 302 Moved Temporarily Connection: close Date: Sun, 13 Jul 2014 04:15:13 GMT Location: http://avicennahealth.org/templates/beez/html/mod_poll/1/all.php Server: nginx/1.6.0 Content-Length: 0 Content-Type: text/html | suspicious |
Scanned pages/files
Request | Server response | Status |
http://notebook-net.ru/ | 200 OK Content-Length: 26064 Content-Type: text/html | clean |
http://notebook-net.ru/media/system/js/caption.js | 200 OK Content-Length: 1963 Content-Type: application/x-javascript | clean |
http://pagead2.googlesyndication.com/pagead/show_ads.js | 200 OK Content-Length: 21241 Content-Type: text/javascript | clean |
http://counter.rambler.ru/top100.jcn?2398601 | 200 OK Content-Length: 6853 Content-Type: application/x-javascript | clean |
http://notebook-net.ru/index.php/sitemap.html | 200 OK Content-Length: 29402 Content-Type: text/html | clean |
http://notebook-net.ru/index.php/about-blog-menu.html | 200 OK Content-Length: 18699 Content-Type: text/html | clean |
http://odnaknopka.ru/ok3.js | 502 Bad Gateway Content-Length: 575 Content-Type: text/html | clean |
http://odnaknopka.ru/test404page.js | 200 OK Content-Length: 7582 Content-Type: text/html | clean |
http://vk.com/js/api/share.js?11 | 200 OK Content-Length: 10156 Content-Type: application/x-javascript | clean |
http://cdn.connect.mail.ru/js/loader.js | 200 OK Content-Length: 4120 Content-Type: application/x-javascript | clean |
http://odnaknopka.ru//mc.yandex.ru/metrika/watch.js/ | 200 OK Content-Length: 7582 Content-Type: text/html | clean |
https://w.uptolike.com/widgets/v1/zp.js?pid=634776 | 200 OK Content-Length: 36672 Content-Type: text/javascript | clean |
http://odnaknopka.ru/get.html?rel=header | 200 OK Content-Length: 16057 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) if(document.getElementsByClassName == undefined) { document.getElementsByClassName = function(cl) { var retnode = []; var myclass = new RegExp('\\b'+cl+'\\b'); var elem = this.getElementsByTagName('*'); for (var i = 0; i < elem.length; i++) { var classes = elem[i].className; if (myclass.test(classes)) { retnode.push(elem[i]); } } return retnode; } } } Antivirus reports:
| ||
http://odnaknopka.ru/ok4.js | 502 Bad Gateway Content-Length: 575 Content-Type: text/html | clean |
http://odnaknopka.ru/ok4.utf8.js | 200 OK Content-Length: 20269 Content-Type: application/x-javascript | malicious |
Malicious code - confirmed by antiviruses (see below) function urlencode (str) {
str = (str + '').toString(); return encodeURIComponent(str).replace(/!/g, '%21').replace(/'/g, '%27').replace(/\(/g, '%28'). replace(/\)/g, '%29').replace(/\*/g, '%2A').replace(/%20/g, '+'); } window.is = function(informerElement){ if(informerElement.className.search(' bottom') != -1) { if(informerElement.className.search(' center') != -1) informerElement.style.left = '-450px window.ifw = newEl; window.informerAttachEvents(); } }; window.informerAttachEvents = function(){ window.ifw.onmouseover = function(e){ window.is(window.ifw.firstChild); }; window.ifw.onmouseout = function(e){ window.ih(window.ifw.firstChild); }; }; if(window.informerPosition) window.ifw(window.informerPosition.vert, window.informerPosition.hor); Antivirus reports:
|