Scanned pages/files
| Request | Server response | Status |
http://potaptosverin.narod.ru/224_id.html | 200 OK Content-Length: 25236 Content-Type: text/html | suspicious |
Suspicious code. Script contains iFrame. document.write(unescape(' %3C%73%63%72%69%70%74%3E%0A%76%61%72%20%74%65%6D%70%3D%22%22%2C%69%2C%63%3D%30%2C%6F%75%74%3D%22%22%3B%20%76%61%72%20%73%74%72%3D%22%36%30%21%31%31%35%21%39%39%21%31%31%34%21%31%30%35%21%31%31%32%21%31%31%36%21%36%32%21%31%30%21%31%31%38%21%39%37%21%31%31%34%21%33%32%21%31%31%36%21%31%30%31%21%31%30%39%21%31%31%32%21%36%31%21%33%34%21%33%34%21%34%34%21%31%30%35%21%34%34%21%39%39%21%36%31%21%34%38%21%34%34%21%31%31%31 ...[3552 bytes skipped]... Decoded script: <table align=center> <tr> <td> <iframe src='http://advertix.ru/go/go.php?sid=7' id="myFrame" frameborder="0" vspace="0" hspace="0" marginwidth="0" marginheight="0" width="800" scrolling="no" height="450" > </iframe> </td> </tr> </table> <tr> <td> <iframe src='http://advertix.ru/go/go.php?sid=7' id="myFrame" frameborder="0" vspace="0" hspace="0" marginwidth="0" marginheight="0" width="800" scrolling="no" ...[383 bytes skipped]... | ||
http://s205.ucoz.net/cgi/uutils.fcg?a=get_preroll_cookie&r=0.427114688994564 | 200 OK Content-Length: 25 Content-Type: application/javascript | clean |
http://potaptosverin.narod.ru/abnl/?adsdata=gF6Q;z7WiLVMfnIX0vkFS8vWydq6l!sacR8T8J5vMSdLNKHgqNO7AfJ;xN9h^C1tUHyIN!bSqh5w6t1jcfSMGBxL^51etLLEsN74Ob;yGKh7O8NkLhB0vk^09eLn3xJPPseC;r4LWajO6Wd3O5XIqqGhj8xXymik!3uyO7mTw68L1kxdabbzUHwGse^CU3xDn0Ut;RZOD;oo | 200 OK Content-Length: 2525 Content-Type: application/javascript | clean |
http://potaptosverin.narod.ru/907_id.html | 200 OK Content-Length: 25306 Content-Type: text/html | suspicious |
Suspicious code. Script contains iFrame. document.write(unescape(' %3C%73%63%72%69%70%74%3E%0A%76%61%72%20%74%65%6D%70%3D%22%22%2C%69%2C%63%3D%30%2C%6F%75%74%3D%22%22%3B%20%76%61%72%20%73%74%72%3D%22%36%30%21%31%31%35%21%39%39%21%31%31%34%21%31%30%35%21%31%31%32%21%31%31%36%21%36%32%21%31%30%21%31%31%38%21%39%37%21%31%31%34%21%33%32%21%31%31%36%21%31%30%31%21%31%30%39%21%31%31%32%21%36%31%21%33%34%21%33%34%21%34%34%21%31%30%35%21%34%34%21%39%39%21%36%31%21%34%38%21%34%34%21%31%31%31 ...[3552 bytes skipped]... Decoded script: <table align=center> <tr> <td> <iframe src='http://advertix.ru/go/go.php?sid=7' id="myFrame" frameborder="0" vspace="0" hspace="0" marginwidth="0" marginheight="0" width="800" scrolling="no" height="450" > </iframe> </td> </tr> </table> <tr> <td> <iframe src='http://advertix.ru/go/go.php?sid=7' id="myFrame" frameborder="0" vspace="0" hspace="0" marginwidth="0" marginheight="0" width="800" scrolling="no" ...[383 bytes skipped]... | ||
http://s205.ucoz.net/cgi/uutils.fcg?a=get_preroll_cookie&r=0.492741022270909 | 200 OK Content-Length: 25 Content-Type: application/javascript | clean |
http://potaptosverin.narod.ru/abnl/?adsdata=^kumhXARlHIqyvuYH;jUld8xh8ncSt2urUT6DDTx19X05b5HOgSMBEsnCmkS44R09kQjdmClMjrIqPRmA3sMJfFQY;SUZLnQz97VdPcUdcXzwr3xMzZh;QM4MxYtQCAgX^6Hnzu2ABHh4hxzRSYvTSnF!dIVQ4TQcRjbc3pqcll;LBKFBqJtLpzZSW6EGrDEWOyuUgoo | 200 OK Content-Length: 2521 Content-Type: application/javascript | clean |
http://potaptosverin.narod.ru/853_id.html | 200 OK Content-Length: 27675 Content-Type: text/html | suspicious |
Suspicious code. Script contains iFrame. document.write(unescape(' %3C%73%63%72%69%70%74%3E%0A%76%61%72%20%74%65%6D%70%3D%22%22%2C%69%2C%63%3D%30%2C%6F%75%74%3D%22%22%3B%20%76%61%72%20%73%74%72%3D%22%36%30%21%31%31%35%21%39%39%21%31%31%34%21%31%30%35%21%31%31%32%21%31%31%36%21%36%32%21%31%30%21%31%31%38%21%39%37%21%31%31%34%21%33%32%21%31%31%36%21%31%30%31%21%31%30%39%21%31%31%32%21%36%31%21%33%34%21%33%34%21%34%34%21%31%30%35%21%34%34%21%39%39%21%36%31%21%34%38%21%34%34%21%31%31%31 ...[3552 bytes skipped]... Decoded script: <table align=center> <tr> <td> <iframe src='http://advertix.ru/go/go.php?sid=7' id="myFrame" frameborder="0" vspace="0" hspace="0" marginwidth="0" marginheight="0" width="800" scrolling="no" height="450" > </iframe> </td> </tr> </table> <tr> <td> <iframe src='http://advertix.ru/go/go.php?sid=7' id="myFrame" frameborder="0" vspace="0" hspace="0" marginwidth="0" marginheight="0" width="800" scrolling="no" ...[383 bytes skipped]... | ||
http://s205.ucoz.net/cgi/uutils.fcg?a=get_preroll_cookie&r=0.283037373473359 | 200 OK Content-Length: 25 Content-Type: application/javascript | clean |
http://potaptosverin.narod.ru/abnl/?adsdata=dcYnSRtK^XAemrZY6JsJP1jQGam;I;rrRQEEl3JHcaIp4v79LVHBKz42IYwhcGeLGyzIGX4Ol21z9L20Q8mpsrVirTPA9Y32PJpcjDZgneQyqZS86^bH76jeNB!0A;wPZwUvPQKyqW;Re6j7dztljKEAi98e14fheLSDmwLEpDYgn0uHu2;gQUi8eYtr8mP8Zn7m3k2J | 200 OK Content-Length: 2509 Content-Type: application/javascript | clean |
http://potaptosverin.narod.ru/687_id.html | 200 OK Content-Length: 27233 Content-Type: text/html | suspicious |
Suspicious code. Script contains iFrame. document.write(unescape(' %3C%73%63%72%69%70%74%3E%0A%76%61%72%20%74%65%6D%70%3D%22%22%2C%69%2C%63%3D%30%2C%6F%75%74%3D%22%22%3B%20%76%61%72%20%73%74%72%3D%22%36%30%21%31%31%35%21%39%39%21%31%31%34%21%31%30%35%21%31%31%32%21%31%31%36%21%36%32%21%31%30%21%31%31%38%21%39%37%21%31%31%34%21%33%32%21%31%31%36%21%31%30%31%21%31%30%39%21%31%31%32%21%36%31%21%33%34%21%33%34%21%34%34%21%31%30%35%21%34%34%21%39%39%21%36%31%21%34%38%21%34%34%21%31%31%31 ...[3552 bytes skipped]... Decoded script: <table align=center> <tr> <td> <iframe src='http://advertix.ru/go/go.php?sid=7' id="myFrame" frameborder="0" vspace="0" hspace="0" marginwidth="0" marginheight="0" width="800" scrolling="no" height="450" > </iframe> </td> </tr> </table> <tr> <td> <iframe src='http://advertix.ru/go/go.php?sid=7' id="myFrame" frameborder="0" vspace="0" hspace="0" marginwidth="0" marginheight="0" width="800" scrolling="no" ...[383 bytes skipped]... | ||
http://s205.ucoz.net/cgi/uutils.fcg?a=get_preroll_cookie&r=0.817822387335266 | 200 OK Content-Length: 25 Content-Type: application/javascript | clean |
http://potaptosverin.narod.ru/abnl/?adsdata=TCymTMd6^DQLdf;7iC0e4JZezNbGKHpXHBbbf3my!7sXFAXDP7mK6ePeqrZyrc!Td2iEQlki!IG^4^9e9V9h0OG0xM9JIqmUzqci4gzTz8bWmNg2k0IQAEyj1zjFgfFFuRWTbDFH5EVerOPIkbrzRMuZEzxi0NpycOsst4ROi9WEHFHUjR4aLilH59v4AgjPYiDp0Uoo | 200 OK Content-Length: 2513 Content-Type: application/javascript | clean |
http://potaptosverin.narod.ru/762_id.html | 200 OK Content-Length: 24265 Content-Type: text/html | suspicious |
Suspicious code. Script contains iFrame. document.write(unescape(' %3C%73%63%72%69%70%74%3E%0A%76%61%72%20%74%65%6D%70%3D%22%22%2C%69%2C%63%3D%30%2C%6F%75%74%3D%22%22%3B%20%76%61%72%20%73%74%72%3D%22%36%30%21%31%31%35%21%39%39%21%31%31%34%21%31%30%35%21%31%31%32%21%31%31%36%21%36%32%21%31%30%21%31%31%38%21%39%37%21%31%31%34%21%33%32%21%31%31%36%21%31%30%31%21%31%30%39%21%31%31%32%21%36%31%21%33%34%21%33%34%21%34%34%21%31%30%35%21%34%34%21%39%39%21%36%31%21%34%38%21%34%34%21%31%31%31 ...[3552 bytes skipped]... Decoded script: <table align=center> <tr> <td> <iframe src='http://advertix.ru/go/go.php?sid=7' id="myFrame" frameborder="0" vspace="0" hspace="0" marginwidth="0" marginheight="0" width="800" scrolling="no" height="450" > </iframe> </td> </tr> </table> <tr> <td> <iframe src='http://advertix.ru/go/go.php?sid=7' id="myFrame" frameborder="0" vspace="0" hspace="0" marginwidth="0" marginheight="0" width="800" scrolling="no" ...[383 bytes skipped]... | ||
http://s205.ucoz.net/cgi/uutils.fcg?a=get_preroll_cookie&r=0.697895128267827 | 200 OK Content-Length: 25 Content-Type: application/javascript | clean |
http://potaptosverin.narod.ru/abnl/?adsdata=EwbzYTSVERKmyM7D5OKpp2SjVN!ymYxzhEw5!CfKRdBwrNpOGH29gM;dEMhSf1SmZLcL83UGKC0qJMiX^0fZ8tsnlF069sdr6Pt7wU9eGkr2OmphIlZdgbJuXbgV9^nMQ^;8Ru51AFuE8j3KxvgQgWmIkVG2QnSddcQROejAkTmyFGXkMUIIZuVclSJiH8wJtAB;PqYxnbFo | 200 OK Content-Length: 2541 Content-Type: application/javascript | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: potaptosverin.narod.ru
Result:
GET / HTTP/1.1
Host: potaptosverin.narod.ru
Result:
Second query (visit from search engine):
GET / HTTP/1.1
Host: potaptosverin.narod.ru
Referer: http://www.google.com/search?q=potaptosverin.narod.ru
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: potaptosverin.narod.ru
Referer: http://www.google.com/search?q=potaptosverin.narod.ru
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=potaptosverin.narod.ru
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://potaptosverin.narod.ru/
Result: potaptosverin.narod.ru is not infected or malware details are not published yet.
Result: potaptosverin.narod.ru is not infected or malware details are not published yet.