Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=samar.com.ua
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://samar.com.ua/
Result: The website is marked by Yandex as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Yandex as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
| Request | Server response | Status |
http://samar.com.ua/ | 200 OK Content-Length: 32478 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) var vk = { ads_rotate_interval: 120000, al: parseInt('3') || 4, intnat: '1' ? true : false, lang: 0, rtl: parseInt('') || 0, version: 12939, loginscheme: 'https', ip_h: '6ce9fc67b719165839', id: parseInt('0'), nodomain: '' } var StaticFiles = { 'lite.js' : {v: 68}, 'lite.css' : {v: 21}, 'ie6.css' : {v: 26}, 'ie7.css' : {v: 18} ,'lang0_0.js':{v:6471},'api/xdm.js':{v:1},'api/widgets/al_comments.js':{v:80},'widget_comments.css':{v:59} } Antivirus reports:
| ||
http://samar.com.ua/jquery-l.htm | 200 OK Content-Length: 311 Content-Type: text/html | clean |
http://samar.com.ua/test404page.js | 404 Not Found Content-Length: 32478 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) var vk = { ads_rotate_interval: 120000, al: parseInt('3') || 4, intnat: '1' ? true : false, lang: 0, rtl: parseInt('') || 0, version: 12939, loginscheme: 'https', ip_h: '6ce9fc67b719165839', id: parseInt('0'), nodomain: '' } var StaticFiles = { 'lite.js' : {v: 68}, 'lite.css' : {v: 21}, 'ie6.css' : {v: 26}, 'ie7.css' : {v: 18} ,'lang0_0.js':{v:6471},'api/xdm.js':{v:1},'api/widgets/al_comments.js':{v:80},'widget_comments.css':{v:59} } Antivirus reports:
| ||
http://samar.com.ua/function.htm | 200 OK Content-Length: 311 Content-Type: text/html | clean |
http://samar.com.ua/jquery00.js | 200 OK Content-Length: 310 Content-Type: application/javascript | clean |
http://samar.com.ua/jqueryui.js | 200 OK Content-Length: 310 Content-Type: application/javascript | clean |
http://samar.com.ua/ddaccord.js | 200 OK Content-Length: 310 Content-Type: application/javascript | clean |
http://samar.com.ua/alibs000.js | 200 OK Content-Length: 310 Content-Type: application/javascript | clean |
http://samar.com.ua/jquery01.js | 200 OK Content-Length: 310 Content-Type: application/javascript | clean |
http://samar.com.ua/scripts0.js | 200 OK Content-Length: 310 Content-Type: application/javascript | clean |
http://samar.com.ua/script_j.js | 200 OK Content-Length: 310 Content-Type: application/javascript | clean |
http://samar.com.ua/js_edit_.htm | 200 OK Content-Length: 311 Content-Type: text/html | clean |
http://samar.com.ua/highslid.htm | 200 OK Content-Length: 311 Content-Type: text/html | clean |
http://samar.com.ua/jquery02.js | 200 OK Content-Length: 93866 Content-Type: application/javascript | clean |
http://samar.com.ua/main0000.js | 200 OK Content-Length: 1772 Content-Type: application/javascript | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: samar.com.ua
Result:
HTTP/1.1 200 OK
Connection: close
Date: Wed, 16 Jul 2014 08:39:09 GMT
Server: Apache/2.2.22 (Ubuntu)
Vary: Accept-Encoding
Content-Type: text/html
X-Powered-By: PHP/5.3.10-1ubuntu3.9
GET / HTTP/1.1
Host: samar.com.ua
Result:
HTTP/1.1 200 OK
Connection: close
Date: Wed, 16 Jul 2014 08:39:09 GMT
Server: Apache/2.2.22 (Ubuntu)
Vary: Accept-Encoding
Content-Type: text/html
X-Powered-By: PHP/5.3.10-1ubuntu3.9
Second query (visit from search engine):
GET / HTTP/1.1
Host: samar.com.ua
Referer: http://www.google.com/search?q=samar.com.ua
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: samar.com.ua
Referer: http://www.google.com/search?q=samar.com.ua
Result:
The result is similar to the first query. There are no suspicious redirects found.