Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=urax.ru
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://urax.ru/
Result: The website is marked by Yandex as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Yandex as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://urax.ru/ | 200 OK Content-Length: 109827 Content-Type: text/html | suspicious |
Suspicious code. Script contains iFrame. (function(){ var D=new Date(),d=document,b='body',ce='createElement',ac='appendChild',st='style',ds='display',n='none',gi='getElementById'; var i=d[ce]('iframe');i[st][ds]=n;d[gi]("MarketGidScriptRootC564417")[ac](i);try{var iw=i.contentWindow.document;iw.open();iw.writeln("<ht"+"ml><bo"+"dy></bo"+"dy></ht"+"ml>");iw.close();var c=iw[b];} catch(e){var iw=d;var c=d[gi]("MarketGidScriptRootC564417");}var dv=iw[ce]('div');dv.id="MG_ID";dv[st][ds]=n;dv.innerHTML=564417;c[ac](dv); var s=iw[ce]('script');s.async='async';s.defer='defer';s.charset='utf-8';s.src="http://jsc.marketgid.com/u/r/urax.ru.564417.js?t="+D.getYear()+D.getMonth()+D.getDate()+D.getHours();c[ac](s);})(); | ||
http://st.pc.adonweb.ru/js/adv_out.js | 200 OK Content-Length: 8094 Content-Type: application/x-javascript | clean |
http://urax.ru/index.php | 200 OK Content-Length: 110395 Content-Type: text/html | suspicious |
Suspicious code. Script contains iFrame. (function(){ var D=new Date(),d=document,b='body',ce='createElement',ac='appendChild',st='style',ds='display',n='none',gi='getElementById'; var i=d[ce]('iframe');i[st][ds]=n;d[gi]("MarketGidScriptRootC564417")[ac](i);try{var iw=i.contentWindow.document;iw.open();iw.writeln("<ht"+"ml><bo"+"dy></bo"+"dy></ht"+"ml>");iw.close();var c=iw[b];} catch(e){var iw=d;var c=d[gi]("MarketGidScriptRootC564417");}var dv=iw[ce]('div');dv.id="MG_ID";dv[st][ds]=n;dv.innerHTML=564417;c[ac](dv); var s=iw[ce]('script');s.async='async';s.defer='defer';s.charset='utf-8';s.src="http://jsc.marketgid.com/u/r/urax.ru.564417.js?t="+D.getYear()+D.getMonth()+D.getDate()+D.getHours();c[ac](s);})(); | ||
http://urax.ru/index.php?option=com_content&view=category&layout=blog&id=241&Itemid=370 | 200 OK Content-Length: 84286 Content-Type: text/html | suspicious |
Suspicious code. Script contains iFrame. (function(){ var D=new Date(),d=document,b='body',ce='createElement',ac='appendChild',st='style',ds='display',n='none',gi='getElementById'; var i=d[ce]('iframe');i[st][ds]=n;d[gi]("MarketGidScriptRootC564417")[ac](i);try{var iw=i.contentWindow.document;iw.open();iw.writeln("<ht"+"ml><bo"+"dy></bo"+"dy></ht"+"ml>");iw.close();var c=iw[b];} catch(e){var iw=d;var c=d[gi]("MarketGidScriptRootC564417");}var dv=iw[ce]('div');dv.id="MG_ID";dv[st][ds]=n;dv.innerHTML=564417;c[ac](dv); var s=iw[ce]('script');s.async='async';s.defer='defer';s.charset='utf-8';s.src="http://jsc.marketgid.com/u/r/urax.ru.564417.js?t="+D.getYear()+D.getMonth()+D.getDate()+D.getHours();c[ac](s);})(); | ||
http://urax.ru/index.php?option=com_content&view=article&id=531:online-h1&catid=241:---live-tv--uxix-eter&Itemid=439 | 200 OK Content-Length: 89750 Content-Type: text/html | suspicious |
Suspicious code. Script contains iFrame. (function(){ var D=new Date(),d=document,b='body',ce='createElement',ac='appendChild',st='style',ds='display',n='none',gi='getElementById'; var i=d[ce]('iframe');i[st][ds]=n;d[gi]("MarketGidScriptRootC564418")[ac](i);try{var iw=i.contentWindow.document;iw.open();iw.writeln("<ht"+"ml><bo"+"dy></bo"+"dy></ht"+"ml>");iw.close();var c=iw[b];} catch(e){var iw=d;var c=d[gi]("MarketGidScriptRootC564418");}var dv=iw[ce]('div');dv.id="MG_ID";dv[st][ds]=n;dv.innerHTML=564418;c[ac](dv); var s=iw[ce]('script');s.async='async';s.defer='defer';s.charset='utf-8';s.src="http://jsc.marketgid.com/u/r/urax.ru.564418.js?t="+D.getYear()+D.getMonth()+D.getDate()+D.getHours();c[ac](s);})(); | ||
http://connect.facebook.net/ru_RU/all.js | 200 OK Content-Length: 167599 Content-Type: application/x-javascript | clean |
http://urax.ru/index.php?option=com_content&view=article&id=1061:shant-tv-&catid=241:---live-tv--uxix-eter&Itemid=439 | 200 OK Content-Length: 89898 Content-Type: text/html | suspicious |
Suspicious code. Script contains iFrame. (function(){ var D=new Date(),d=document,b='body',ce='createElement',ac='appendChild',st='style',ds='display',n='none',gi='getElementById'; var i=d[ce]('iframe');i[st][ds]=n;d[gi]("MarketGidScriptRootC564418")[ac](i);try{var iw=i.contentWindow.document;iw.open();iw.writeln("<ht"+"ml><bo"+"dy></bo"+"dy></ht"+"ml>");iw.close();var c=iw[b];} catch(e){var iw=d;var c=d[gi]("MarketGidScriptRootC564418");}var dv=iw[ce]('div');dv.id="MG_ID";dv[st][ds]=n;dv.innerHTML=564418;c[ac](dv); var s=iw[ce]('script');s.async='async';s.defer='defer';s.charset='utf-8';s.src="http://jsc.marketgid.com/u/r/urax.ru.564418.js?t="+D.getYear()+D.getMonth()+D.getDate()+D.getHours();c[ac](s);})(); | ||
http://urax.ru/index.php?option=com_content&view=article&id=2047:armenia-tv&catid=241:---live-tv--uxix-eter&Itemid=439 | 200 OK Content-Length: 89377 Content-Type: text/html | suspicious |
Suspicious code. Script contains iFrame. (function(){ var D=new Date(),d=document,b='body',ce='createElement',ac='appendChild',st='style',ds='display',n='none',gi='getElementById'; var i=d[ce]('iframe');i[st][ds]=n;d[gi]("MarketGidScriptRootC564418")[ac](i);try{var iw=i.contentWindow.document;iw.open();iw.writeln("<ht"+"ml><bo"+"dy></bo"+"dy></ht"+"ml>");iw.close();var c=iw[b];} catch(e){var iw=d;var c=d[gi]("MarketGidScriptRootC564418");}var dv=iw[ce]('div');dv.id="MG_ID";dv[st][ds]=n;dv.innerHTML=564418;c[ac](dv); var s=iw[ce]('script');s.async='async';s.defer='defer';s.charset='utf-8';s.src="http://jsc.marketgid.com/u/r/urax.ru.564418.js?t="+D.getYear()+D.getMonth()+D.getDate()+D.getHours();c[ac](s);})(); | ||
http://urax.ru/index.php?option=com_content&view=article&id=2045:a1-tv&catid=241:---live-tv--uxix-eter&Itemid=439 | 200 OK Content-Length: 89698 Content-Type: text/html | suspicious |
Suspicious code. Script contains iFrame. (function(){ var D=new Date(),d=document,b='body',ce='createElement',ac='appendChild',st='style',ds='display',n='none',gi='getElementById'; var i=d[ce]('iframe');i[st][ds]=n;d[gi]("MarketGidScriptRootC564418")[ac](i);try{var iw=i.contentWindow.document;iw.open();iw.writeln("<ht"+"ml><bo"+"dy></bo"+"dy></ht"+"ml>");iw.close();var c=iw[b];} catch(e){var iw=d;var c=d[gi]("MarketGidScriptRootC564418");}var dv=iw[ce]('div');dv.id="MG_ID";dv[st][ds]=n;dv.innerHTML=564418;c[ac](dv); var s=iw[ce]('script');s.async='async';s.defer='defer';s.charset='utf-8';s.src="http://jsc.marketgid.com/u/r/urax.ru.564418.js?t="+D.getYear()+D.getMonth()+D.getDate()+D.getHours();c[ac](s);})(); | ||
http://urax.ru/index.php?option=com_content&view=article&id=9657:online-watch-live-armenian-tv------&catid=241:---live-tv--uxix-eter&Itemid=439 | 200 OK Content-Length: 89594 Content-Type: text/html | suspicious |
Suspicious code. Script contains iFrame. (function(){ var D=new Date(),d=document,b='body',ce='createElement',ac='appendChild',st='style',ds='display',n='none',gi='getElementById'; var i=d[ce]('iframe');i[st][ds]=n;d[gi]("MarketGidScriptRootC564418")[ac](i);try{var iw=i.contentWindow.document;iw.open();iw.writeln("<ht"+"ml><bo"+"dy></bo"+"dy></ht"+"ml>");iw.close();var c=iw[b];} catch(e){var iw=d;var c=d[gi]("MarketGidScriptRootC564418");}var dv=iw[ce]('div');dv.id="MG_ID";dv[st][ds]=n;dv.innerHTML=564418;c[ac](dv); var s=iw[ce]('script');s.async='async';s.defer='defer';s.charset='utf-8';s.src="http://jsc.marketgid.com/u/r/urax.ru.564418.js?t="+D.getYear()+D.getMonth()+D.getDate()+D.getHours();c[ac](s);})(); | ||
http://urax.ru/index.php?option=com_content&view=article&id=9653:online-watch-arm-music-tv------&catid=241:---live-tv--uxix-eter&Itemid=439 | 200 OK Content-Length: 89739 Content-Type: text/html | suspicious |
Suspicious code. Script contains iFrame. (function(){ var D=new Date(),d=document,b='body',ce='createElement',ac='appendChild',st='style',ds='display',n='none',gi='getElementById'; var i=d[ce]('iframe');i[st][ds]=n;d[gi]("MarketGidScriptRootC564418")[ac](i);try{var iw=i.contentWindow.document;iw.open();iw.writeln("<ht"+"ml><bo"+"dy></bo"+"dy></ht"+"ml>");iw.close();var c=iw[b];} catch(e){var iw=d;var c=d[gi]("MarketGidScriptRootC564418");}var dv=iw[ce]('div');dv.id="MG_ID";dv[st][ds]=n;dv.innerHTML=564418;c[ac](dv); var s=iw[ce]('script');s.async='async';s.defer='defer';s.charset='utf-8';s.src="http://jsc.marketgid.com/u/r/urax.ru.564418.js?t="+D.getYear()+D.getMonth()+D.getDate()+D.getHours();c[ac](s);})(); | ||
http://urax.ru/index.php?option=com_content&view=article&id=9654:online-watch-shoghakat-tv-----&catid=241:---live-tv--uxix-eter&Itemid=439 | 200 OK Content-Length: 89750 Content-Type: text/html | suspicious |
Suspicious code. Script contains iFrame. (function(){ var D=new Date(),d=document,b='body',ce='createElement',ac='appendChild',st='style',ds='display',n='none',gi='getElementById'; var i=d[ce]('iframe');i[st][ds]=n;d[gi]("MarketGidScriptRootC564418")[ac](i);try{var iw=i.contentWindow.document;iw.open();iw.writeln("<ht"+"ml><bo"+"dy></bo"+"dy></ht"+"ml>");iw.close();var c=iw[b];} catch(e){var iw=d;var c=d[gi]("MarketGidScriptRootC564418");}var dv=iw[ce]('div');dv.id="MG_ID";dv[st][ds]=n;dv.innerHTML=564418;c[ac](dv); var s=iw[ce]('script');s.async='async';s.defer='defer';s.charset='utf-8';s.src="http://jsc.marketgid.com/u/r/urax.ru.564418.js?t="+D.getYear()+D.getMonth()+D.getDate()+D.getHours();c[ac](s);})(); | ||
http://urax.ru/index.php?option=com_content&view=article&id=2043:yerkir-media-tv&catid=241:---live-tv--uxix-eter&Itemid=439 | 200 OK Content-Length: 90693 Content-Type: text/html | suspicious |
Suspicious code. Script contains iFrame. (function(){ var D=new Date(),d=document,b='body',ce='createElement',ac='appendChild',st='style',ds='display',n='none',gi='getElementById'; var i=d[ce]('iframe');i[st][ds]=n;d[gi]("MarketGidScriptRootC564418")[ac](i);try{var iw=i.contentWindow.document;iw.open();iw.writeln("<ht"+"ml><bo"+"dy></bo"+"dy></ht"+"ml>");iw.close();var c=iw[b];} catch(e){var iw=d;var c=d[gi]("MarketGidScriptRootC564418");}var dv=iw[ce]('div');dv.id="MG_ID";dv[st][ds]=n;dv.innerHTML=564418;c[ac](dv); var s=iw[ce]('script');s.async='async';s.defer='defer';s.charset='utf-8';s.src="http://jsc.marketgid.com/u/r/urax.ru.564418.js?t="+D.getYear()+D.getMonth()+D.getDate()+D.getHours();c[ac](s);})(); | ||
http://static.livestream.com/scripts/playerv2.js?channel=yerkirmedia&layout=playerEmbedDefault&backgroundColor=0x000000&backgroundAlpha=1&backgroundGradientStrength=0&chromeColor=0x000000&headerBarGlossEnabled=true&controlBarGlossEnabled=true&chatInputGlossEnabled=false&uiWhite=true&uiAlpha=0.5&uiSelectedAlpha=1&dropShadowEnabled=true&dropShadowHorizontalDistance=0&dropShadowVerticalDistance=0&pad <span>...509 symbols skipped</span> | 200 OK Content-Length: 5350 Content-Type: application/x-javascript | clean |
http://urax.ru/index.php?option=com_content&view=article&id=2046&catid=241&Itemid=439 | 200 OK Content-Length: 89961 Content-Type: text/html | suspicious |
Suspicious code. Script contains iFrame. (function(){ var D=new Date(),d=document,b='body',ce='createElement',ac='appendChild',st='style',ds='display',n='none',gi='getElementById'; var i=d[ce]('iframe');i[st][ds]=n;d[gi]("MarketGidScriptRootC564418")[ac](i);try{var iw=i.contentWindow.document;iw.open();iw.writeln("<ht"+"ml><bo"+"dy></bo"+"dy></ht"+"ml>");iw.close();var c=iw[b];} catch(e){var iw=d;var c=d[gi]("MarketGidScriptRootC564418");}var dv=iw[ce]('div');dv.id="MG_ID";dv[st][ds]=n;dv.innerHTML=564418;c[ac](dv); var s=iw[ce]('script');s.async='async';s.defer='defer';s.charset='utf-8';s.src="http://jsc.marketgid.com/u/r/urax.ru.564418.js?t="+D.getYear()+D.getMonth()+D.getDate()+D.getHours();c[ac](s);})(); |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: urax.ru
Result:
HTTP/1.1 200 OK
Cache-Control: post-check=0, pre-check=0
Connection: close
Date: Sun, 22 Jun 2014 21:55:06 GMT
Pragma: no-cache
Server: nginx
Content-Type: text/html; charset=utf-8
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Sun, 22 Jun 2014 21:51:44 GMT
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Set-Cookie: 07b5dfb680985960fd74e8c82296d967=055b181af7836bf4a796dfb3386e3f24; path=/
X-Powered-By: PHP/5.4.11
GET / HTTP/1.1
Host: urax.ru
Result:
HTTP/1.1 200 OK
Cache-Control: post-check=0, pre-check=0
Connection: close
Date: Sun, 22 Jun 2014 21:55:06 GMT
Pragma: no-cache
Server: nginx
Content-Type: text/html; charset=utf-8
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Sun, 22 Jun 2014 21:51:44 GMT
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Set-Cookie: 07b5dfb680985960fd74e8c82296d967=055b181af7836bf4a796dfb3386e3f24; path=/
X-Powered-By: PHP/5.4.11
Second query (visit from search engine):
GET / HTTP/1.1
Host: urax.ru
Referer: http://www.google.com/search?q=urax.ru
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: urax.ru
Referer: http://www.google.com/search?q=urax.ru
Result:
The result is similar to the first query. There are no suspicious redirects found.