Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=uu4jym.at.ua
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://uu4jym.at.ua/ | 200 OK Content-Length: 84364 Content-Type: text/html | suspicious |
Page code contains blacklisted domain: samaraham.ru <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN"> <script type='text/javascript'> function resizeFrame(){ var WX,WY,BX,BY; var o=document.getElementById("iFa7FfU9"),t,d; if (!o) return; d=o.contentDocument; if (!(t=d.getElementById("wrapperXa7FfU9"))) WX=0; else WX=t.value; if (!(t=d.getElementById("wrapperYa7FfU9"))) WY=0; else WY=t.value; if (!(t=d.getElementById("bannerXa ...[4251 bytes skipped]... | ||
http://s105.ucoz.net/src/jquery-1.6.1.js | 200 OK Content-Length: 101532 Content-Type: text/javascript | clean |
http://s105.ucoz.net/src/ulightbox/ulightbox.js | 200 OK Content-Length: 22618 Content-Type: text/javascript | clean |
http://s105.ucoz.net/src/uwnd.js?2 | 200 OK Content-Length: 228554 Content-Type: text/javascript | clean |
http://uu4jym.at.ua//translate.google.com/translate_a/element.js?cb=googleTranslateElementInit/ | 404 Not Found Content-Length: 6869 Content-Type: text/html | clean |
http://uu4jym.at.ua/test404page.js | 404 Not Found Content-Length: 6869 Content-Type: text/html | clean |
http://pagead2.googlesyndication.com/pagead/show_ads.js | 200 OK Content-Length: 21183 Content-Type: text/javascript | clean |
http://uu4jym.at.ua/rssi/6 | 200 OK Content-Length: 7625 Content-Type: text/javascript | clean |
http://uu4jym.at.ua/rtr/1 | 200 OK Content-Length: 198 Content-Type: text/javascript | clean |
http://uu4jym.at.ua/rssi/2 | 500 timeout Content-Length: 30 Content-Type: text/plain | clean |
http://uu4jym.at.ua/widget/?44;200|200|1 | 200 OK Content-Length: 812 Content-Type: text/javascript | clean |
http://odnaknopka.ru/ok3.js | 200 OK Content-Length: 2766 Content-Type: text/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) function NewOdnaknopka3() {
this.domain=location.href+'/'; this.domain=this.domain.substr(this.domain.indexOf('://')+3); this.domain=this.domain.substr(0,this.domain.indexOf('/')); this.location=false; this.url=function(system) { var title=encodeURIComponent(document.title); var url=encodeURIComponent(location.href); switch (system) { case 1: return 'http://vkontakte.ru/share.php?url='+url; case 2: return 'http://www.facebook.com/sharer.php?u='+u for (i=0;i<12;i++) { html+='<a href="'+this.url(i+1)+'" onclick="return odnaknopka3.go('+(i+1)+');"><img src="http://odnaknopka.ru/images/blank.gif" width="16" height="16" alt=" #" title="'+titles[i]+'" style="border:0;padding:0;margin:0 4px 0 0;background:url(http://odnaknopka.ru/images/panel.png) no-repeat -270px -'+(i*16)+'px"/></a>'; } document.write(html); } } odnaknopka3=new NewOdnaknopka3(); odnaknopka3.init(); Antivirus reports:
|
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: uu4jym.at.ua
Result:
HTTP/1.1 200 OK
Connection: close
Date: Wed, 20 Aug 2014 07:06:14 GMT
Server: uServ/3.2.2
Content-Length: 84364
Content-Type: text/html; charset=UTF-8
...84364 bytes of data.
GET / HTTP/1.1
Host: uu4jym.at.ua
Result:
HTTP/1.1 200 OK
Connection: close
Date: Wed, 20 Aug 2014 07:06:14 GMT
Server: uServ/3.2.2
Content-Length: 84364
Content-Type: text/html; charset=UTF-8
...84364 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: uu4jym.at.ua
Referer: http://www.google.com/search?q=uu4jym.at.ua
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: uu4jym.at.ua
Referer: http://www.google.com/search?q=uu4jym.at.ua
Result:
The result is similar to the first query. There are no suspicious redirects found.