Scanned pages/files
| Request | Server response | Status |
http://y-key.ru/ | 200 OK Content-Length: 27658 Content-Type: text/html | clean |
http://y-key.ru/engine/ajax/menu.js | 200 OK Content-Length: 3368 Content-Type: application/javascript | clean |
http://y-key.ru/engine/ajax/dle_ajax.js | 200 OK Content-Length: 4725 Content-Type: application/javascript | clean |
http://y-key.ru/engine/ajax/js_edit.js | 200 OK Content-Length: 6627 Content-Type: application/javascript | clean |
http://sponsor.rpbn.ru/adx.js | 500 Can't connect to sponsor.rpbn.ru:80 Content-Length: 190 Content-Type: text/plain | clean |
http://sponsor.rpbn.ru/test404page.js | 500 Can't connect to sponsor.rpbn.ru:80 Content-Length: 190 Content-Type: text/plain | clean |
http://nedokazano.ru/js/paginator3000.js | HTTP/1.1 200 OK Cache-Control: no-store, no-cache, must-revalidate Cache-Control: post-check=0, pre-check=0 Connection: close Date: Fri, 09 Jan 2015 06:05:07 GMT Pragma: no-cache Server: nginx Vary: User-Agent,Accept-Encoding Content-Type: text/html; charset=UTF-8 Expires: Mon, 26 Jul 1997 05:00:00 GMT Last-Modified: Fri, 09 Jan 2015 06:05:07 GMT Set-Cookie: tu=4750ad48a994b968398b7bbd8f91e692; expires=Tue, 31-Dec-2019 23:00:00 GMT; path=/; domain=nedokazano.ru; httponly X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBANnylWw2vLY4hUn9w06zQKbhKBfvjFUCsdFlb6TdQhxb9RXWXuI4t31c+o8fYOv/s8q1LGPga3DE1L/tHU4LENMCAwEAAQ==_0gRsvRy7QO80cDWJ9B9vn9wD0OcYe7Qos2QaShPyjNC2noNGWZsJwd8gqP9RusJHXC2t0xM2xh+t4BGzuc/sRw== X-Cache: MISS from 600611 X-Powered-By: PHP/5.3.3-7+squeeze19 | clean |
http://nedokazano.ru/js/paginator3000.js/?gtnjs=1 | 200 OK Content-Length: 20286 Content-Type: text/html | clean |
http://img.sedoparking.com/js/jquery-1.4.2.min.js | 200 OK Content-Length: 52770 Content-Type: application/x-javascript | clean |
http://www.google.com/adsense/domains/caf.js | 200 OK Content-Length: 258 Content-Type: text/javascript | clean |
http://nedokazano.ru/js/active_menu.js | HTTP/1.1 200 OK Cache-Control: no-store, no-cache, must-revalidate Cache-Control: post-check=0, pre-check=0 Connection: close Date: Fri, 09 Jan 2015 06:05:08 GMT Pragma: no-cache Server: nginx Vary: User-Agent,Accept-Encoding Content-Type: text/html; charset=UTF-8 Expires: Mon, 26 Jul 1997 05:00:00 GMT Last-Modified: Fri, 09 Jan 2015 06:05:08 GMT Set-Cookie: tu=6a8118eec016ec5fcf1a2de8c0092043; expires=Tue, 31-Dec-2019 23:00:00 GMT; path=/; domain=nedokazano.ru; httponly X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBANnylWw2vLY4hUn9w06zQKbhKBfvjFUCsdFlb6TdQhxb9RXWXuI4t31c+o8fYOv/s8q1LGPga3DE1L/tHU4LENMCAwEAAQ==_n5zOEdRe0vJeFzvOlo+uKB8UZ4MeebOHuQJ4/ECdeYGuUHSKraElga0ycl6KozyfVD0XrNmm66S8DnaxEWaHtg== X-Cache: MISS from 610543 X-Powered-By: PHP/5.3.3-7+squeeze19 | clean |
http://nedokazano.ru/js/active_menu.js/?gtnjs=1 | 200 OK Content-Length: 20286 Content-Type: text/html | clean |
http://adv.videoslovo.ru/main.js | HTTP/1.1 302 Moved Temporarily Connection: close Date: Fri, 09 Jan 2015 06:05:09 GMT Location: http://videoslovo.ru/main.js Server: nginx Content-Type: text/html | clean |
http://videoslovo.ru/main.js | 404 Not Found Content-Length: 28456 Content-Type: text/html | suspicious |
Suspicious code. Script contains iFrame. (function(){ var D=new Date(),d=document,b='body',ce='createElement',ac='appendChild',st='style',ds='display',n='none',gi='getElementById'; var i=d[ce]('iframe');i[st][ds]=n;d[gi]("MarketGidScriptRootC571350")[ac](i);try{var iw=i.contentWindow.document;iw.open();iw.writeln("<ht"+"ml><bo"+"dy></bo"+"dy></ht"+"ml>");iw.close();var c=iw[b];} catch(e){var iw=d;var c=d[gi]("MarketGidScriptRootC571350");}var dv=iw[ce]('div');dv.id="MG_ID";dv[st][ds]=n;dv.innerHTML=571350;c[ac](dv); var s=iw[ce]('script');s.async='async';s.defer='defer';s.charset='utf-8';s.src="//jsc.marketgid.com/1/r/1.reg.ru.571350.js?t="+D.getYear()+D.getMonth()+D.getDate()+D.getHours();c[ac](s);})(); | ||
http://videoslovo.ru/modernizr.js | 200 OK Content-Length: 6296 Content-Type: application/javascript | clean |
http://adv.videoslovo.ru//pagead2.googlesyndication.com/pagead/js/adsbygoogle.js/ | HTTP/1.1 302 Moved Temporarily Connection: close Date: Fri, 09 Jan 2015 06:05:10 GMT Location: http://videoslovo.ru/pagead2.googlesyndication.com/pagead/js/adsbygoogle.js/ Server: nginx Content-Type: text/html | clean |
http://videoslovo.ru/pagead2.googlesyndication.com/pagead/js/adsbygoogle.js/ | 404 Not Found Content-Length: 28456 Content-Type: text/html | suspicious |
Suspicious code. Script contains iFrame. (function(){ var D=new Date(),d=document,b='body',ce='createElement',ac='appendChild',st='style',ds='display',n='none',gi='getElementById'; var i=d[ce]('iframe');i[st][ds]=n;d[gi]("MarketGidScriptRootC571350")[ac](i);try{var iw=i.contentWindow.document;iw.open();iw.writeln("<ht"+"ml><bo"+"dy></bo"+"dy></ht"+"ml>");iw.close();var c=iw[b];} catch(e){var iw=d;var c=d[gi]("MarketGidScriptRootC571350");}var dv=iw[ce]('div');dv.id="MG_ID";dv[st][ds]=n;dv.innerHTML=571350;c[ac](dv); var s=iw[ce]('script');s.async='async';s.defer='defer';s.charset='utf-8';s.src="//jsc.marketgid.com/1/r/1.reg.ru.571350.js?t="+D.getYear()+D.getMonth()+D.getDate()+D.getHours();c[ac](s);})(); | ||
http://videoslovo.ru//pagead2.googlesyndication.com/pagead/js/adsbygoogle.js/ | 404 Not Found Content-Length: 28456 Content-Type: text/html | suspicious |
Suspicious code. Script contains iFrame. (function(){ var D=new Date(),d=document,b='body',ce='createElement',ac='appendChild',st='style',ds='display',n='none',gi='getElementById'; var i=d[ce]('iframe');i[st][ds]=n;d[gi]("MarketGidScriptRootC571350")[ac](i);try{var iw=i.contentWindow.document;iw.open();iw.writeln("<ht"+"ml><bo"+"dy></bo"+"dy></ht"+"ml>");iw.close();var c=iw[b];} catch(e){var iw=d;var c=d[gi]("MarketGidScriptRootC571350");}var dv=iw[ce]('div');dv.id="MG_ID";dv[st][ds]=n;dv.innerHTML=571350;c[ac](dv); var s=iw[ce]('script');s.async='async';s.defer='defer';s.charset='utf-8';s.src="//jsc.marketgid.com/1/r/1.reg.ru.571350.js?t="+D.getYear()+D.getMonth()+D.getDate()+D.getHours();c[ac](s);})(); | ||
http://yourmine.ru/cgi-bin/mr.cgi | 200 OK Content-Length: 0 Content-Type: text/javascript | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: y-key.ru
Result:
HTTP/1.1 200 OK
Cache-Control: no-cache, must-revalidate
Connection: close
Date: Fri, 09 Jan 2015 06:05:06 GMT
Pragma: no-cache
Server: nginx/1.0.15
Content-Length: 27658
Content-Type: text/html;charset=windows-1251
Expires: Sun, 11 Jan 2015 00:00:00 GMT
Last-Modified: Thu, 08 Jan 2015 00:00:00 GMT
X-Powered-By: PHP/5.3.3
...27658 bytes of data.
GET / HTTP/1.1
Host: y-key.ru
Result:
HTTP/1.1 200 OK
Cache-Control: no-cache, must-revalidate
Connection: close
Date: Fri, 09 Jan 2015 06:05:06 GMT
Pragma: no-cache
Server: nginx/1.0.15
Content-Length: 27658
Content-Type: text/html;charset=windows-1251
Expires: Sun, 11 Jan 2015 00:00:00 GMT
Last-Modified: Thu, 08 Jan 2015 00:00:00 GMT
X-Powered-By: PHP/5.3.3
...27658 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: y-key.ru
Referer: http://www.google.com/search?q=y-key.ru
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: y-key.ru
Referer: http://www.google.com/search?q=y-key.ru
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=y-key.ru
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://y-key.ru/
Result: y-key.ru is not infected or malware details are not published yet.
Result: y-key.ru is not infected or malware details are not published yet.