Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=2lovers.info
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://2lovers.info/ | 200 OK Content-Length: 60386 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) <!-- function Decode(){var temp="",i,c=0,out="";var str="60!97!32!104!114!101!102!61!34!104!116!116!112!58!47!47!100!111!115!117!103!49!56!46!99!111!109!34!32!116!97!114!103!101!116!61!34!95!98!108!97!110!107!34!62!60!105!109!103!32!115!114!99!61!34!104!116!116!112!58!47!47!100!111!115!117!103!49!56!46!99!111!109!47!98!97!110!47!100!111!115!117!103!49!56!46!103!105!102!34!32!98!111!114!100!101!114!61!34!48!34!32!97!108!116!61!34!68!111!115!117!103!49!56!46!99!111!109!32!45!32!1056!1072!1079!1074!1083!1077!1095!1077!1085!1080!1103!32!1076!1083!1103!32!1074!1079!1088!1086!1089!1083!1099!1093!33!34!62!60!47!97!62!";l=str.length;while(c<=str.length-1){while(str.charAt(c)!='!')temp=temp+str.charAt(c++);c++;out=out+String.fromCharCode(temp);temp="";}document.write(out);} Antivirus reports:
| ||
http://css.loveplanet.ru/3/img/finelove/main.js | 200 OK Content-Length: 10338 Content-Type: application/x-javascript | clean |
http://css.loveplanet.ru/3/img/finelove/v1/v1.js | 200 OK Content-Length: 4308 Content-Type: application/x-javascript | clean |
http://css.loveplanet.ru/3/imgstc/fw_slideshow2.js | 200 OK Content-Length: 3078 Content-Type: application/x-javascript | clean |
http://css.loveplanet.ru/3/imgstc/swfobject.js | 200 OK Content-Length: 10220 Content-Type: application/x-javascript | clean |
http://css.loveplanet.ru/3/imgstc/exchange_v1d.js?53 | 200 OK Content-Length: 47390 Content-Type: application/x-javascript | clean |
http://css.loveplanet.ru/3/imgstc/default_count_rules.js | 200 OK Content-Length: 2934 Content-Type: application/x-javascript | clean |
http://css.loveplanet.ru/3/imgstc/xforms/js/lpjl-core.min.js | 200 OK Content-Length: 16042 Content-Type: application/x-javascript | clean |
http://css.loveplanet.ru/3/imgstc/xforms/js/lpjl-ui.js | 200 OK Content-Length: 104560 Content-Type: application/x-javascript | clean |
http://css.loveplanet.ru/3/imgstc/xforms/js/ui/placeholder.min.js | 200 OK Content-Length: 438 Content-Type: application/x-javascript | clean |
http://127.popunder.ru/popunder.php?id=127 | 403 Forbidden Content-Length: 570 Content-Type: text/html | clean |
http://127.popunder.ru/test404page.js | 404 Not Found Content-Length: 570 Content-Type: text/html | clean |
http://js.revsci.net/gateway/gw.js?csid=F09828&auto=t&bpid=rbcmedia | 200 OK Content-Length: 8080 Content-Type: application/javascript | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: 2lovers.info
Result:
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Mon, 22 Dec 2014 20:17:26 GMT
Server: nginx
Content-Type: text/html; charset=utf-8
Expires: Mon, 22 Dec 2014 20:17:26 GMT
Last-Modified: Mon, 22 Dec 2014 20:17:26 GMT
Set-Cookie: split=1%2C9%2C0%3B2%2C6%2C0%3B3%2C9%2C0%3B4%2C8%2C0%3B5%2C4%2C0%3B6%2C5%2C0%3B7%2C7%2C0%3B8%2C6%2C0; path=/; expires=Wed, 21-Jan-2015 20:17:26 GMT; domain=.2lovers.info
Set-Cookie: domhit1=1419195600; path=/; expires=Wed, 24-Dec-2014 20:17:26 GMT; domain=.2lovers.info
Set-Cookie: randomhit=513982569; path=/; expires=Wed, 21-Jan-2015 20:17:26 GMT; domain=.2lovers.info
Set-Cookie: landing_raw=aHR0cDovLzJsb3ZlcnMuaW5mby9pbmRleC5odG1s; path=/; expires=Tue, 23-Dec-2014 20:17:26 GMT; domain=.2lovers.info
GET / HTTP/1.1
Host: 2lovers.info
Result:
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Mon, 22 Dec 2014 20:17:26 GMT
Server: nginx
Content-Type: text/html; charset=utf-8
Expires: Mon, 22 Dec 2014 20:17:26 GMT
Last-Modified: Mon, 22 Dec 2014 20:17:26 GMT
Set-Cookie: split=1%2C9%2C0%3B2%2C6%2C0%3B3%2C9%2C0%3B4%2C8%2C0%3B5%2C4%2C0%3B6%2C5%2C0%3B7%2C7%2C0%3B8%2C6%2C0; path=/; expires=Wed, 21-Jan-2015 20:17:26 GMT; domain=.2lovers.info
Set-Cookie: domhit1=1419195600; path=/; expires=Wed, 24-Dec-2014 20:17:26 GMT; domain=.2lovers.info
Set-Cookie: randomhit=513982569; path=/; expires=Wed, 21-Jan-2015 20:17:26 GMT; domain=.2lovers.info
Set-Cookie: landing_raw=aHR0cDovLzJsb3ZlcnMuaW5mby9pbmRleC5odG1s; path=/; expires=Tue, 23-Dec-2014 20:17:26 GMT; domain=.2lovers.info
Second query (visit from search engine):
GET / HTTP/1.1
Host: 2lovers.info
Referer: http://www.google.com/search?q=2lovers.info
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: 2lovers.info
Referer: http://www.google.com/search?q=2lovers.info
Result:
The result is similar to the first query. There are no suspicious redirects found.