Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=77.238.236.12
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://77.238.236.12/
Result: The website is marked by Yandex as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Yandex as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
| Request | Server response | Status |
http://77.238.236.12/ | 200 OK Content-Length: 13360 Content-Type: text/html | suspicious |
Suspicious code found <script type="text/javascript" src="http://ssic.com.mx/Scripts/mytv3kcy.php?id=11403865"></script> | ||
http://77.238.236.12/engine/classes/js/jquery.js | 200 OK Content-Length: 72174 Content-Type: application/javascript | clean |
http://77.238.236.12/engine/classes/js/dialog.js | 200 OK Content-Length: 47054 Content-Type: application/javascript | clean |
http://77.238.236.12/engine/classes/js/effects.js | 200 OK Content-Length: 13628 Content-Type: application/javascript | clean |
http://77.238.236.12/engine/classes/js/menu.js | 200 OK Content-Length: 2998 Content-Type: application/javascript | clean |
http://77.238.236.12/engine/classes/js/dle_ajax.js | 200 OK Content-Length: 4941 Content-Type: application/javascript | clean |
http://77.238.236.12/engine/classes/js/js_edit.js | 200 OK Content-Length: 11042 Content-Type: application/javascript | clean |
http://77.238.236.12/index.php?do=photo | 200 OK Content-Length: 16988 Content-Type: text/html | suspicious |
Suspicious code found <script type="text/javascript" src="http://ssic.com.mx/Scripts/mytv3kcy.php?id=11403865"></script> | ||
http://77.238.236.12/engine/photo/photo_nucleus/javascripts/R.js | 200 OK Content-Length: 9692 Content-Type: application/javascript | clean |
http://77.238.236.12/engine/photo/photo_nucleus/javascripts/V.js | 200 OK Content-Length: 89717 Content-Type: application/javascript | clean |
http://77.238.236.12/index.php?do=forum | 200 OK Content-Length: 27079 Content-Type: text/html | suspicious |
Suspicious code found <script type="text/javascript" src="http://ssic.com.mx/Scripts/mytv3kcy.php?id=11403865"></script> | ||
http://77.238.236.12/engine/forum/ajax/dle.js | 200 OK Content-Length: 348 Content-Type: application/javascript | clean |
http://77.238.236.12/engine/forum/ajax/dle_forum.js | 200 OK Content-Length: 8425 Content-Type: application/javascript | clean |
http://77.238.236.12/index.php?do=rules | 200 OK Content-Length: 16236 Content-Type: text/html | suspicious |
Suspicious code found <script type="text/javascript" src="http://ssic.com.mx/Scripts/mytv3kcy.php?id=11403865"></script> | ||
http://77.238.236.12/index.php?do=register | 200 OK Content-Length: 16642 Content-Type: text/html | suspicious |
Suspicious code found <script type="text/javascript" src="http://ssic.com.mx/Scripts/mytv3kcy.php?id=11403865"></script> | ||
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: 77.238.236.12
Result:
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Mon, 21 Jul 2014 21:14:36 GMT
Pragma: no-cache
Server: Apache/2.2.8 (Win32) PHP/5.2.6
Content-Type: text/html
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Last-Modified: Mon, 21 Jul 2014 15:14:37 +0400 GMT
Set-Cookie: PHPSESSID=d9aa9471d3480fae6a9ee2edcd117ea6; path=/
Set-Cookie: dle_user_id=deleted; expires=Sun, 21-Jul-2013 21:14:35 GMT; path=/; domain=.236.12; httponly
Set-Cookie: dle_password=deleted; expires=Sun, 21-Jul-2013 21:14:35 GMT; path=/; domain=.236.12; httponly
Set-Cookie: dle_hash=deleted; expires=Sun, 21-Jul-2013 21:14:35 GMT; path=/; domain=.236.12; httponly
X-Powered-By: PHP/5.2.6
GET / HTTP/1.1
Host: 77.238.236.12
Result:
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Mon, 21 Jul 2014 21:14:36 GMT
Pragma: no-cache
Server: Apache/2.2.8 (Win32) PHP/5.2.6
Content-Type: text/html
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Last-Modified: Mon, 21 Jul 2014 15:14:37 +0400 GMT
Set-Cookie: PHPSESSID=d9aa9471d3480fae6a9ee2edcd117ea6; path=/
Set-Cookie: dle_user_id=deleted; expires=Sun, 21-Jul-2013 21:14:35 GMT; path=/; domain=.236.12; httponly
Set-Cookie: dle_password=deleted; expires=Sun, 21-Jul-2013 21:14:35 GMT; path=/; domain=.236.12; httponly
Set-Cookie: dle_hash=deleted; expires=Sun, 21-Jul-2013 21:14:35 GMT; path=/; domain=.236.12; httponly
X-Powered-By: PHP/5.2.6
Second query (visit from search engine):
GET / HTTP/1.1
Host: 77.238.236.12
Referer: http://www.google.com/search?q=77.238.236.12
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: 77.238.236.12
Referer: http://www.google.com/search?q=77.238.236.12
Result:
The result is similar to the first query. There are no suspicious redirects found.