Scanned pages/files
Request | Server response | Status |
http://auto-runok.com.ua/ | 200 OK Content-Length: 66342 Content-Type: text/html | suspicious |
Deface/Content modification. The following signature was found: Hacked by Prosox <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" lang="fr"> <head> <title>Hacked by Prosox</title> <meta name="SKYPE_TOOLBAR" content="SKYPE_TOOLBAR_PARSER_COMPATIBLE" /> <meta name="generator" content="Bluefish 2.0.3" /> <meta name="robots" content="index, follow" /> <meta http-equiv="Content-Language" content="fr" /> <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> <link rel='stylesheet' type='text/cs ...[84201 bytes skipped]... | ||
http://auto-runok.com.ua/spip.php?article327 | 200 OK Content-Length: 74551 Content-Type: text/html | clean |
http://auto-runok.com.ua/spip.php?article301 | 200 OK Content-Length: 73530 Content-Type: text/html | clean |
http://auto-runok.com.ua/?page=catalogue&id_brand=14 | 200 OK Content-Length: 54744 Content-Type: text/html | clean |
http://auto-runok.com.ua/prive/javascript/jquery.js | 200 OK Content-Length: 183184 Content-Type: application/javascript | clean |
http://auto-runok.com.ua/plugins/catalogue/js/catalogue.js | 200 OK Content-Length: 2228 Content-Type: application/javascript | clean |
http://auto-runok.com.ua/prive/javascript/jquery.form.js | 200 OK Content-Length: 21060 Content-Type: application/javascript | clean |
http://auto-runok.com.ua/prive/javascript/ajaxCallback.js | 200 OK Content-Length: 10815 Content-Type: application/javascript | clean |
http://auto-runok.com.ua/prive/javascript/jquery.cookie.js | 200 OK Content-Length: 4246 Content-Type: application/javascript | clean |
http://auto-runok.com.ua/extensions/porte_plume/javascript/xregexp-min.js | 200 OK Content-Length: 7085 Content-Type: application/javascript | clean |
http://auto-runok.com.ua/extensions/porte_plume/javascript/jquery.markitup_pour_spip.js | 200 OK Content-Length: 22302 Content-Type: application/javascript | clean |
http://auto-runok.com.ua/extensions/porte_plume/javascript/jquery.previsu_spip.js | 200 OK Content-Length: 2598 Content-Type: application/javascript | clean |
http://auto-runok.com.ua/spip.php?page=porte_plume_start.js&lang=fr | 200 OK Content-Length: 12200 Content-Type: text/javascript | clean |
http://auto-runok.com.ua/squelettes/fancybox/jquery.mousewheel-3.0.4.pack.js | 200 OK Content-Length: 1279 Content-Type: application/javascript | clean |
http://auto-runok.com.ua/squelettes/fancybox/jquery.fancybox-1.3.4.pack.js | 200 OK Content-Length: 15624 Content-Type: application/javascript | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: auto-runok.com.ua
Result:
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate
Connection: close
Date: Thu, 17 Dec 2015 23:58:33 GMT
Pragma: no-cache
Server: nginx
Server: cluster.rx-name.ua, Nginx+ 1.9
Vary: Cookie,Accept-Encoding,User-Agent
Content-Type: text/html; charset=utf-8
Last-Modified: Thu, 17 Dec 2015 23:58:33 GMT
Composed-By: SPIP 2.1.12 @ www.spip.net + images(1.0.1), msie_compat(1.0.0), porte_plume(1.7.8), safehtml(1.3.7), vertebres(1.0.0), corbeille(0.71.0), cfg(1.15.2), crayons(1.6.2), googleanalytics(0.3.1), metas(1.3.1), priveperso(0.6.0), pdk(1.4.0), spip_bonux(2.2.22), simpletest(0.4.2), voltaire(1.0.1), saisies(1.9.8), catalogue(1.0.0), feedback(1.0.0), compresseur(1.0.1)
X-Spip-Cache: 86400
GET / HTTP/1.1
Host: auto-runok.com.ua
Result:
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate
Connection: close
Date: Thu, 17 Dec 2015 23:58:33 GMT
Pragma: no-cache
Server: nginx
Server: cluster.rx-name.ua, Nginx+ 1.9
Vary: Cookie,Accept-Encoding,User-Agent
Content-Type: text/html; charset=utf-8
Last-Modified: Thu, 17 Dec 2015 23:58:33 GMT
Composed-By: SPIP 2.1.12 @ www.spip.net + images(1.0.1), msie_compat(1.0.0), porte_plume(1.7.8), safehtml(1.3.7), vertebres(1.0.0), corbeille(0.71.0), cfg(1.15.2), crayons(1.6.2), googleanalytics(0.3.1), metas(1.3.1), priveperso(0.6.0), pdk(1.4.0), spip_bonux(2.2.22), simpletest(0.4.2), voltaire(1.0.1), saisies(1.9.8), catalogue(1.0.0), feedback(1.0.0), compresseur(1.0.1)
X-Spip-Cache: 86400
Second query (visit from search engine):
GET / HTTP/1.1
Host: auto-runok.com.ua
Referer: http://www.google.com/search?q=auto-runok.com.ua
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: auto-runok.com.ua
Referer: http://www.google.com/search?q=auto-runok.com.ua
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=auto-runok.com.ua
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://auto-runok.com.ua/
Result: auto-runok.com.ua is not infected or malware details are not published yet.
Result: auto-runok.com.ua is not infected or malware details are not published yet.