Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=axper.do.am
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://axper.do.am/ | 200 OK Content-Length: 89525 Content-Type: text/html | suspicious |
Page code contains blacklisted domain: nuigyin.net <script type='text/javascript'> function resizeFrame(){ var WX,WY,BX,BY; var o=document.getElementById("iFayyQSb"),t,d; if (!o) return; d=o.contentDocument; if (!(t=d.getElementById("wrapperXayyQSb"))) WX=0; else WX=t.value; if (!(t=d.getElementById("wrapperYayyQSb"))) WY=0; else WY=t.value; if (!(t=d.getElementById("bannerXayyQSb"))) BX=0; else BX=t.value; if (!(t=d.getElementById("ban ...[4312 bytes skipped]... | ||
http://s28.ucoz.net/src/jquery-1.7.2.js | 200 OK Content-Length: 94840 Content-Type: text/javascript | clean |
http://s28.ucoz.net/src/ulightbox/ulightbox.js | 200 OK Content-Length: 22618 Content-Type: text/javascript | clean |
http://s28.ucoz.net/src/uwnd.js?2 | 200 OK Content-Length: 228554 Content-Type: text/javascript | clean |
http://nuigyin.net/c/25207/30085_axper.do.am.js | 200 OK Content-Length: 453 Content-Type: application/javascript | clean |
http://c.am11.ru/code/pop/Mishka.js | 200 OK Content-Length: 655 Content-Type: text/javascript | clean |
http://c.am11.ru/code/sb/Mishka.js | 200 OK Content-Length: 655 Content-Type: text/javascript | clean |
http://axper.do.am/load/ | HTTP/1.1 301 Moved Permanently Cache-Control: private Connection: close Date: Sat, 04 Oct 2014 02:02:36 GMT Location: http://axper.do.am Server: uServ/3.2.2 Content-Type: application/octet-stream Set-Cookie: 8axperuCoz=; path=/; expires=Thu, 04-Oct-2012 02:02:37 GMT; domain=.axper.do.am; | clean |
http://axper.do.am/test404page.js | 404 Not Found Content-Length: 6869 Content-Type: text/html | clean |
http://axper.do.am/news | 200 OK Content-Length: 47650 Content-Type: text/html | suspicious |
Page code contains blacklisted domain: nuigyin.net <script type='text/javascript'> function resizeFrame(){ var WX,WY,BX,BY; var o=document.getElementById("iFaprnq64f"),t,d; if (!o) return; d=o.contentDocument; if (!(t=d.getElementById("wrapperXaprnq64f"))) WX=0; else WX=t.value; if (!(t=d.getElementById("wrapperYaprnq64f"))) WY=0; else WY=t.value; if (!(t=d.getElementById("bannerXaprnq64f"))) BX=0; else BX=t.value; if (!(t=d.getElementB ...[4291 bytes skipped]... | ||
http://axper.do.am/stuff | 200 OK Content-Length: 84915 Content-Type: text/html | suspicious |
Page code contains blacklisted domain: nuigyin.net <script type='text/javascript'> function resizeFrame(){ var WX,WY,BX,BY; var o=document.getElementById("iFaV7M5B"),t,d; if (!o) return; d=o.contentDocument; if (!(t=d.getElementById("wrapperXaV7M5B"))) WX=0; else WX=t.value; if (!(t=d.getElementById("wrapperYaV7M5B"))) WY=0; else WY=t.value; if (!(t=d.getElementById("bannerXaV7M5B"))) BX=0; else BX=t.value; if (!(t=d.getElementById("ban ...[4291 bytes skipped]... | ||
http://s28.ucoz.net/src/entriesList.js | 200 OK Content-Length: 639 Content-Type: text/javascript | clean |
http://axper.do.am/photo/ | 200 OK Content-Length: 140692 Content-Type: text/html | suspicious |
Page code contains blacklisted domain: nuigyin.net <script type='text/javascript'> function resizeFrame(){ var WX,WY,BX,BY; var o=document.getElementById("iFazVBUNOg"),t,d; if (!o) return; d=o.contentDocument; if (!(t=d.getElementById("wrapperXazVBUNOg"))) WX=0; else WX=t.value; if (!(t=d.getElementById("wrapperYazVBUNOg"))) WY=0; else WY=t.value; if (!(t=d.getElementById("bannerXazVBUNOg"))) BX=0; else BX=t.value; if (!(t=d.getElementB ...[4291 bytes skipped]... | ||
http://s28.ucoz.net/src/photopage.js | 200 OK Content-Length: 13375 Content-Type: text/javascript | clean |
http://axper.do.am/index/goroskop/0-15 | 200 OK Content-Length: 49683 Content-Type: text/html | suspicious |
Page code contains blacklisted domain: nuigyin.net <script type='text/javascript'> function resizeFrame(){ var WX,WY,BX,BY; var o=document.getElementById("iFa9nsHRV"),t,d; if (!o) return; d=o.contentDocument; if (!(t=d.getElementById("wrapperXa9nsHRV"))) WX=0; else WX=t.value; if (!(t=d.getElementById("wrapperYa9nsHRV"))) WY=0; else WY=t.value; if (!(t=d.getElementById("bannerXa9nsHRV"))) BX=0; else BX=t.value; if (!(t=d.getElementById( ...[4292 bytes skipped]... | ||
http://xdenx.ucoz.ru/rssi/1 | 500 Internal Server Error Content-Length: 2641 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: axper.do.am
Result:
HTTP/1.1 200 OK
Cache-Control: no-cache
Cache-Control: no-store
Cache-Control: private
Connection: close
Date: Sat, 04 Oct 2014 02:02:33 GMT
Pragma: no-cache
Server: uServ/3.2.2
Content-Type: text/html; charset=UTF-8
Set-Cookie: 8axperuCoz=; path=/; expires=Thu, 04-Oct-2012 02:02:34 GMT; domain=.axper.do.am;
Set-Cookie: 8axperuCoz=; path=/; expires=Thu, 04-Oct-2012 02:02:34 GMT; domain=.axper.do.am;
Set-Cookie: 8axperuzll=1412388154; path=/; expires=Sun, 04-Oct-2015 02:02:34 GMT; domain=.axper.do.am;
GET / HTTP/1.1
Host: axper.do.am
Result:
HTTP/1.1 200 OK
Cache-Control: no-cache
Cache-Control: no-store
Cache-Control: private
Connection: close
Date: Sat, 04 Oct 2014 02:02:33 GMT
Pragma: no-cache
Server: uServ/3.2.2
Content-Type: text/html; charset=UTF-8
Set-Cookie: 8axperuCoz=; path=/; expires=Thu, 04-Oct-2012 02:02:34 GMT; domain=.axper.do.am;
Set-Cookie: 8axperuCoz=; path=/; expires=Thu, 04-Oct-2012 02:02:34 GMT; domain=.axper.do.am;
Set-Cookie: 8axperuzll=1412388154; path=/; expires=Sun, 04-Oct-2015 02:02:34 GMT; domain=.axper.do.am;
Second query (visit from search engine):
GET / HTTP/1.1
Host: axper.do.am
Referer: http://www.google.com/search?q=axper.do.am
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: axper.do.am
Referer: http://www.google.com/search?q=axper.do.am
Result:
The result is similar to the first query. There are no suspicious redirects found.