Scanned pages/files
Request | Server response | Status |
http://chtopodariti.ru/ | 200 OK Content-Length: 54965 Content-Type: text/html | suspicious |
Suspicious code found <div id="grattis_5189"><script type="text/javascript"> (function(){var func=function(){GRATTIS.showcase(5189)}; if(typeof GRATTIS==='undefined'){var s=document.createElement('script'); s.type='text/javascript';s.src='//promo.grattis.ru/publicdata/code.js?r='+(Math.random()*1000|0); var i=setInterval(function(){if(typeof GRATTIS!=='undefined'){func();clearInterval(i)}},100); document.getElementsByTagName('head')[0].appendChild(s) }else{func()}})();</script></div> | ||
http://userapi.com/js/api/openapi.js | 200 OK Content-Length: 64039 Content-Type: application/x-javascript | clean |
http://chtopodariti.ru/wp-includes/js/jquery/jquery.js?ver=1.7.2 | 200 OK Content-Length: 94861 Content-Type: application/x-javascript | clean |
http://userapi.com/js/api/openapi.js?ver=3.4.2 | 200 OK Content-Length: 64039 Content-Type: application/x-javascript | clean |
http://chtopodariti.ru/wp-content/plugins/vkontakte-api/js/callback.js?ver=3.4.2 | 200 OK Content-Length: 5068 Content-Type: application/x-javascript | clean |
http://vk.com/js/api/share.js?ver=3.4.2 | 200 OK Content-Length: 10156 Content-Type: application/x-javascript | clean |
https://apis.google.com/js/plusone.js?ver=3.4.2 | 200 OK Content-Length: 11855 Content-Type: application/javascript | clean |
http://chtopodariti.ru/wp-content/plugins/javascript-chat-for-wordpress/javascript/wp_jschat.js?ver=3.4.2 | 200 OK Content-Length: 3094 Content-Type: application/x-javascript | clean |
http://chtopodariti.ru/wp-content/themes/news/javascripts/jquery.js | 200 OK Content-Length: 57276 Content-Type: application/x-javascript | clean |
http://chtopodariti.ru/wp-content/themes/news/javascripts/ajaxtabs.js | 200 OK Content-Length: 8865 Content-Type: application/x-javascript | clean |
http://chtopodariti.ru/wp-content/themes/news/javascripts/menu.js | 200 OK Content-Length: 2136 Content-Type: application/x-javascript | clean |
http://sitename.domen/js/tiny_mce/tiny_mce.js | 500 Can't connect to sitename.domen:80 (Bad hostname) Content-Length: 160 Content-Type: text/plain | clean |
http://sitename.domen/test404page.js | 500 Can't connect to sitename.domen:80 (Bad hostname) Content-Length: 160 Content-Type: text/plain | clean |
http://mass.seoinsane.ru/golinker.php?id=1 | 200 OK Content-Length: 0 Content-Type: text/html | clean |
http://chtopodariti.ru//loginza.ru/js/widget-2.0.js/ | HTTP/1.1 301 Moved Permanently Cache-Control: no-cache, must-revalidate, max-age=0 Connection: close Date: Fri, 20 Jun 2014 12:47:55 GMT Pragma: no-cache Location: http://chtopodariti.ru/loginza.ru/js/widget-2.0.js/ Server: nginx/1.4.4 Content-Length: 0 Content-Type: text/html; charset=UTF-8 Expires: Wed, 11 Jan 1984 05:00:00 GMT Last-Modified: Fri, 20 Jun 2014 12:47:55 GMT Set-Cookie: PHPSESSID=d9deb2b7eada0c331a34b3d9fd93af5d; path=/ X-Pingback: http://chtopodariti.ru/xmlrpc.php X-Powered-By: PHP/5.3.3 | clean |
http://chtopodariti.ru/loginza.ru/js/widget-2.0.js/ | 404 Not Found Content-Length: 22029 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: chtopodariti.ru
Result:
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Fri, 20 Jun 2014 12:47:51 GMT
Pragma: no-cache
Server: nginx/1.4.4
Content-Type: text/html; charset=UTF-8
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Set-Cookie: PHPSESSID=09c75ba42aea71d9c1f8df6b9075b427; path=/
X-Pingback: http://chtopodariti.ru/xmlrpc.php
X-Powered-By: PHP/5.3.3
GET / HTTP/1.1
Host: chtopodariti.ru
Result:
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Fri, 20 Jun 2014 12:47:51 GMT
Pragma: no-cache
Server: nginx/1.4.4
Content-Type: text/html; charset=UTF-8
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Set-Cookie: PHPSESSID=09c75ba42aea71d9c1f8df6b9075b427; path=/
X-Pingback: http://chtopodariti.ru/xmlrpc.php
X-Powered-By: PHP/5.3.3
Second query (visit from search engine):
GET / HTTP/1.1
Host: chtopodariti.ru
Referer: http://www.google.com/search?q=chtopodariti.ru
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: chtopodariti.ru
Referer: http://www.google.com/search?q=chtopodariti.ru
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=chtopodariti.ru
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://chtopodariti.ru/
Result: chtopodariti.ru is not infected or malware details are not published yet.
Result: chtopodariti.ru is not infected or malware details are not published yet.