Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=gaym.ru
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://gaym.ru/
Result: The website is marked by Yandex as SMS-fraud resource. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Yandex as SMS-fraud resource. - visiting this web site may harm your computer.
Details are available here.
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: 19degrees.org
Result:
HTTP/1.1 200 OK
Connection: close
Date: Mon, 22 Dec 2014 03:42:28 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
X-Pingback: http://19degrees.org/xmlrpc.php
GET / HTTP/1.1
Host: 19degrees.org
Result:
HTTP/1.1 200 OK
Connection: close
Date: Mon, 22 Dec 2014 03:42:28 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
X-Pingback: http://19degrees.org/xmlrpc.php
Second query (visit from search engine):
GET / HTTP/1.1
Host: 19degrees.org
Referer: http://www.google.com/search?q=19degrees.org
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: 19degrees.org
Referer: http://www.google.com/search?q=19degrees.org
Result:
The result is similar to the first query. There are no suspicious redirects found.
Scanned pages/files
Request | Server response | Status |
http://gaym.ru/ | 200 OK Content-Length: 382 Content-Type: text/html | suspicious |
Page code contains blacklisted domain: love.gaym.ru <html> <head> <title>Ïåðåàäðåñàöèÿ</title> <meta http-equiv="Content-Type" content="text/html; charset=windows-1251"> </head> <body> <p align="center"> <a href="http://love.gaym.ru/"> Âàñ ïðèâåòñòâóåò ñàéò çíàêîìñòâ GAYM.RU<br> Åñëè ïåðåàäðåñàöèÿ íå íà÷àëàñü, íàæìèòå çäåñü. </a></p> <script language="JavaScript"> location.replace("http://love.gaym.ru/"); </script> </body> </html> | ||
http://gaym.ru/test404page.js | HTTP/1.1 404 Not Found Connection: close Date: Sun, 20 Jul 2014 21:53:53 GMT Accept-Ranges: bytes Server: Apache/2 Vary: Accept-Encoding,User-Agent Content-Length: 115 Content-Type: text/html | malicious |
http://love.gaym.ru/ | 200 OK Content-Length: 65042 Content-Type: text/html | malicious |
Page code contains blacklisted domain: www.gaym.ru ...[1989 bytes skipped]... tp://css.loveplanet.ru/3/imgstc/exchange_v1d.js?41"></script> <script type="text/javascript" src="http://css.loveplanet.ru/3/imgstc/default_count_rules.js"></script> <script type="text/javascript" src="http://css.loveplanet.ru/3/imgstc/xforms/js/lpjl-core.min.js"></script> <script type="text/javasc <div class="bottombanner"><link rel="stylesheet" href="http://www.gaym.ru/css/1.css" type="text/css"> <br> <table width="100%" border="0" cellspacing="0" cellpadding="0"> <tr> <td height="4" bgcolor="#3399FF"><img src="http://www.gaym.ru/images/pixel.gif" width="1" height="4"></td> </tr> <tr> <td height="52" background="http://www.gaym.ru/images/top/top_c_z.jpg"> <table border="0" cellpadding="0" cellspacing="0" width="100%"> ...[1895 bytes skipped]... Malicious iFrame found. size: 180x980 src: http://www.gaym.ru/top/4.php This URL is marked by Yandex as suspicious <iframe src="http://www.gaym.ru/top/4.php" frameborder="0" width="180" height="980" scrolling="no"> Malicious iFrame found. size: 468x60 src: http://www.gaym.ru/top/2.php This URL is marked by Yandex as suspicious <iframe src="http://www.gaym.ru/top/2.php" frameborder="0" width="468" height="60" scrolling="no"> | ||
http://css.loveplanet.ru/3/img/07_unstblue/main.js | 200 OK Content-Length: 10144 Content-Type: application/x-javascript | clean |
http://css.loveplanet.ru/3/img/07_unstblue/v1/v1.js | 200 OK Content-Length: 4308 Content-Type: application/x-javascript | clean |
http://css.loveplanet.ru/3/imgstc/fw_slideshow2.js | 200 OK Content-Length: 3078 Content-Type: application/x-javascript | clean |
http://css.loveplanet.ru/3/imgstc/swfobject.js | 200 OK Content-Length: 10220 Content-Type: application/x-javascript | clean |
http://css.loveplanet.ru/3/imgstc/exchange_v1d.js?41 | 200 OK Content-Length: 46098 Content-Type: application/x-javascript | clean |
http://css.loveplanet.ru/3/imgstc/default_count_rules.js | 200 OK Content-Length: 2934 Content-Type: application/x-javascript | clean |
http://css.loveplanet.ru/3/imgstc/xforms/js/lpjl-core.min.js | 200 OK Content-Length: 16042 Content-Type: application/x-javascript | clean |
http://css.loveplanet.ru/3/imgstc/xforms/js/lpjl-ui.js | 200 OK Content-Length: 116749 Content-Type: application/x-javascript | clean |
http://css.loveplanet.ru/3/imgstc/xforms/js/ui/placeholder.min.js | 200 OK Content-Length: 438 Content-Type: application/x-javascript | clean |
http://js.revsci.net/gateway/gw.js?csid=F09828&auto=t&bpid=rbcmedia | 200 OK Content-Length: 8130 Content-Type: application/javascript | clean |
http://gaym.ru/a-search/item-1/ | HTTP/1.1 404 Not Found Connection: close Date: Sun, 20 Jul 2014 21:53:58 GMT Accept-Ranges: bytes Server: Apache/2 Vary: Accept-Encoding,User-Agent Content-Length: 115 Content-Type: text/html | malicious |
http://love.gaym.ru/test404page.js | 404 Not Found Content-Length: 64223 Content-Type: text/html | malicious |
Page code contains blacklisted domain: www.gaym.ru ...[1984 bytes skipped]... c="http://css.loveplanet.ru/3/imgstc/exchange_v1d.js?41"></script> <script type="text/javascript" src="http://css.loveplanet.ru/3/imgstc/default_count_rules.js"></script> <script type="text/javascript" src="http://css.loveplanet.ru/3/imgstc/xforms/js/lpjl-core.min.js"></script> <script type="text/javasc <div class="bottombanner"><link rel="stylesheet" href="http://www.gaym.ru/css/1.css" type="text/css"> <br> <table width="100%" border="0" cellspacing="0" cellpadding="0"> <tr> <td height="4" bgcolor="#3399FF"><img src="http://www.gaym.ru/images/pixel.gif" width="1" height="4"></td> </tr> <tr> <td height="52" background="http://www.gaym.ru/images/top/top_c_z.jpg"> <table border="0" cellpadding="0" cellspacing="0" width="100%"> ...[1896 bytes skipped]... Malicious iFrame found. size: 180x980 src: http://www.gaym.ru/top/4.php This URL is marked by Yandex as suspicious <iframe src="http://www.gaym.ru/top/4.php" frameborder="0" width="180" height="980" scrolling="no"> Malicious iFrame found. size: 468x60 src: http://www.gaym.ru/top/2.php This URL is marked by Yandex as suspicious <iframe src="http://www.gaym.ru/top/2.php" frameborder="0" width="468" height="60" scrolling="no"> | ||
http://love.gaym.ru/a-search/item-1/ | HTTP/1.1 301 Moved Permanently Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Connection: close Date: Sun, 20 Jul 2014 21:52:33 GMT Location: /a-logon/extend-cGF0aD1hLXNlYXJjaC9pdGVtLTEv/referer- Server: nginx Content-Type: text/html; charset=utf-8 Expires: Sun, 20 Jul 2014 21:52:33 GMT Last-Modified: Sun, 20 Jul 2014 21:52:33 GMT Set-Cookie: split=1%2C7%2C0%3B2%2C2%2C0%3B3%2C9%2C0%3B4%2C5%2C0%3B5%2C4%2C0%3B6%2C5%2C0%3B7%2C7%2C0%3B8%2C5%2C0; path=/; expires=Tue, 19-Aug-2014 21:52:33 GMT; domain=.love.gaym.ru Set-Cookie: domhit1=1405886400; path=/; expires=Tue, 22-Jul-2014 21:52:33 GMT; domain=.love.gaym.ru Set-Cookie: randomhit=1826878692; path=/; expires=Tue, 19-Aug-2014 21:52:33 GMT; domain=.love.gaym.ru Set-Cookie: landing_raw=aHR0cDovL2xvdmUuZ2F5bS5ydS9hLXNlYXJjaC9pdGVtLTEv; path=/; expires=Mon, 21-Jul-2014 21:52:33 GMT; domain=.love.gaym.ru | clean |
http://love.gaym.ru/a-logon/extend-cgf0ad1hlxnlyxjjac9pdgvtltev/referer- | 403 Forbidden Content-Length: 70249 Content-Type: text/html | malicious |
Page code contains blacklisted domain: www.gaym.ru ...[1989 bytes skipped]... tp://css.loveplanet.ru/3/imgstc/exchange_v1d.js?41"></script> <script type="text/javascript" src="http://css.loveplanet.ru/3/imgstc/default_count_rules.js"></script> <script type="text/javascript" src="http://css.loveplanet.ru/3/imgstc/xforms/js/lpjl-core.min.js"></script> <script type="text/javasc <div class="bottombanner"><link rel="stylesheet" href="http://www.gaym.ru/css/1.css" type="text/css"> <br> <table width="100%" border="0" cellspacing="0" cellpadding="0"> <tr> <td height="4" bgcolor="#3399FF"><img src="http://www.gaym.ru/images/pixel.gif" width="1" height="4"></td> </tr> <tr> <td height="52" background="http://www.gaym.ru/images/top/top_c_z.jpg"> <table border="0" cellpadding="0" cellspacing="0" width="100%"> ...[1895 bytes skipped]... Malicious iFrame found. size: 180x980 src: http://www.gaym.ru/top/4.php This URL is marked by Yandex as suspicious <iframe src="http://www.gaym.ru/top/4.php" frameborder="0" width="180" height="980" scrolling="no"> Malicious iFrame found. size: 468x60 src: http://www.gaym.ru/top/2.php This URL is marked by Yandex as suspicious <iframe src="http://www.gaym.ru/top/2.php" frameborder="0" width="468" height="60" scrolling="no"> | ||
http://love.gaym.ru/a-topmain/ | 200 OK Content-Length: 29705 Content-Type: text/html | malicious |
Page code contains blacklisted domain: www.gaym.ru ...[1989 bytes skipped]... tp://css.loveplanet.ru/3/imgstc/exchange_v1d.js?41"></script> <script type="text/javascript" src="http://css.loveplanet.ru/3/imgstc/default_count_rules.js"></script> <script type="text/javascript" src="http://css.loveplanet.ru/3/imgstc/xforms/js/lpjl-core.min.js"></script> <script type="text/javasc <div class="bottombanner"><link rel="stylesheet" href="http://www.gaym.ru/css/1.css" type="text/css"> <br> <table width="100%" border="0" cellspacing="0" cellpadding="0"> <tr> <td height="4" bgcolor="#3399FF"><img src="http://www.gaym.ru/images/pixel.gif" width="1" height="4"></td> </tr> <tr> <td height="52" background="http://www.gaym.ru/images/top/top_c_z.jpg"> <table border="0" cellpadding="0" cellspacing="0" width="100%"> ...[1895 bytes skipped]... Malicious iFrame found. size: 468x60 src: http://www.gaym.ru/top/2.php This URL is marked by Yandex as suspicious <iframe src="http://www.gaym.ru/top/2.php" frameborder="0" width="468" height="60" scrolling="no"> Malicious iFrame found. size: 180x980 src: http://www.gaym.ru/top/4.php This URL is marked by Yandex as suspicious <iframe src="http://www.gaym.ru/top/4.php" frameborder="0" width="180" height="980" scrolling="no"> |