Malware Scanner report for gaym.ru

Malicious/Suspicious/Total urls checked: 6/1/18

7 pages have malicious or suspicious code. See details below

Blacklists: Found

The website is marked by Yandex as SMS-fraud resource.

The website "gaym.ru" is probably hacked and losing its visitors. You need to take action as soon as possible to fix security issues.

Malicious Redirects: Found

The website redirects visitors to the 3rd-party URL:
->http://love.gaym.ru/
love.gaym.ru is marked by Yandex as malicious.

The website "gaym.ru" is most probably hacked and losing its visitors. You need to take action as soon as possible to fix security issues. Here is our redirects fixing guide.

Malicious/Hidden/Total iFrames: 8/0/8

8 malicious iframes found. See details below

Deface / Content modification: OK

Free periodic scanning and alerting: setup
(requires eVuln badge or a link to eVuln.com)

Malware & Hack Repair

Malware Removal
Blacklists Removal
Reason Eliminating
1 Month Hack Insurance

More details

Website Hack Insurance

Files & DB Monitoring
Daily Backups
Malware & Hack Detection
Unlimited Hack Repairs

More details

Safe Browsing / Blacklists

Query: http://www.google.com/safebrowsing/diagnostic?site=gaym.ru

Result: This site is not currently listed as suspicious.

Query: http://yandex.com/infected?l10n=en&url=http://gaym.ru/

Result: The website is marked by Yandex as SMS-fraud resource. - visiting this web site may harm your computer.
Details are available here.

Malicious Redirects

First query (normal visit):
GET / HTTP/1.1
Host: 19degrees.org

Result:
HTTP/1.1 200 OK
Connection: close
Date: Mon, 22 Dec 2014 03:42:28 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
X-Pingback: http://19degrees.org/xmlrpc.php

Second query (visit from search engine):
GET / HTTP/1.1
Host: 19degrees.org
Referer: http://www.google.com/search?q=19degrees.org

Result:
The result is similar to the first query. There are no suspicious redirects found.

Scanned pages/files

Request	Server response	Status
http://gaym.ru/	200 OK Content-Length: 382 Content-Type: text/html	suspicious
Page code contains blacklisted domain: love.gaym.ru <html> <head> <title>Ïåðåàäðåñàöèÿ</title> <meta http-equiv="Content-Type" content="text/html; charset=windows-1251"> </head> <body> <p align="center"> <a href="http://love.gaym.ru/"> Âàñ ïðèâåòñòâóåò ñàéò çíàêîìñòâ GAYM.RU<br> Åñëè ïåðåàäðåñàöèÿ íå íà÷àëàñü, íàæìèòå çäåñü. </a></p> <script language="JavaScript"> location.replace("http://love.gaym.ru/"); </script> </body> </html>
http://gaym.ru/test404page.js	HTTP/1.1 404 Not Found Connection: close Date: Sun, 20 Jul 2014 21:53:53 GMT Accept-Ranges: bytes Server: Apache/2 Vary: Accept-Encoding,User-Agent Content-Length: 115 Content-Type: text/html	malicious
http://love.gaym.ru/	200 OK Content-Length: 65042 Content-Type: text/html	malicious
Page code contains blacklisted domain: www.gaym.ru ...[1989 bytes skipped]... tp://css.loveplanet.ru/3/imgstc/exchange_v1d.js?41"></script> <script type="text/javascript" src="http://css.loveplanet.ru/3/imgstc/default_count_rules.js"></script> <script type="text/javascript" src="http://css.loveplanet.ru/3/imgstc/xforms/js/lpjl-core.min.js"></script> <script type="text/javasc <div class="bottombanner"><link rel="stylesheet" href="http://www.gaym.ru/css/1.css" type="text/css"> <br> <table width="100%" border="0" cellspacing="0" cellpadding="0"> <tr> <td height="4" bgcolor="#3399FF"><img src="http://www.gaym.ru/images/pixel.gif" width="1" height="4"></td> </tr> <tr> <td height="52" background="http://www.gaym.ru/images/top/top_c_z.jpg"> <table border="0" cellpadding="0" cellspacing="0" width="100%"> ...[1895 bytes skipped]... Malicious iFrame found. size: 180x980 src: http://www.gaym.ru/top/4.php This URL is marked by Yandex as suspicious <iframe src="http://www.gaym.ru/top/4.php" frameborder="0" width="180" height="980" scrolling="no"> Malicious iFrame found. size: 468x60 src: http://www.gaym.ru/top/2.php This URL is marked by Yandex as suspicious <iframe src="http://www.gaym.ru/top/2.php" frameborder="0" width="468" height="60" scrolling="no">
http://css.loveplanet.ru/3/img/07_unstblue/main.js	200 OK Content-Length: 10144 Content-Type: application/x-javascript	clean
http://css.loveplanet.ru/3/img/07_unstblue/v1/v1.js	200 OK Content-Length: 4308 Content-Type: application/x-javascript	clean
http://css.loveplanet.ru/3/imgstc/fw_slideshow2.js	200 OK Content-Length: 3078 Content-Type: application/x-javascript	clean
http://css.loveplanet.ru/3/imgstc/swfobject.js	200 OK Content-Length: 10220 Content-Type: application/x-javascript	clean
http://css.loveplanet.ru/3/imgstc/exchange_v1d.js?41	200 OK Content-Length: 46098 Content-Type: application/x-javascript	clean
http://css.loveplanet.ru/3/imgstc/default_count_rules.js	200 OK Content-Length: 2934 Content-Type: application/x-javascript	clean
http://css.loveplanet.ru/3/imgstc/xforms/js/lpjl-core.min.js	200 OK Content-Length: 16042 Content-Type: application/x-javascript	clean
http://css.loveplanet.ru/3/imgstc/xforms/js/lpjl-ui.js	200 OK Content-Length: 116749 Content-Type: application/x-javascript	clean
http://css.loveplanet.ru/3/imgstc/xforms/js/ui/placeholder.min.js	200 OK Content-Length: 438 Content-Type: application/x-javascript	clean
http://js.revsci.net/gateway/gw.js?csid=F09828&auto=t&bpid=rbcmedia	200 OK Content-Length: 8130 Content-Type: application/javascript	clean
http://gaym.ru/a-search/item-1/	HTTP/1.1 404 Not Found Connection: close Date: Sun, 20 Jul 2014 21:53:58 GMT Accept-Ranges: bytes Server: Apache/2 Vary: Accept-Encoding,User-Agent Content-Length: 115 Content-Type: text/html	malicious
http://love.gaym.ru/test404page.js	404 Not Found Content-Length: 64223 Content-Type: text/html	malicious
Page code contains blacklisted domain: www.gaym.ru ...[1984 bytes skipped]... c="http://css.loveplanet.ru/3/imgstc/exchange_v1d.js?41"></script> <script type="text/javascript" src="http://css.loveplanet.ru/3/imgstc/default_count_rules.js"></script> <script type="text/javascript" src="http://css.loveplanet.ru/3/imgstc/xforms/js/lpjl-core.min.js"></script> <script type="text/javasc <div class="bottombanner"><link rel="stylesheet" href="http://www.gaym.ru/css/1.css" type="text/css"> <br> <table width="100%" border="0" cellspacing="0" cellpadding="0"> <tr> <td height="4" bgcolor="#3399FF"><img src="http://www.gaym.ru/images/pixel.gif" width="1" height="4"></td> </tr> <tr> <td height="52" background="http://www.gaym.ru/images/top/top_c_z.jpg"> <table border="0" cellpadding="0" cellspacing="0" width="100%"> ...[1896 bytes skipped]... Malicious iFrame found. size: 180x980 src: http://www.gaym.ru/top/4.php This URL is marked by Yandex as suspicious <iframe src="http://www.gaym.ru/top/4.php" frameborder="0" width="180" height="980" scrolling="no"> Malicious iFrame found. size: 468x60 src: http://www.gaym.ru/top/2.php This URL is marked by Yandex as suspicious <iframe src="http://www.gaym.ru/top/2.php" frameborder="0" width="468" height="60" scrolling="no">
http://love.gaym.ru/a-search/item-1/	HTTP/1.1 301 Moved Permanently Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Connection: close Date: Sun, 20 Jul 2014 21:52:33 GMT Location: /a-logon/extend-cGF0aD1hLXNlYXJjaC9pdGVtLTEv/referer- Server: nginx Content-Type: text/html; charset=utf-8 Expires: Sun, 20 Jul 2014 21:52:33 GMT Last-Modified: Sun, 20 Jul 2014 21:52:33 GMT Set-Cookie: split=1%2C7%2C0%3B2%2C2%2C0%3B3%2C9%2C0%3B4%2C5%2C0%3B5%2C4%2C0%3B6%2C5%2C0%3B7%2C7%2C0%3B8%2C5%2C0; path=/; expires=Tue, 19-Aug-2014 21:52:33 GMT; domain=.love.gaym.ru Set-Cookie: domhit1=1405886400; path=/; expires=Tue, 22-Jul-2014 21:52:33 GMT; domain=.love.gaym.ru Set-Cookie: randomhit=1826878692; path=/; expires=Tue, 19-Aug-2014 21:52:33 GMT; domain=.love.gaym.ru Set-Cookie: landing_raw=aHR0cDovL2xvdmUuZ2F5bS5ydS9hLXNlYXJjaC9pdGVtLTEv; path=/; expires=Mon, 21-Jul-2014 21:52:33 GMT; domain=.love.gaym.ru	clean
http://love.gaym.ru/a-logon/extend-cgf0ad1hlxnlyxjjac9pdgvtltev/referer-	403 Forbidden Content-Length: 70249 Content-Type: text/html	malicious
Page code contains blacklisted domain: www.gaym.ru ...[1989 bytes skipped]... tp://css.loveplanet.ru/3/imgstc/exchange_v1d.js?41"></script> <script type="text/javascript" src="http://css.loveplanet.ru/3/imgstc/default_count_rules.js"></script> <script type="text/javascript" src="http://css.loveplanet.ru/3/imgstc/xforms/js/lpjl-core.min.js"></script> <script type="text/javasc <div class="bottombanner"><link rel="stylesheet" href="http://www.gaym.ru/css/1.css" type="text/css"> <br> <table width="100%" border="0" cellspacing="0" cellpadding="0"> <tr> <td height="4" bgcolor="#3399FF"><img src="http://www.gaym.ru/images/pixel.gif" width="1" height="4"></td> </tr> <tr> <td height="52" background="http://www.gaym.ru/images/top/top_c_z.jpg"> <table border="0" cellpadding="0" cellspacing="0" width="100%"> ...[1895 bytes skipped]... Malicious iFrame found. size: 180x980 src: http://www.gaym.ru/top/4.php This URL is marked by Yandex as suspicious <iframe src="http://www.gaym.ru/top/4.php" frameborder="0" width="180" height="980" scrolling="no"> Malicious iFrame found. size: 468x60 src: http://www.gaym.ru/top/2.php This URL is marked by Yandex as suspicious <iframe src="http://www.gaym.ru/top/2.php" frameborder="0" width="468" height="60" scrolling="no">
http://love.gaym.ru/a-topmain/	200 OK Content-Length: 29705 Content-Type: text/html	malicious
Page code contains blacklisted domain: www.gaym.ru ...[1989 bytes skipped]... tp://css.loveplanet.ru/3/imgstc/exchange_v1d.js?41"></script> <script type="text/javascript" src="http://css.loveplanet.ru/3/imgstc/default_count_rules.js"></script> <script type="text/javascript" src="http://css.loveplanet.ru/3/imgstc/xforms/js/lpjl-core.min.js"></script> <script type="text/javasc <div class="bottombanner"><link rel="stylesheet" href="http://www.gaym.ru/css/1.css" type="text/css"> <br> <table width="100%" border="0" cellspacing="0" cellpadding="0"> <tr> <td height="4" bgcolor="#3399FF"><img src="http://www.gaym.ru/images/pixel.gif" width="1" height="4"></td> </tr> <tr> <td height="52" background="http://www.gaym.ru/images/top/top_c_z.jpg"> <table border="0" cellpadding="0" cellspacing="0" width="100%"> ...[1895 bytes skipped]... Malicious iFrame found. size: 468x60 src: http://www.gaym.ru/top/2.php This URL is marked by Yandex as suspicious <iframe src="http://www.gaym.ru/top/2.php" frameborder="0" width="468" height="60" scrolling="no"> Malicious iFrame found. size: 180x980 src: http://www.gaym.ru/top/4.php This URL is marked by Yandex as suspicious <iframe src="http://www.gaym.ru/top/4.php" frameborder="0" width="180" height="980" scrolling="no">

Recently found suspicious websites

Malware Scanner report for gaym.ru

Malware & Hack Repair

Website Hack Insurance

Safe Browsing / Blacklists

Malicious Redirects

Scanned pages/files

Recently found suspicious websites

Company

Services

eVuln Labs

eVuln Tools