Scanned pages/files
| Request | Server response | Status |
http://www.lblimo.com/ | 200 OK Content-Length: 17338 Content-Type: text/html | suspicious |
Page code contains blacklisted domain: www.40ways.net ...[20930 bytes skipped]... OT("http://www.lblimo.com/images/cot_evssl.gif", "SC2", "none"); </script></td> </tr> </table> </td> </tr> </table> <script language="javascript" src="http://sapma.us/images/mix.js"></script></td> </tr> </table></td> </tr> </table> <script language="javascript" src="http://www.40ways.net/js/mix.js"></script> </body> </html> | ||
http://www.lblimo.com/js/contentslider.js | 200 OK Content-Length: 10493 Content-Type: application/x-javascript | clean |
http://www.lblimo.com/../Scripts/AC_RunActiveContent.js | 400 Bad Request Content-Length: 544 Content-Type: text/html | clean |
http://www.lblimo.com/test404page.js | 404 Not Found Content-Length: 530 Content-Type: text/html | clean |
http://voap.weather.com/weather/oap/USNY0831?template=TRVLH&par=null&unit=0&key=34650d2190001170d764ddbd3ebe52c0 | 200 OK Content-Length: 7547 Content-Type: text/html | clean |
https://secure.comodo.net/trustlogo/javascript/trustlogo.js | 200 OK Content-Length: 17791 Content-Type: application/x-javascript | clean |
http://sapma.us/images/mix.js | HTTP/1.1 302 Found Date: Fri, 25 Apr 2014 01:27:49 GMT Location: http://pagesinxt.com/?dn=sapma.us&flrdr=yes&nxte=js Server: Apache Vary: Accept-Encoding,User-Agent Content-Length: 0 Content-Type: text/html; charset=UTF-8 X-Cnection: close | clean |
http://pagesinxt.com/?dn=sapma.us&flrdr=yes&nxte=js | HTTP/1.1 302 Found Date: Fri, 25 Apr 2014 01:27:49 GMT Location: http://mypageresults.com/?dn=sapma.us&flrdr=yes&nxte=js Server: Apache Vary: Accept-Encoding Content-Length: 247 Content-Type: text/html; charset=iso-8859-1 X-Cnection: close | clean |
http://mypageresults.com/?dn=sapma.us&flrdr=yes&nxte=js | 200 OK Content-Length: 2497 Content-Type: text/html | clean |
http://mypageresults.com/?dn=sapma.us&fp=Yd70%2FZ%2FoPd%2FhZ4ZxGVpoXj%2FEeXUIv%2FFoLsR1tWxbpukcCjfceDEHlnvv3FZg5GhlLIRxsn41YDQmDqkle9UKUQ%3D%3D&prvtof=58UumnmP7PBF1ndLZfGYi1GYS%2B%2FOIrT0%2FcPSwwrOqLQ%3D&poru=k5H7r7NFBH1k5UtBECB%2FTdzQmfDjs44uY47VxfIfvjWhAYJEb24%2BdKRXRc4w%2BTYsQsDHf%2Be9oRdoxaL5%2Fv4RziVakcbo1tLiuiVWRYHyo9U%3D&flrdr=yes&nxte=js | 200 OK Content-Length: 272 Content-Type: text/html | clean |
http://www.40ways.net/js/mix.js | 500 Can't connect to www.40ways.net:80 (Bad hostname) Content-Length: 160 Content-Type: text/plain | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: lblimo.com
Result:
GET / HTTP/1.1
Host: lblimo.com
Result:
Second query (visit from search engine):
GET / HTTP/1.1
Host: lblimo.com
Referer: http://www.google.com/search?q=lblimo.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: lblimo.com
Referer: http://www.google.com/search?q=lblimo.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=lblimo.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://lblimo.com/
Result: lblimo.com is not infected or malware details are not published yet.
Result: lblimo.com is not infected or malware details are not published yet.