Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=linkxchanger.info
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://linkxchanger.info/
Result: The website is marked by Yandex as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Yandex as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://linkxchanger.info/ | 200 OK Content-Length: 6386 Content-Type: application/vnd.wap.xhtml+xml | clean |
http://linkxchanger.info/go.php?t=1028623&1028623=&link=Free-downloads | HTTP/1.1 302 Moved Temporarily Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Connection: close Date: Sun, 01 Mar 2015 02:26:09 GMT Pragma: no-cache Location: http://musicpran.w2m.mobi Server: Apache Content-Length: 0 Content-Type: text/html Expires: Thu, 19 Nov 1981 08:52:00 GMT Set-Cookie: clicks=1; expires=Tue, 03-Mar-2015 02:26:09 GMT X-Powered-By: PHP/5.4.25 | clean |
http://musicpran.w2m.mobi/ | 200 OK Content-Length: 21022 Content-Type: text/html | suspicious |
Page code contains blacklisted domain: linkxchanger.info <?xml version="1.0"?> <!DOCTYPE html PUBLIC "-//WAPFORUM//DTD XHTML Mobile 1.0//EN" "http://www.wapforum.org/DTD/xhtml-mobile10.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <!DOCTYPE html PUBLIC "-//WAPFORUM//DTD XHTML Mobile 1.0//EN" "http://www.wapforum.org/DTD/xhtml-mobile10.dtd"><html xmlns="http://www.w3.org/1999/xhtml" xml:lang="ru"><head><meta http-equiv="Content-Type" conte ...[4127 bytes skipped]... | ||
http://widget.supercounters.com/online_i.js | 200 OK Content-Length: 4233 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) var sc_olimg_var = sc_olimg_var || [];
function sc_online_i(id, fcolor, bgcolor) { var info; if (fcolor.indexOf("#") !== 0) fcolor = "#" + fcolor; bgcolor = bgcolor.replace(/#/, ""); if (encodeURIComponent) { info = '&ua=' + encodeURIComponent(navigator.userAgent); info = info + '&ref=' + encodeURIComponent(document.referrer); info = info + '&url=' + encodeURIComponent(window.location); } else { cd.style.fontSize = "12px"; cd.style.color = "#ff0000"; cd.style.borderColor = "#ffffff"; cd.style.borderWidth = "1px"; cd.style.borderStyle = "solid"; cd.style.backgroundColor = sc_olimg_var['bgcolor']; cd.title = "Supercounters"; cd.innerHTML = msg; cd.onclick = function() { window.location = "http://www.supercounters.com/"; }; ct_insert(cd, "supercounters.com/online_i.js"); } Antivirus reports:
| ||
http://adcdn.adtwirl.com/static/js/ad2.js | 200 OK Content-Length: 3537 Content-Type: application/javascript | clean |
http://linkxchanger.info/?id=musicpranw2mmobi | 200 OK Content-Length: 6402 Content-Type: application/vnd.wap.xhtml+xml | clean |
http://linkxchanger.info/go.php?t=1028623&1028623=musicpranw2mmobi&link=Free-downloads | HTTP/1.1 302 Moved Temporarily Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Connection: close Date: Sun, 01 Mar 2015 02:26:11 GMT Pragma: no-cache Location: http://goo.gl/2TXt4q Server: Apache Content-Length: 0 Content-Type: text/html Expires: Thu, 19 Nov 1981 08:52:00 GMT Set-Cookie: clicks=1; expires=Tue, 03-Mar-2015 02:26:12 GMT X-Powered-By: PHP/5.4.25 | clean |
http://goo.gl/2txt4q | 404 Not Found Content-Length: 4438 Content-Type: text/html | clean |
http://goo.gl/static/0052.urlshortener.js | 200 OK Content-Length: 66150 Content-Type: text/javascript | clean |
http://linkxchanger.info//www.google.com/support/websearch/bin/answer.py?answer=190768/ | 404 Not Found Content-Length: 363 Content-Type: text/html | clean |
http://linkxchanger.info/test404page.js | 404 Not Found Content-Length: 331 Content-Type: text/html | clean |
http://linkxchanger.info//www.google.com/privacy.html/ | 404 Not Found Content-Length: 345 Content-Type: text/html | clean |
http://linkxchanger.info/policy.html | 404 Not Found Content-Length: 328 Content-Type: text/html | clean |
http://linkxchanger.info//www.google.com/accounts/TOS/ | 404 Not Found Content-Length: 345 Content-Type: text/html | clean |
http://linkxchanger.info//www.google.com/ | 404 Not Found Content-Length: 332 Content-Type: text/html | clean |
http://linkxchanger.info/go.php?t=1028623&link=~1&ref=adzlinetopzmobi | HTTP/1.1 302 Moved Temporarily Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Connection: close Date: Sun, 01 Mar 2015 02:26:15 GMT Pragma: no-cache Location: http://adzline.topz.mobi/in/62084 Server: Apache Content-Length: 0 Content-Type: text/html Expires: Thu, 19 Nov 1981 08:52:00 GMT Set-Cookie: clicks=1; expires=Tue, 03-Mar-2015 02:26:15 GMT X-Powered-By: PHP/5.4.25 | clean |
http://adzline.topz.mobi/in/62084 | 200 OK Content-Length: 5770 Content-Type: application/xhtml+xml | suspicious |
Page code contains blacklisted domain: adzmob.mobi ...[2960 bytes skipped]... <div class="ln"><a href="/out/50780/?sessid=43eb0b8ae6ab3468b4bb6aa61d1ace1e">Katrina Real Xxx 3gp</a></div><div class="di"><a href="/out/62659/?sessid=43eb0b8ae6ab3468b4bb6aa61d1ace1e">9th Class Sex Videos</a></div><div class="ln"><a href="/out/43760/?sessid=43eb0b8ae6ab3468b4bb6aa61d1ace1e">Katrinaa Kaif Sex Xx</a></div> <div class="left"><a href="http://adzmob.mobi/?id=adzlinetopzmobi">+ Dwnld xxx 3gp Vids</a></div><div class="bck"><div class="left"><a href="/?page=2&sessid=43eb0b8ae6ab3468b4bb6aa61d1ace1e">Next ></a></div></div><div class="left"><div class="bck"></div><small>687 active sites. In/out stats for 48 hours </small></div><div class="ln"><small> <a href="/signup/?sessid=43eb0b8ae6ab3468b4bb6aa61d1ace1e">Add Site< ...[716 bytes skipped]... | ||
http://adzline.topz.mobi/out/62608/?sessid=43eb0b8ae6ab3468b4bb6aa61d1ace1e | HTTP/1.1 302 Moved Temporarily Connection: close Date: Sun, 01 Mar 2015 02:26:17 GMT Location: http://x2get.com/?id=adzlinetopzmobi Server: Apache/2.2.27 (Unix) mod_ssl/2.2.27 OpenSSL/1.0.1e-fips mod_bwlimited/1.4 Content-Length: 0 Content-Type: text/html X-Powered-By: PHP/5.4.29 | clean |
http://x2get.com/?id=adzlinetopzmobi | 200 OK Content-Length: 4879 Content-Type: application/vnd.wap.xhtml+xml | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: linkxchanger.info
Result:
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Sun, 01 Mar 2015 02:26:08 GMT
Pragma: no-cache
Server: Apache
Content-Type: application/vnd.wap.xhtml+xml
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Set-Cookie: refer=noref; expires=Tue, 03-Mar-2015 02:26:08 GMT
Set-Cookie: noref=visited; expires=Tue, 03-Mar-2015 02:26:08 GMT
Set-Cookie: page=main; expires=Tue, 03-Mar-2015 02:26:08 GMT
X-Powered-By: PHP/5.4.25
GET / HTTP/1.1
Host: linkxchanger.info
Result:
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Sun, 01 Mar 2015 02:26:08 GMT
Pragma: no-cache
Server: Apache
Content-Type: application/vnd.wap.xhtml+xml
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Set-Cookie: refer=noref; expires=Tue, 03-Mar-2015 02:26:08 GMT
Set-Cookie: noref=visited; expires=Tue, 03-Mar-2015 02:26:08 GMT
Set-Cookie: page=main; expires=Tue, 03-Mar-2015 02:26:08 GMT
X-Powered-By: PHP/5.4.25
Second query (visit from search engine):
GET / HTTP/1.1
Host: linkxchanger.info
Referer: http://www.google.com/search?q=linkxchanger.info
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: linkxchanger.info
Referer: http://www.google.com/search?q=linkxchanger.info
Result:
The result is similar to the first query. There are no suspicious redirects found.