Scanned pages/files
Request | Server response | Status |
http://news.lent.az/ | 200 OK Content-Length: 166660 Content-Type: text/html | clean |
http://news.lent.az/media/js/adriver.core.2.js | 200 OK Content-Length: 6066 Content-Type: application/x-javascript | clean |
http://news.lent.az/assets/31f077b5/jquery.min.js | 200 OK Content-Length: 94840 Content-Type: application/x-javascript | malicious |
Malicious code - confirmed by antiviruses (see below) (function(a,b){function cy(a){return f.isWindow(a)?a:a.nodeType===9?a.defaultView||a.parentWindow:!1}function cu(a){if(!cj[a]){var b=c.body,d=f("<"+a+">").appendTo(b),e=d.css("display");d.remove();if(e==="none"||e===""){ck||(ck=c.createElement("iframe"),ck.frameBorder=ck.width=ck.height=0),b.appendChild(ck);if(!cl||!ck.createElement)cl=(ck.contentWindow||ck.contentDocument).document,cl.write((f.support.boxModel?"<!doctype html>":"")+"<html><body>"),cl.close();d=cl.createE Antivirus reports:
| ||
http://news.lent.az/media/plugins/exclusiveNews.js | 200 OK Content-Length: 715 Content-Type: application/x-javascript | clean |
http://news.lent.az/media/js/functions.js | 200 OK Content-Length: 451 Content-Type: application/x-javascript | clean |
http://news.lent.az/media/js/add.js | 200 OK Content-Length: 1174 Content-Type: application/x-javascript | clean |
http://news.lent.az/media/plugins/swfobject.js | 200 OK Content-Length: 9712 Content-Type: application/x-javascript | clean |
http://news.lent.az/pay | 200 OK Content-Length: 127484 Content-Type: text/html | clean |
http://news.lent.az/category/37 | 200 OK Content-Length: 179127 Content-Type: text/html | clean |
http://news.lent.az/media/reklam/adriver.core.2.js | 200 OK Content-Length: 5913 Content-Type: application/x-javascript | clean |
http://news.lent.az/category/ | 404 Not Found Content-Length: 1655 Content-Type: text/html | clean |
http://news.lent.az/test404page.js | 404 Not Found Content-Length: 1655 Content-Type: text/html | clean |
http://news.lent.az/category/66 | 200 OK Content-Length: 192752 Content-Type: text/html | clean |
http://news.lent.az/category/38 | 200 OK Content-Length: 180279 Content-Type: text/html | clean |
http://news.lent.az/category/39 | 200 OK Content-Length: 178612 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: news.lent.az
Result:
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Mon, 13 Oct 2014 20:43:23 GMT
Pragma: no-cache
Server: nginx admin
Vary: Accept-Encoding
Content-Type: text/html
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Last-Modified: Mon, 13 Oct 2014 20:43:23 GMT
Set-Cookie: PHPSESSID=5965e48a7ec0ebe243a1f3359d94124b; path=/
X-Cache: HIT from Backend
X-Powered-By: PHP/5.5.1
GET / HTTP/1.1
Host: news.lent.az
Result:
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Mon, 13 Oct 2014 20:43:23 GMT
Pragma: no-cache
Server: nginx admin
Vary: Accept-Encoding
Content-Type: text/html
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Last-Modified: Mon, 13 Oct 2014 20:43:23 GMT
Set-Cookie: PHPSESSID=5965e48a7ec0ebe243a1f3359d94124b; path=/
X-Cache: HIT from Backend
X-Powered-By: PHP/5.5.1
Second query (visit from search engine):
GET / HTTP/1.1
Host: news.lent.az
Referer: http://www.google.com/search?q=news.lent.az
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: news.lent.az
Referer: http://www.google.com/search?q=news.lent.az
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=news.lent.az
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://news.lent.az/
Result: news.lent.az is not infected or malware details are not published yet.
Result: news.lent.az is not infected or malware details are not published yet.