Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=pofigy.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://pofigy.com/
Result: The website is marked by Yandex as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Yandex as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
| Request | Server response | Status |
http://pofigy.com/ | 200 OK Content-Length: 74376 Content-Type: text/html | clean |
http://pofigy.com/templates/moya/js/global.js | 404 Not Found Content-Length: 493 Content-Type: text/html | clean |
http://pofigy.com/test404page.js | 404 Not Found Content-Length: 480 Content-Type: text/html | clean |
http://pofigy.com/engine/ajax/menu.js | 200 OK Content-Length: 3368 Content-Type: application/x-javascript | clean |
http://pofigy.com/engine/ajax/dle_ajax.js | 200 OK Content-Length: 5167 Content-Type: application/x-javascript | clean |
http://pofigy.com/engine/ajax/js_edit.js | 200 OK Content-Length: 7222 Content-Type: application/x-javascript | clean |
http://www.znews.su/user/905/pofigy.com_inf_1.php | 200 OK Content-Length: 6603 Content-Type: text/html | suspicious |
Page code contains blacklisted domain: pofigy.com var traff_style_photo = document.getElementById('pofigy.com_nas_1_xxx_news'); if(traff_style_photo)traff_style_photo.innerHTML='<center><table cellspacing=3 width=200px style="border: 0px solid #6D126A;"><tr><td align=center style="padding: 4px; border: 0px solid #6D126A;" valign=top ><a href=http://www.znews.su/go_slin.php?id=45615&sour=905 target=_blank><img src=http://www.znews.su/img/208304665051400672.jpg style= "width: 130px; border: 0px solid #6D126A; ...[7083 bytes skipped]... | ||
http://www.znews.su/go_slin.php?id=45615&sour=905 | HTTP/1.1 302 Found Connection: close Date: Wed, 26 Feb 2014 01:00:18 GMT Location: /go_news.php?id=905&news=45615 Server: nginx/1.1.19 Vary: Accept-Encoding Content-Length: 0 Content-Type: text/html X-Powered-By: PHP/5.3.10-1ubuntu3.7 | clean |
http://www.znews.su/go_news.php?id=905&news=45615 | 200 OK Content-Length: 91108 Content-Type: text/html | suspicious |
Page code contains blacklisted domain: v2mlred.com ...[3942 bytes skipped]... ans-serif; font-size: 16px; text-decoration: underline; text-align: left; } .text a { padding: 0px 3px; color: #FF981F; } .pager { text-align: center; padding: 5px; } .pager a, .pager strong { color: #6D126A; padding: 0px 3px; } </style> </head><body> <script type="text/javascript" src="http://v2mlred.com/?acc=20430&waponly=yes&zona=13433&landing=xcust"></script> <table width="100%" cellspacing=0 cellpadding=0 border=0 bgcolor="#ef3c25"> <tr> <td width="0%" style="border-bottom:1px solid #FFFFFF";><a href="http://www.znews.su"><img src="img/znews.png" width="196" height="38" border="0" alt="ñèñòåìà îáìåíà íîâîñòåé"></a></td> <td width="0%" style="padding-left:25px;border-bottom:1px solid #FFFFFF;white- ...[103595 bytes skipped]... | ||
http://v2mlred.com/?acc=20430&waponly=yes&zona=13433&landing=xcust | 200 OK Content-Length: 0 Content-Type: text/html | clean |
http://www.znews.su/user/1787/znews.su_inf_2.php | 200 OK Content-Length: 1950 Content-Type: text/html | clean |
http://www.znews.su/go_news.php?id=1787&news=42688&no_x=1 | 200 OK Content-Length: 86115 Content-Type: text/html | suspicious |
Page code contains blacklisted domain: v2mlred.com ...[3942 bytes skipped]... ans-serif; font-size: 16px; text-decoration: underline; text-align: left; } .text a { padding: 0px 3px; color: #FF981F; } .pager { text-align: center; padding: 5px; } .pager a, .pager strong { color: #6D126A; padding: 0px 3px; } </style> </head><body> <script type="text/javascript" src="http://v2mlred.com/?acc=20430&waponly=yes&zona=13433&landing=xcust"></script> <table width="100%" cellspacing=0 cellpadding=0 border=0 bgcolor="#ef3c25"> <tr> <td width="0%" style="border-bottom:1px solid #FFFFFF";><a href="http://www.znews.su"><img src="img/znews.png" width="196" height="38" border="0" alt="ñèñòåìà îáìåíà íîâîñòåé"></a></td> <td width="0%" style="padding-left:25px;border-bottom:1px solid #FFFFFF;white- ...[97694 bytes skipped]... | ||
http://gredinatib.org/viewt.js | 200 OK Content-Length: 20199 Content-Type: application/x-javascript | clean |
http://morenews3.net/viewt.js | 200 OK Content-Length: 20199 Content-Type: application/x-javascript | clean |
http://korenizvosmi.net/viewt.js | 200 OK Content-Length: 20199 Content-Type: application/x-javascript | clean |
http://www.znews.su/user/1787/znews.su_inf_4.php | 200 OK Content-Length: 9729 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: pofigy.com
Result:
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Wed, 26 Feb 2014 01:00:16 GMT
Pragma: no-cache
Server: nginx/1.0.15
Vary: Accept-Encoding,User-Agent
Content-Type: text/html
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Last-Modified: Tue, 25 Feb 2014 19:00:16 +0400 GMT
Set-Cookie: PHPSESSID=475e91ejbvf84td8r2d3j44mg1; path=/
Set-Cookie: dle_user_id=deleted; expires=Tue, 26-Feb-2013 01:00:14 GMT; path=/; domain=.pofigy.com; httponly
Set-Cookie: dle_password=deleted; expires=Tue, 26-Feb-2013 01:00:14 GMT; path=/; domain=.pofigy.com; httponly
Set-Cookie: dle_hash=deleted; expires=Tue, 26-Feb-2013 01:00:14 GMT; path=/; domain=.pofigy.com; httponly
X-Frame-Options: SAMEORIGIN
GET / HTTP/1.1
Host: pofigy.com
Result:
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Wed, 26 Feb 2014 01:00:16 GMT
Pragma: no-cache
Server: nginx/1.0.15
Vary: Accept-Encoding,User-Agent
Content-Type: text/html
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Last-Modified: Tue, 25 Feb 2014 19:00:16 +0400 GMT
Set-Cookie: PHPSESSID=475e91ejbvf84td8r2d3j44mg1; path=/
Set-Cookie: dle_user_id=deleted; expires=Tue, 26-Feb-2013 01:00:14 GMT; path=/; domain=.pofigy.com; httponly
Set-Cookie: dle_password=deleted; expires=Tue, 26-Feb-2013 01:00:14 GMT; path=/; domain=.pofigy.com; httponly
Set-Cookie: dle_hash=deleted; expires=Tue, 26-Feb-2013 01:00:14 GMT; path=/; domain=.pofigy.com; httponly
X-Frame-Options: SAMEORIGIN
Second query (visit from search engine):
GET / HTTP/1.1
Host: pofigy.com
Referer: http://www.google.com/search?q=pofigy.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: pofigy.com
Referer: http://www.google.com/search?q=pofigy.com
Result:
The result is similar to the first query. There are no suspicious redirects found.