Scanned pages/files
| Request | Server response | Status |
http://www.renters.ru/ | 200 OK Content-Length: 9539 Content-Type: text/html | suspicious |
Deface/Content modification. The following signature was found: Hacked By XBaha Hacker <p>
<html> <title>Hacked By XBaha Hacker</title><embed src='https://www.youtube.com/v/0_-LGEa6iWw&autoplay=1' <head> </head> <script language=JavaScript> //Disable right click script var message = ""; /////////////////////////////////// function clickIE() { if (document.all) { (message); return false; } } function clickNS(e) { ...[10659 bytes skipped]... | ||
http://ajax.googleapis.com/ajax/libs/jquery/1.10.2/jquery.min.js | 200 OK Content-Length: 93100 Content-Type: text/javascript | clean |
https://ajax.googleapis.com/ajax/libs/jquery/1.6.1/jquery.min.js | 200 OK Content-Length: 91342 Content-Type: text/javascript | clean |
http://www.renters.ru//go.pub2srv.com/apu.php?zoneid=16780/ | HTTP/1.1 301 Moved Permanently Connection: close Date: Tue, 01 Dec 2015 19:09:32 GMT Location: http://www.arendavip.ru/ Server: Apache Content-Length: 349 Content-Type: text/html; charset=iso-8859-1 | clean |
http://www.arendavip.ru/ | 200 OK Content-Length: 114051 Content-Type: text/html | clean |
http://www.arendavip.ru/bitrix/cache/js/s1/realty/kernel_main/kernel_main.js?1439216116317528 | 200 OK Content-Length: 302632 Content-Type: application/x-javascript | clean |
http://www.renters.ru/bitrix/cache/js/s1/realty/template_aeadf48b36dac86a8a8a5925892bb637/template_aeadf48b36dac86a8a8a5925892bb637.js?14382400331154 | 404 Not Found Content-Length: 546 Content-Type: text/html | clean |
http://www.renters.ru/test404page.js | 404 Not Found Content-Length: 448 Content-Type: text/html | clean |
http://code.jquery.com/jquery-latest.min.js | 200 OK Content-Length: 95786 Content-Type: application/javascript | clean |
http://www.renters.ru/bitrix/templates/realty/js/jquery.fancybox-1.0.0.js | 404 Not Found Content-Length: 485 Content-Type: text/html | clean |
http://www.renters.ru/bitrix/templates/realty/js/jquery.idTabs.min.js | 404 Not Found Content-Length: 481 Content-Type: text/html | clean |
http://www.renters.ru/bitrix/templates/realty/js/jquery.autocomplete.js | 404 Not Found Content-Length: 483 Content-Type: text/html | clean |
http://www.renters.ru/callme/js/callme.js | 404 Not Found Content-Length: 453 Content-Type: text/html | clean |
http://www.renters.ru/scrollup/scrollup.js | 404 Not Found Content-Length: 454 Content-Type: text/html | clean |
http://www.renters.ru/bukvus/bukvus.js | 404 Not Found Content-Length: 450 Content-Type: text/html | clean |
http://www.renters.ru//1phads.com/notice.php?p=16781&interactive=1&pushup=1/ | HTTP/1.1 301 Moved Permanently Connection: close Date: Tue, 01 Dec 2015 19:09:34 GMT Location: http://www.arendavip.ru/ Server: Apache Content-Length: 349 Content-Type: text/html; charset=iso-8859-1 | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: renters.ru
Result:
GET / HTTP/1.1
Host: renters.ru
Result:
Second query (visit from search engine):
GET / HTTP/1.1
Host: renters.ru
Referer: http://www.google.com/search?q=renters.ru
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: renters.ru
Referer: http://www.google.com/search?q=renters.ru
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=renters.ru
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://renters.ru/
Result: renters.ru is not infected or malware details are not published yet.
Result: renters.ru is not infected or malware details are not published yet.