Scanned pages/files
Request | Server response | Status |
http://rulove.net.ru/ | 200 OK Content-Length: 77366 Content-Type: text/html | suspicious |
Suspicious code found <div class="footer"> <div class="wrap"> <div class="copy fl mt23"> Создание и поддеÑжка Loveplanet.ru. ÐÑего полÑзоваÑелей: <b><a href="/a-search/d-1/" class="blue_bm">15,671,658</a></b>, новÑÑ : <b><a href="/a-search/d-1/newface-1/" class="blue_bm">9,153</a></b>, онлайн: <b><a href="/a-search/d-1/on escape(document.referrer)+((typeof(screen)=="undefined")?"": ";s"+screen.width+"*"+screen.height+"*"+(screen.colorDepth? screen.colorDepth:screen.pixelDepth))+";u"+escape(document.URL)+ ";"+Math.random()+ "' alt='' title='LiveInternet' "+ "border=0 width=31 height=31><\/a>")//--></script><!--/LiveInternet--></noindex> <br/> br/ </div> </div> </div> | ||
http://css.loveplanet.ru/3/imgstc/lp14/main.js | 200 OK Content-Length: 12031 Content-Type: application/x-javascript | clean |
http://css.loveplanet.ru/3/imgstc/lp14/v1.js | 200 OK Content-Length: 4441 Content-Type: application/x-javascript | clean |
http://css.loveplanet.ru/3/imgstc/fw_slideshow2.js | 200 OK Content-Length: 3078 Content-Type: application/x-javascript | clean |
http://css.loveplanet.ru/3/imgstc/swfobject.js | 200 OK Content-Length: 10220 Content-Type: application/x-javascript | clean |
http://css.loveplanet.ru/3/imgstc/exchange_v1d.js?73 | 200 OK Content-Length: 53020 Content-Type: application/x-javascript | clean |
http://css.loveplanet.ru/3/imgstc/lp14/count_rules.js | 200 OK Content-Length: 3069 Content-Type: application/x-javascript | clean |
http://css.loveplanet.ru/3/imgstc/xforms/js/lpjl-core.min.js | 200 OK Content-Length: 16042 Content-Type: application/x-javascript | clean |
http://css.loveplanet.ru/3/imgstc/xforms/js/lpjl-ui.js | 200 OK Content-Length: 104560 Content-Type: application/x-javascript | clean |
http://css.loveplanet.ru/3/imgstc/criteo.js | 200 OK Content-Length: 1121 Content-Type: application/x-javascript | clean |
http://css.loveplanet.ru/3/imgstc/xforms/js/ui/tags-search-control.js | 200 OK Content-Length: 22573 Content-Type: application/x-javascript | clean |
http://css.loveplanet.ru/3/imgstc/lp14/lpjl-code.js | 200 OK Content-Length: 571 Content-Type: application/x-javascript | clean |
http://css.loveplanet.ru/3/imgstc/xforms/js/ui/placeholder.min.js | 200 OK Content-Length: 438 Content-Type: application/x-javascript | clean |
http://rulove.net.ru/a-register/ | 200 OK Content-Length: 25412 Content-Type: text/html | suspicious |
Suspicious code found <div class="head"> <div class="wrap"> <div class="logo_box fl"> <img src="http://pustoty.net/logo_l.jpg" border=0 alt="ÐеÑплаÑнÑе ÐнакомÑÑва" title="ÐнакомÑÑва"> </div> <img src="http://engine.mediamir.medialand.ru/code?pid=3025&gid=332&gbo=on&rid=1351768232" width="1" height="1" class="p_abs"> <div class="fr mt15 bt_top_form"> <div class="bg_white rds5 fr"><a href="/a-logon" class="gbut_grd_blue gnl_but30 w90"><div>ÐойÑи</div></a></div> <div class="cb"></div> </div> <div class="cb"></div> <img src="http://engine.mediamir.medialand.ru/code?pid=3090&gid=332&gbo=on&rid=1361966280" width="1" height="1" class="p_abs"> </div> </div> | ||
http://css.loveplanet.ru/3/imgstc/xforms/js/registr/lpnew-registr.js | 200 OK Content-Length: 3983 Content-Type: application/x-javascript | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: rulove.net.ru
Result:
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Sat, 18 Apr 2015 07:29:19 GMT
Server: nginx
Content-Type: text/html; charset=utf-8
Expires: Sat, 18 Apr 2015 07:29:19 GMT
Last-Modified: Sat, 18 Apr 2015 07:29:19 GMT
Set-Cookie: split=1%2C11%2C0%3B2%2C10%2C0%3B3%2C10%2C0%3B4%2C8%2C0%3B5%2C4%2C0%3B6%2C5%2C0%3B7%2C7%2C0%3B8%2C6%2C0; path=/; expires=Mon, 18-May-2015 07:29:19 GMT; domain=.rulove.net.ru
Set-Cookie: domhit1=1429304400; path=/; expires=Mon, 20-Apr-2015 07:29:19 GMT; domain=.rulove.net.ru
Set-Cookie: fvisit=1429342159%3B439068; path=/; expires=Sun, 17-Apr-2016 07:29:19 GMT; domain=.rulove.net.ru
Set-Cookie: landing_raw=aHR0cDovL3J1bG92ZS5uZXQucnUvaW5kZXguaHRtbA%3D%3D; path=/; expires=Sun, 19-Apr-2015 07:29:19 GMT; domain=.rulove.net.ru
GET / HTTP/1.1
Host: rulove.net.ru
Result:
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Sat, 18 Apr 2015 07:29:19 GMT
Server: nginx
Content-Type: text/html; charset=utf-8
Expires: Sat, 18 Apr 2015 07:29:19 GMT
Last-Modified: Sat, 18 Apr 2015 07:29:19 GMT
Set-Cookie: split=1%2C11%2C0%3B2%2C10%2C0%3B3%2C10%2C0%3B4%2C8%2C0%3B5%2C4%2C0%3B6%2C5%2C0%3B7%2C7%2C0%3B8%2C6%2C0; path=/; expires=Mon, 18-May-2015 07:29:19 GMT; domain=.rulove.net.ru
Set-Cookie: domhit1=1429304400; path=/; expires=Mon, 20-Apr-2015 07:29:19 GMT; domain=.rulove.net.ru
Set-Cookie: fvisit=1429342159%3B439068; path=/; expires=Sun, 17-Apr-2016 07:29:19 GMT; domain=.rulove.net.ru
Set-Cookie: landing_raw=aHR0cDovL3J1bG92ZS5uZXQucnUvaW5kZXguaHRtbA%3D%3D; path=/; expires=Sun, 19-Apr-2015 07:29:19 GMT; domain=.rulove.net.ru
Second query (visit from search engine):
GET / HTTP/1.1
Host: rulove.net.ru
Referer: http://www.google.com/search?q=rulove.net.ru
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: rulove.net.ru
Referer: http://www.google.com/search?q=rulove.net.ru
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=rulove.net.ru
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://rulove.net.ru/
Result: rulove.net.ru is not infected or malware details are not published yet.
Result: rulove.net.ru is not infected or malware details are not published yet.