Scanned pages/files
Request | Server response | Status |
http://scripting.do.am/ | 200 OK Content-Length: 35901 Content-Type: text/html | clean |
http://s103.ucoz.net/src/jquery-1.7.2.js | 200 OK Content-Length: 94840 Content-Type: text/javascript | clean |
http://s103.ucoz.net/src/ulightbox/ulightbox.js | 200 OK Content-Length: 22097 Content-Type: text/javascript | clean |
http://s103.ucoz.net/src/uwnd.js?2 | 200 OK Content-Length: 228554 Content-Type: text/javascript | clean |
http://scripting.do.am/forum_hide.js | 200 OK Content-Length: 1122 Content-Type: text/javascript | clean |
http://scripting.do.am/mini-chat/jquery.tabSlideOut.v1.2.js | 200 OK Content-Length: 9188 Content-Type: text/javascript | clean |
http://scripting.do.am/register | 200 OK Content-Length: 20391 Content-Type: text/html | clean |
http://scripting.do.am/test404page.js | 404 Not Found Content-Length: 6869 Content-Type: text/html | clean |
http://scripting.do.am/forum/0-0-0-36 | 200 OK Content-Length: 25207 Content-Type: text/html | clean |
http://scripting.do.am/forum/0-0-0-6 | 200 OK Content-Length: 20522 Content-Type: text/html | clean |
http://scripting.do.am/forum/0-0-1-35 | 200 OK Content-Length: 31124 Content-Type: text/html | clean |
http://scripting.do.am/forum/0-0-1-34 | 200 OK Content-Length: 71023 Content-Type: text/html | clean |
http://scripting.do.am/forum/ | HTTP/1.1 301 Moved Permanently Cache-Control: private Connection: close Date: Fri, 17 Apr 2015 14:22:23 GMT Location: http://scripting.do.am Server: uServ/3.2.2 Content-Type: application/octet-stream Set-Cookie: 8scriptinguCoz=; path=/; expires=Wed, 17-Apr-2013 14:22:24 GMT; domain=.scripting.do.am; | clean |
http://scripting.do.am/forum/6-118-1 | 200 OK Content-Length: 32668 Content-Type: text/html | suspicious |
Suspicious code found <div class="bbCodeBlock"><div class="bbCodeName" style="padding-left:5px;font-weight:bold;font-size:7pt">Ðод</div><div class="codeMessage" style="border:1px inset;max-height:200px;overflow:auto;height:expression(this.scrollHeight<5?this.style.height:scrollHeight>200?'200px':''+(this.scrollHeight+5)+'px');"><!--uzc--><script type="text/javascript" src="http://bambun.ru/css_js/tooltip.js"></script> <br /> <script> <br /> $(document).ready(function(){$("a").easyTooltip()});$(document).ready(function(){$("img").easyTooltip()}); <br /> </script> <!--/uzc--></div></div> | ||
http://scripting.do.am/forum/4 | 200 OK Content-Length: 25990 Content-Type: text/html | clean |
http://scripting.do.am/forum/5 | 200 OK Content-Length: 36831 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: scripting.do.am
Result:
HTTP/1.1 200 OK
Connection: close
Date: Fri, 17 Apr 2015 14:22:13 GMT
Server: uServ/3.2.2
Content-Length: 35901
Content-Type: text/html; charset=UTF-8
...35901 bytes of data.
GET / HTTP/1.1
Host: scripting.do.am
Result:
HTTP/1.1 200 OK
Connection: close
Date: Fri, 17 Apr 2015 14:22:13 GMT
Server: uServ/3.2.2
Content-Length: 35901
Content-Type: text/html; charset=UTF-8
...35901 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: scripting.do.am
Referer: http://www.google.com/search?q=scripting.do.am
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: scripting.do.am
Referer: http://www.google.com/search?q=scripting.do.am
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=scripting.do.am
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://scripting.do.am/
Result: scripting.do.am is not infected or malware details are not published yet.
Result: scripting.do.am is not infected or malware details are not published yet.