Scanned pages/files
| Request | Server response | Status |
http://sex.weprik.ru/ | 200 OK Content-Length: 7615 Content-Type: text/html | suspicious |
Hidden iFrame found. style: hidden src: http://weprik.ru/sss.php <iframe src="http://weprik.ru/sss.php" style="display: none"> | ||
http://sex.weprik.ru/rek/go.php | HTTP/1.1 302 Found Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Connection: close Date: Tue, 08 Apr 2014 10:45:48 GMT Pragma: no-cache Location: http://rosban.su/36601.go?p Server: nginx Content-Length: 0 Content-Type: text/html; charset=UTF-8 Expires: Thu, 19 Nov 1981 08:52:00 GMT Set-Cookie: PHPSESSID=5f9amag8ppmobsfugehlbqg7a6; path=/ X-Powered-By: PHP/5.3.3 | clean |
http://rosban.su/36601.go?p | HTTP/1.1 302 Found Connection: close Date: Tue, 08 Apr 2014 10:46:15 GMT Location: http://rosban.su Server: nginx/0.6.32 Vary: Accept-Encoding Content-Length: 0 Content-Type: text/html; charset=WINDOWS-1251 X-Powered-By: PHP/5.2.14-0.dotdeb.0 | clean |
http://rosban.su/ | 200 OK Content-Length: 4592 Content-Type: text/html | clean |
http://rosban.su/news.xhtml/ | 200 OK Content-Length: 7536 Content-Type: text/html | clean |
http://rosban.su/news.xhtml/anonymous/comment/57/ | 200 OK Content-Length: 4021 Content-Type: text/html | clean |
http://rosban.su/news.xhtml/anonymous/ | 200 OK Content-Length: 7535 Content-Type: text/html | clean |
http://rosban.su/news.xhtml/anonymous/comment/56/ | 200 OK Content-Length: 3728 Content-Type: text/html | clean |
http://rosban.su/index.xhtml/ | 200 OK Content-Length: 4553 Content-Type: text/html | clean |
http://rosban.su/rules.xhtml/registration/ | 200 OK Content-Length: 13280 Content-Type: text/html | clean |
http://rosban.su/registration.xhtml/ | 200 OK Content-Length: 3889 Content-Type: text/html | clean |
http://rosban.su/test404page.js | 200 OK Content-Length: 4580 Content-Type: text/html | clean |
http://rosban.su/forgot.xhtml/ | 200 OK Content-Length: 3263 Content-Type: text/html | clean |
http://rosban.su/top.xhtml/sites/all/ | 200 OK Content-Length: 3957 Content-Type: text/html | clean |
http://rosban.su/top.xhtml/page/10/ | 200 OK Content-Length: 3976 Content-Type: text/html | suspicious |
Page code contains blacklisted domain: mobkiss.ru ...[2782 bytes skipped]... ap-z.net'>http://wap-z.net</a><br /> 22519 / 678 / 3.01%<br /> <br /> 13. ID = 15277, URL: <a href='http://mox.su'>http://mox.su</a><br /> 22421 / 678 / 3.02%<br /> <br /> 14. ID = 21829, URL: <a href='http://xxxjest.ru'>http://xxxjest.ru</a><br /> 22387 / 679 / 3.03%<br /> <br /> 15. ID = 38859, URL: <a href='http://mobkiss.ru'>http://mobkiss.ru</a><br /> 22245 / 670 / 3.01%<br /> <br /> 16. ID = 15017, URL: <a href='http://naxxx.ru'>http://naxxx.ru</a><br /> 21907 / 663 / 3.03%<br /> <br /> 17. ID = 10221, URL: <a href='http://weu.su/?rosban'>http://weu.su/?rosban</a><br /> 21334 / 642 / 3.01%<br /> <br /> 18. ID = 18333, URL: <a href='http://wapbox.net/'>http://wapbox.net/</ ...[1322 bytes skipped]... | ||
http://rosban.su/top.xhtml/page/20/ | 200 OK Content-Length: 3976 Content-Type: text/html | suspicious |
Page code contains blacklisted domain: 2ih.ru ...[2186 bytes skipped]... -collapse: collapse; padding: 0px; } th { font-weight: bold } </style> </head> <body> <div class='logo'><img src='/style/img/logo.png' alt='' /></div><div class='title'>РейÑинг ÑÑаÑÑников</div> <div class='content'> <!-- Developed by SportSoft --> <div class='left'><div class='block'>21. ID = 43376, URL: <a href='http://2ih.ru'>http://2ih.ru</a><br /> 19544 / 601 / 3.08%<br /> <br /> 22. ID = 39965, URL: <a href='http://uzbsex.ru'>http://uzbsex.ru</a><br /> 19130 / 587 / 3.07%<br /> <br /> 23. ID = 42259, URL: <a href='http://18letnie.ru'>http://18letnie.ru</a><br /> 17637 / 566 / 3.21%<br /> <br /> 24. ID = 9807, URL: <a href='http://load.friwap.ru'>http://load.friwap.ru</a> ...[1918 bytes skipped]... | ||
http://rosban.su/top.xhtml/page/30/ | 200 OK Content-Length: 3960 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: sex.weprik.ru
Result:
HTTP/1.1 200 OK
Connection: close
Date: Tue, 08 Apr 2014 10:45:48 GMT
Server: nginx
Content-Length: 7615
Content-Type: text/html; charset=UTF-8
X-Powered-By: PHP/5.3.3
...7615 bytes of data.
GET / HTTP/1.1
Host: sex.weprik.ru
Result:
HTTP/1.1 200 OK
Connection: close
Date: Tue, 08 Apr 2014 10:45:48 GMT
Server: nginx
Content-Length: 7615
Content-Type: text/html; charset=UTF-8
X-Powered-By: PHP/5.3.3
...7615 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: sex.weprik.ru
Referer: http://www.google.com/search?q=sex.weprik.ru
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: sex.weprik.ru
Referer: http://www.google.com/search?q=sex.weprik.ru
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=sex.weprik.ru
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://sex.weprik.ru/
Result: sex.weprik.ru is not infected or malware details are not published yet.
Result: sex.weprik.ru is not infected or malware details are not published yet.