Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=shop.xmodus.eu
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://shop.xmodus.eu/
Result: The website is marked by Yandex as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Yandex as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://shop.xmodus.eu/ | 200 OK Content-Length: 25474 Content-Type: text/html | suspicious |
Page code contains blacklisted domain: request.xmodus.eu <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en"> <head> <meta name="robots" content="noindex,follow" /> <meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1" /> <meta name="generator" content="vBulletin 3.8.4" /> <meta name="ke ...[4071 bytes skipped]... | ||
http://shop.xmodus.eu/clientscript/yui/yahoo-dom-event/yahoo-dom-event.js?v=384 | 200 OK Content-Length: 36628 Content-Type: application/javascript | clean |
http://shop.xmodus.eu/clientscript/yui/connection/connection-min.js?v=384 | 200 OK Content-Length: 11604 Content-Type: application/javascript | clean |
http://shop.xmodus.eu/clientscript/vbulletin_global.js?v=384 | 200 OK Content-Length: 26013 Content-Type: application/javascript | clean |
http://shop.xmodus.eu/clientscript/vbulletin_menu.js?v=384 | 200 OK Content-Length: 9426 Content-Type: application/javascript | clean |
http://shop.xmodus.eu/clientscript/vbulletin_md5.js?v=384 | 200 OK Content-Length: 5464 Content-Type: application/javascript | clean |
https://livedesk.zoho.com/xmodus/float.ls?embedname=xmodus | HTTP/1.1 301 Moved Permanently Connection: close Date: Fri, 03 Oct 2014 19:34:30 GMT Location: https://salesiq.zoho.com/xmodus/float.ls?embedname=xmodus Server: ZGS Content-Length: 150 Content-Type: text/html | clean |
https://salesiq.zoho.com/xmodus/float.ls?embedname=xmodus | 200 OK Content-Length: 21855 Content-Type: text/javascript | clean |
http://shop.xmodus.eu/register.php?s=3eadcca10e56a5759626cf178e41a04e | 200 OK Content-Length: 25087 Content-Type: text/html | suspicious |
Page code contains blacklisted domain: request.xmodus.eu <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en"> <head> <meta name="robots" content="noindex,follow" /> <meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1" /> <meta name="generator" content="vBulletin 3.8.4" /> <meta name="ke ...[4107 bytes skipped]... | ||
http://shop.xmodus.eu/index.php?s=3eadcca10e56a5759626cf178e41a04e | 200 OK Content-Length: 25521 Content-Type: text/html | suspicious |
Page code contains blacklisted domain: request.xmodus.eu <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en"> <head> <meta name="robots" content="noindex,follow" /> <meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1" /> <meta name="generator" content="vBulletin 3.8.4" /> <meta name="ke ...[4074 bytes skipped]... | ||
http://shop.xmodus.eu/login.php?do=lostpw | 200 OK Content-Length: 34042 Content-Type: text/html | suspicious |
Page code contains blacklisted domain: request.xmodus.eu <script type="text/javascript" language="javascript" src="http://xmodus.eu//images/avault/style/library.js" ></script><!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en"> <head> <meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1" /> <meta name=" ...[4081 bytes skipped]... | ||
http://xmodus.eu//images/avault/style/library.js/ | 404 Not Found Content-Length: 2499 Content-Type: text/html | clean |
http://xmodus.eu/test404page.js | 404 Not Found Content-Length: 2499 Content-Type: text/html | clean |
http://shop.xmodus.eu/register.php | 200 OK Content-Length: 25137 Content-Type: text/html | suspicious |
Page code contains blacklisted domain: request.xmodus.eu <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en"> <head> <meta name="robots" content="noindex,follow" /> <meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1" /> <meta name="generator" content="vBulletin 3.8.4" /> <meta name="ke ...[4078 bytes skipped]... | ||
http://shop.xmodus.eu/register.php?nojs=1 | 200 OK Content-Length: 21908 Content-Type: text/html | suspicious |
Page code contains blacklisted domain: request.xmodus.eu <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en"> <head> <meta name="robots" content="noindex,follow" /> <meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1" /> <meta name="generator" content="vBulletin 3.8.4" /> <meta name="ke ...[4078 bytes skipped]... | ||
http://shop.xmodus.eu/memberindex.php?s=3eadcca10e56a5759626cf178e41a04e | 200 OK Content-Length: 25101 Content-Type: text/html | suspicious |
Page code contains blacklisted domain: request.xmodus.eu <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en"> <head> <meta name="robots" content="noindex,follow" /> <meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1" /> <meta name="generator" content="vBulletin 3.8.4" /> <meta name="ke ...[4107 bytes skipped]... |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: shop.xmodus.eu
Result:
HTTP/1.1 200 OK
Cache-Control: private
Connection: close
Date: Fri, 03 Oct 2014 19:34:26 GMT
Pragma: private
Server: nginx/1.4.1
Content-Type: text/html; charset=ISO-8859-1
Set-Cookie: bblastvisit=1412364866; expires=Sat, 03-Oct-2015 19:34:26 GMT; path=/
Set-Cookie: bblastactivity=0; expires=Sat, 03-Oct-2015 19:34:26 GMT; path=/
Set-Cookie: vbet_sessionUsed=1; path=/
X-Powered-By: PHP/5.2.17
X-UA-Compatible: IE=7
GET / HTTP/1.1
Host: shop.xmodus.eu
Result:
HTTP/1.1 200 OK
Cache-Control: private
Connection: close
Date: Fri, 03 Oct 2014 19:34:26 GMT
Pragma: private
Server: nginx/1.4.1
Content-Type: text/html; charset=ISO-8859-1
Set-Cookie: bblastvisit=1412364866; expires=Sat, 03-Oct-2015 19:34:26 GMT; path=/
Set-Cookie: bblastactivity=0; expires=Sat, 03-Oct-2015 19:34:26 GMT; path=/
Set-Cookie: vbet_sessionUsed=1; path=/
X-Powered-By: PHP/5.2.17
X-UA-Compatible: IE=7
Second query (visit from search engine):
GET / HTTP/1.1
Host: shop.xmodus.eu
Referer: http://www.google.com/search?q=shop.xmodus.eu
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: shop.xmodus.eu
Referer: http://www.google.com/search?q=shop.xmodus.eu
Result:
The result is similar to the first query. There are no suspicious redirects found.