Scanned pages/files
| Request | Server response | Status |
http://svechnoy-www.dayiphoto.com/ | 200 OK Content-Length: 48041 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) window._bd_share_config={"common":{"bdSnsKey":{},"bdText":"","bdMini":"2","bdMiniList":false,"bdPic":"","bdStyle":"2","bdSize":"16"},"slide":{"type":"slide","bdImg":"4","bdPos":"left","bdTop":"132.5"}};with(document)0[(getElementsByTagName('head')[0]||body).appendChild(createElement('script')).src='http://bdimg.share.baidu.com/static/api/js/share.js?v=89860593.js?cdnversion='+~(-new Date()/36e5)]; Antivirus reports:
| ||
http://www.dayiphoto.com/statics/front/v2/js/jquerys.tools.min.js | 200 OK Content-Length: 143041 Content-Type: application/x-javascript | clean |
http://www.dayiphoto.com/statics/js/wind.js | 200 OK Content-Length: 25721 Content-Type: application/x-javascript | clean |
http://www.dayiphoto.com/statics/front/v2/js/stickup/stickUp.min.js | 200 OK Content-Length: 2685 Content-Type: application/x-javascript | clean |
http://www.dayiphoto.com/statics/js/ajaxForm.js | 200 OK Content-Length: 38490 Content-Type: application/x-javascript | clean |
http://www.dayiphoto.com/statics/js/lazyload.js | 200 OK Content-Length: 1627 Content-Type: application/x-javascript | clean |
http://www.dayiphoto.com/statics/front/v1/js/d8.js | 200 OK Content-Length: 67930 Content-Type: application/x-javascript | clean |
http://www.dayiphoto.com/statics/front/wedding/site.js | 200 OK Content-Length: 4045 Content-Type: application/x-javascript | clean |
http://svechnoy-www.dayiphoto.com/test404page.js | 404 Not Found Content-Length: 599 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: svechnoy-www.dayiphoto.com
Result:
HTTP/1.1 200 OK
Cache-Control: private
Connection: close
Date: Sun, 06 Apr 2014 23:51:10 GMT
Pragma: no-cache
Server: kangle/3.3.7
Content-Type: text/html; charset=utf-8
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Set-Cookie: PHPSESSID=r20g7q6nuec55nru0u1cq0k5g7; path=/
X-Powered-By: FruiCMS
GET / HTTP/1.1
Host: svechnoy-www.dayiphoto.com
Result:
HTTP/1.1 200 OK
Cache-Control: private
Connection: close
Date: Sun, 06 Apr 2014 23:51:10 GMT
Pragma: no-cache
Server: kangle/3.3.7
Content-Type: text/html; charset=utf-8
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Set-Cookie: PHPSESSID=r20g7q6nuec55nru0u1cq0k5g7; path=/
X-Powered-By: FruiCMS
Second query (visit from search engine):
GET / HTTP/1.1
Host: svechnoy-www.dayiphoto.com
Referer: http://www.google.com/search?q=svechnoy-www.dayiphoto.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: svechnoy-www.dayiphoto.com
Referer: http://www.google.com/search?q=svechnoy-www.dayiphoto.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=svechnoy-www.dayiphoto.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://svechnoy-www.dayiphoto.com/
Result: svechnoy-www.dayiphoto.com is not infected or malware details are not published yet.
Result: svechnoy-www.dayiphoto.com is not infected or malware details are not published yet.