Scanned pages/files
Request | Server response | Status |
http://virostit.ru/ | 200 OK Content-Length: 16455 Content-Type: text/html | clean |
http://virostit.ru/catalog.asp | 200 OK Content-Length: 48891 Content-Type: text/html | clean |
http://virostit.ru/runews.asp | 200 OK Content-Length: 16298 Content-Type: text/html | clean |
http://virostit.ru/rss/news.js.php? | 200 OK Content-Length: 863 Content-Type: text/html | clean |
http://virostit.ru/rss/'+news_page+'?stype=fulltext&limit=36 | 404 Not Found Content-Length: 5288 Content-Type: text/html | clean |
http://virostit.ru/test404page.js | 404 Not Found Content-Length: 5181 Content-Type: text/html | clean |
http://virostit.ru/rss/'+news_page+'?stype=fulltext&limit=9 | 404 Not Found Content-Length: 5287 Content-Type: text/html | clean |
http://virostit.ru/catalog/top.asp | 200 OK Content-Length: 21959 Content-Type: text/html | clean |
http://virostit.ru/notice.asp | 200 OK Content-Length: 35323 Content-Type: text/html | suspicious |
Deface/Content modification. The following signature was found: Ïåðåéòè ê ðàçäåëó Hacked By bejo6 ...[17172 bytes skipped]... </td> </tr> <tr> <td class="text" align="left"> <table border="0" cellpadding="0" cellspacing="0"> <tr> <td class="text"><img src="../images/dot.gif" width="10" height="1" alt="" border="0"></td> <td class="text"><a href="notice.asp?groupID=1&parentGroupID=0" title="Ïåðåéòè ê ðàçäåëó Hacked By bejo6">Hacked By bejo6</a></td> </tr> </table> <table border="0" cellpadding="0" cellspacing="0"> <tr> <td class="text"><img src="../images/dot.gif" width="10" height="1" alt="" border="0"></td> <td class="text"><a href="notice.asp?groupID=2&parentGroupID=0" title="Ïåðåéòè ê ðàçäåëó Hacked By bejo6">Hacked By bejo6</a></td> ...[28400 bytes skipped]... | ||
http://virostit.ru/forum/ | 200 OK Content-Length: 17183 Content-Type: text/html | clean |
http://virostit.ru/printed.asp | 200 OK Content-Length: 15904 Content-Type: text/html | clean |
http://virostit.ru/provider.asp | 200 OK Content-Length: 19749 Content-Type: text/html | clean |
http://virostit.ru/similar.asp | 200 OK Content-Length: 16899 Content-Type: text/html | clean |
http://virostit.ru/partner.asp | 200 OK Content-Length: 15653 Content-Type: text/html | clean |
http://virostit.ru/sendlink.asp | 200 OK Content-Length: 17778 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: virostit.ru
Result:
HTTP/1.1 200 OK
Cache-Control: private
Date: Fri, 18 Jul 2014 06:48:21 GMT
Server: Microsoft-IIS/7.0
Content-Length: 16455
Content-Type: text/html
Expires: Fri, 18 Jul 2014 06:48:21 GMT
Set-Cookie: ASPSESSIONIDCSTTTDSB=FBGGJBKDIEJGHICICHPACJDC; path=/
X-Powered-By: ASP.NET
...16455 bytes of data.
GET / HTTP/1.1
Host: virostit.ru
Result:
HTTP/1.1 200 OK
Cache-Control: private
Date: Fri, 18 Jul 2014 06:48:21 GMT
Server: Microsoft-IIS/7.0
Content-Length: 16455
Content-Type: text/html
Expires: Fri, 18 Jul 2014 06:48:21 GMT
Set-Cookie: ASPSESSIONIDCSTTTDSB=FBGGJBKDIEJGHICICHPACJDC; path=/
X-Powered-By: ASP.NET
...16455 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: virostit.ru
Referer: http://www.google.com/search?q=virostit.ru
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: virostit.ru
Referer: http://www.google.com/search?q=virostit.ru
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=virostit.ru
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://virostit.ru/
Result: virostit.ru is not infected or malware details are not published yet.
Result: virostit.ru is not infected or malware details are not published yet.