Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=vnexpress.net
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://vnexpress.net/
Result: The website is marked by Yandex as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Yandex as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
| Request | Server response | Status |
http://vnexpress.net/ | 500 timeout Content-Length: 30 Content-Type: text/plain | clean |
http://vnexpress.net/test404page.js | HTTP/1.1 302 Moved Temporarily Connection: close Date: Sun, 08 Mar 2015 13:44:20 GMT Location: /error3.html Server: Fengine/1.5.2 Server: web_141.171 Content-Type: text/html Set-Cookie: device_env=4; expires=Sun, 15-Mar-2015 13:44:20 GMT; path=/; domain=vnexpress.net | clean |
http://vnexpress.net/error3.html | 200 OK Content-Length: 8432 Content-Type: text/html | malicious |
Malicious code found. Script contains blacklisted domain: interactions.vnexpress.net var interactions_url = 'http://interactions.vnexpress.net'; var base_url = 'http://vnexpress.net'; var css_url = 'http://st.f3.vnecdn.net/responsive/c/v2'; var js_url = 'http://st.f2.vnecdn.net/responsive/j/v2'; var flash_url = 'http://st.f4.vnecdn.net/responsive/f/v2'; var img_url = 'http://st.f1.vnecdn.net/responsive/i/v2'; var image_cloud = 'http://l.f29.img.vnecdn.net'; var PageHot = 0; var device_env = 2; var site_id = 1000000; var SITE_ID = 1000000; var PAGE_FOLDER = 1001005; var PAGE_DETAIL = 0 | ||
http://st.f4.vnecdn.net/responsive/libs/jquery-1.7.1.min.js | 200 OK Content-Length: 2340 Content-Type: application/x-javascript | clean |
http://st.polyad.net/library/2014/VneShowAds.js | 500 timeout Content-Length: 30 Content-Type: text/plain | clean |
http://st.polyad.net/test404page.js | 502 Bad Gateway Content-Length: 568 Content-Type: text/html | clean |
http://st.polyad.net/library/2014/vneads.js | 200 OK Content-Length: 9764 Content-Type: application/x-javascript | clean |
http://st.f2.vnecdn.net/responsive/j/v2/utils/utils.js | 500 timeout Content-Length: 30 Content-Type: text/plain | clean |
http://st.f2.vnecdn.net/responsive/j/v2/utils/crawler.js | 500 timeout Content-Length: 30 Content-Type: text/plain | clean |
http://st.f2.vnecdn.net/responsive/j/v2/interactions/parser_v2.js | 200 OK Content-Length: 881 Content-Type: application/x-javascript | suspicious |
Page code contains blacklisted domain: vnexpress.net function parserOldVideo(){if(!$(".vne_video").length){return false}var e=[];$.each($(".vne_video"),function(t,n){e.push($.trim($(this).text()))});if(e.length){$.get("http://vnexpress.net/video/parseoldvideo",{arrVideo:e}).done(function(e){e=$.parseJSON(e);$.each($(".vne_video"),function(t,n){var r=$.trim($(this).text());if(typeof e[r]!="undefined"&&typeof r!="undefined"){$html='<div style="display:none;" data-component-typevideo="1" data-component-value="'+e[r]+'" data-component-type="video" data-component="true" id="video-'+e[r]+'"></div>';$(this).replaceWith($html)}});if(typeof Parser!="undefined"){P ...[278 bytes skipped]... | ||
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: vnexpress.net
Result:
HTTP/1.1 500 timeout
Content-Type: text/plain
GET / HTTP/1.1
Host: vnexpress.net
Result:
HTTP/1.1 500 timeout
Content-Type: text/plain
Second query (visit from search engine):
GET / HTTP/1.1
Host: vnexpress.net
Referer: http://www.google.com/search?q=vnexpress.net
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: vnexpress.net
Referer: http://www.google.com/search?q=vnexpress.net
Result:
The result is similar to the first query. There are no suspicious redirects found.