Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=vvd.by
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://vvd.by/
Result: The website is marked by Yandex as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Yandex as suspicious. - visiting this web site may harm your computer.
Details are available here.
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: vvd.by
Result:
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Sat, 06 Sep 2014 03:33:23 GMT
Pragma: no-cache
Server: nginx
Content-Type: text/html; charset=utf-8
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Sat, 06 Sep 2014 03:33:23 GMT
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Set-Cookie: PHPSESSID=ibchn5dhs1qpcdphtrlsiub5n6; path=/
Set-Cookie: 7fa6f813d251f16bccc4f24b031d6099=9em7pb4pk8tj79vvtnrqglab95; path=/
X-Powered-By: PHP/5.2.17
X-UA-Compatible: IE=EmulateIE7
GET / HTTP/1.1
Host: vvd.by
Result:
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Sat, 06 Sep 2014 03:33:23 GMT
Pragma: no-cache
Server: nginx
Content-Type: text/html; charset=utf-8
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Sat, 06 Sep 2014 03:33:23 GMT
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Set-Cookie: PHPSESSID=ibchn5dhs1qpcdphtrlsiub5n6; path=/
Set-Cookie: 7fa6f813d251f16bccc4f24b031d6099=9em7pb4pk8tj79vvtnrqglab95; path=/
X-Powered-By: PHP/5.2.17
X-UA-Compatible: IE=EmulateIE7
Second query (visit from search engine):
GET / HTTP/1.1
Host: vvd.by
Referer: http://www.google.com/search?q=vvd.by
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: vvd.by
Referer: http://www.google.com/search?q=vvd.by
Result:
The result is similar to the first query. There are no suspicious redirects found.
Scanned pages/files
Request | Server response | Status |
http://vvd.by/ | 200 OK Content-Length: 15813 Content-Type: text/html | clean |
http://jooble.by/Handlers/SearchBox.ashx | 200 OK Content-Length: 12218 Content-Type: application/x-javascript | clean |
http://101widgets.com/01001912/160/170 | 200 OK Content-Length: 256 Content-Type: text/html | clean |
http://101widgets.com/test404page.js | 404 Not Found Content-Length: 276 Content-Type: text/html | clean |
http://vvd.by/script/jquery.js | 404 Not Found Content-Length: 1115 Content-Type: text/html | clean |
http://vvd.by/script/jquery_002.js | 404 Not Found Content-Length: 1115 Content-Type: text/html | clean |
http://vvd.by/script/jquery_003.js | 404 Not Found Content-Length: 1115 Content-Type: text/html | clean |
http://vvd.by/script/jquery_004.js | 404 Not Found Content-Length: 1115 Content-Type: text/html | clean |
http://vvd.by/script/coda-slider1.js | 404 Not Found Content-Length: 1115 Content-Type: text/html | clean |
http://vvd.by/components/com_flashgames/views/flashgames/tmpl/script/js.js | 200 OK Content-Length: 148 Content-Type: application/x-javascript | clean |
http://www.belta.by/newimages/news_informer/n_inf_4_1.js | 200 OK Content-Length: 4427 Content-Type: application/x-javascript | clean |
http://weekly-news.ru/informer.htm?theme=society&num=4&width=650&css=style&font=&bgcolor=&bsize=0&bcol=DDDDDD&tcol=&tsize=&lcol=&lsize=&dcol=&dsize=&img=1&desc=1 | 200 OK Content-Length: 2948 Content-Type: text/html | clean |
http://weekly-news.ru/\"http://weekly-news.ru/news/1725.html\" | 404 Not Found Content-Length: 328 Content-Type: text/html | clean |
http://weekly-news.ru/\"http://weekly-news.ru/news/1724.html\" | 404 Not Found Content-Length: 328 Content-Type: text/html | clean |
http://weekly-news.ru/\"http://weekly-news.ru/news/1722.html\" | 404 Not Found Content-Length: 328 Content-Type: text/html | clean |