Scanned pages/files
Request | Server response | Status |
http://windexe.ru/antivirus/1857-offline-obnovleniya-antivirusa-eset-nod32-v2-i-v3-4.html | 200 OK Content-Length: 44296 Content-Type: text/html | suspicious |
Suspicious code found <div class="share42init" data-url="[url]" data-title="[title]" data-top1="18" data-top2="5" data-margin="-55"data-zero-counter="1" ></div> <script type="text/javascript" src="http://windexe.ru/share42/share42.js"></script> | ||
http://windexe.ru/engine/classes/min/index.php?charset=windows-1251&g=general&2 | 200 OK Content-Length: 151191 Content-Type: application/x-javascript | clean |
http://windexe.ru/engine/classes/min/index.php?charset=windows-1251&f=engine/classes/js/rtdvhp.js,engine/classes/js/installmonster.js,engine/classes/highslide/highslide.js&2 | 200 OK Content-Length: 56637 Content-Type: application/x-javascript | clean |
http://windexe.ru/templates/windexe/js/main.js | 200 OK Content-Length: 611 Content-Type: application/x-javascript | clean |
http://windexe.ru/templates/windexe/js/counters.js | 200 OK Content-Length: 506 Content-Type: application/x-javascript | clean |
http://windexe.ru/templates/windexe/js/menu.js | 200 OK Content-Length: 290 Content-Type: application/x-javascript | clean |
http://windexe.ru/ | 200 OK Content-Length: 25750 Content-Type: text/html | suspicious |
Suspicious code found <div class="share42init" data-url="[url]" data-title="[title]" data-top1="18" data-top2="5" data-margin="-55"data-zero-counter="1" ></div> <script type="text/javascript" src="http://windexe.ru/share42/share42.js"></script> | ||
http://windexe.ru/bazy-dlya-nod32/47731-bazy-dlya-nod32-eav-ess-10194-ot-02082014.html | 200 OK Content-Length: 17851 Content-Type: text/html | suspicious |
Suspicious code found <div class="share42init" data-url="[url]" data-title="[title]" data-top1="18" data-top2="5" data-margin="-55"data-zero-counter="1" ></div> <script type="text/javascript" src="http://windexe.ru/share42/share42.js"></script> | ||
http://windexe.ru/engine/classes/min/index.php?charset=windows-1251&f=engine/classes/js/rtdvhp.js,engine/classes/js/installmonster.js&2 | 200 OK Content-Length: 24654 Content-Type: application/x-javascript | clean |
http://windexe.ru/bazy-dlya-nod32/ | 200 OK Content-Length: 26756 Content-Type: text/html | suspicious |
Suspicious code found <div class="share42init" data-url="[url]" data-title="[title]" data-top1="18" data-top2="5" data-margin="-55"data-zero-counter="1" ></div> <script type="text/javascript" src="http://windexe.ru/share42/share42.js"></script> | ||
http://windexe.ru/bazy-dlya-nod32/10537-videourok-offline-obnovlenie-eset-nod32-iz-lokalnoy-papki-na-kompyutere.html | 200 OK Content-Length: 22328 Content-Type: text/html | suspicious |
Suspicious code found <div class="share42init" data-url="[url]" data-title="[title]" data-top1="18" data-top2="5" data-margin="-55"data-zero-counter="1" ></div> <script type="text/javascript" src="http://windexe.ru/share42/share42.js"></script> | ||
http://windexe.ru/pop/10535-solnechnye-top-hity-2011.html | 200 OK Content-Length: 25675 Content-Type: text/html | suspicious |
Suspicious code found <div class="share42init" data-url="[url]" data-title="[title]" data-top1="18" data-top2="5" data-margin="-55"data-zero-counter="1" ></div> <script type="text/javascript" src="http://windexe.ru/share42/share42.js"></script> | ||
http://windexe.ru/pop/ | 200 OK Content-Length: 29584 Content-Type: text/html | suspicious |
Suspicious code found <div class="share42init" data-url="[url]" data-title="[title]" data-top1="18" data-top2="5" data-margin="-55"data-zero-counter="1" ></div> <script type="text/javascript" src="http://windexe.ru/share42/share42.js"></script> | ||
http://windexe.ru/pop/45257-iza-lach-off-the-wire-2012.html | 200 OK Content-Length: 17104 Content-Type: text/html | suspicious |
Suspicious code found <div class="share42init" data-url="[url]" data-title="[title]" data-top1="18" data-top2="5" data-margin="-55"data-zero-counter="1" ></div> <script type="text/javascript" src="http://windexe.ru/share42/share42.js"></script> | ||
http://windexe.ru/engine/dude/index/leech_out.php?a%3AaHR0cDovL3R1cmJvYml0Lm5ldC82b2YwNmh4NWEwcjYuaHRtbA%3D%3D | 200 OK Content-Length: 1346 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: windexe.ru
Result:
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Thu, 04 Sep 2014 16:53:36 GMT
Pragma: no-cache
Server: nginx
Vary: Accept-Encoding
Content-Type: text/html
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Last-Modified: Thu, 04 Sep 2014 10:53:36 GMT
Set-Cookie: PHPSESSID=ee9d251960f37bff7ccd0d6551bd6594; path=/
Set-Cookie: dle_user_id=deleted; expires=Wed, 04-Sep-2013 16:53:35 GMT; path=/; domain=.windexe.ru; httponly
Set-Cookie: dle_password=deleted; expires=Wed, 04-Sep-2013 16:53:35 GMT; path=/; domain=.windexe.ru; httponly
Set-Cookie: dle_hash=deleted; expires=Wed, 04-Sep-2013 16:53:35 GMT; path=/; domain=.windexe.ru; httponly
X-Powered-By: PHP/5.3.3-7+squeeze8
GET / HTTP/1.1
Host: windexe.ru
Result:
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Thu, 04 Sep 2014 16:53:36 GMT
Pragma: no-cache
Server: nginx
Vary: Accept-Encoding
Content-Type: text/html
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Last-Modified: Thu, 04 Sep 2014 10:53:36 GMT
Set-Cookie: PHPSESSID=ee9d251960f37bff7ccd0d6551bd6594; path=/
Set-Cookie: dle_user_id=deleted; expires=Wed, 04-Sep-2013 16:53:35 GMT; path=/; domain=.windexe.ru; httponly
Set-Cookie: dle_password=deleted; expires=Wed, 04-Sep-2013 16:53:35 GMT; path=/; domain=.windexe.ru; httponly
Set-Cookie: dle_hash=deleted; expires=Wed, 04-Sep-2013 16:53:35 GMT; path=/; domain=.windexe.ru; httponly
X-Powered-By: PHP/5.3.3-7+squeeze8
Second query (visit from search engine):
GET / HTTP/1.1
Host: windexe.ru
Referer: http://www.google.com/search?q=windexe.ru
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: windexe.ru
Referer: http://www.google.com/search?q=windexe.ru
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=windexe.ru
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://windexe.ru/
Result: windexe.ru is not infected or malware details are not published yet.
Result: windexe.ru is not infected or malware details are not published yet.