Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=x21x.ru
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://x21x.ru/
Result: The website is marked by Yandex as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Yandex as suspicious. - visiting this web site may harm your computer.
Details are available here.
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: x21x.ru
Result:
HTTP/1.1 200 OK
Cache-Control: no-cache, must-revalidate
Connection: close
Date: Fri, 29 Aug 2014 09:42:22 GMT
Pragma: no-cache
Server: nginx/1.0.15
Content-Type: text/html; charset=UTF-8
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Last-Modified: Thu, 01 Jan 1970 00:00:00 GMT
Set-Cookie: SESID=d794a7681f4f3a108667cd27375b529f; path=/
X-Powered-By: PHP/5.3.3
GET / HTTP/1.1
Host: x21x.ru
Result:
HTTP/1.1 200 OK
Cache-Control: no-cache, must-revalidate
Connection: close
Date: Fri, 29 Aug 2014 09:42:22 GMT
Pragma: no-cache
Server: nginx/1.0.15
Content-Type: text/html; charset=UTF-8
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Last-Modified: Thu, 01 Jan 1970 00:00:00 GMT
Set-Cookie: SESID=d794a7681f4f3a108667cd27375b529f; path=/
X-Powered-By: PHP/5.3.3
Second query (visit from search engine):
GET / HTTP/1.1
Host: x21x.ru
Referer: http://www.google.com/search?q=x21x.ru
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: x21x.ru
Referer: http://www.google.com/search?q=x21x.ru
Result:
The result is similar to the first query. There are no suspicious redirects found.
Scanned pages/files
| Request | Server response | Status |
http://x21x.ru/ | 200 OK Content-Length: 10722 Content-Type: text/html | clean |
http://v.alian.biz/v/25576 | 200 OK Content-Length: 61357 Content-Type: text/javascript | clean |
http://v.alian.biz/v/110123 | 200 OK Content-Length: 62594 Content-Type: text/javascript | clean |
http://x21x.ru//yandex.st/share/share.js/ | HTTP/1.1 302 Found Connection: close Date: Fri, 29 Aug 2014 09:42:24 GMT Location: http://xxxfotka.ru/?err Server: nginx/1.0.15 Content-Length: 280 Content-Type: text/html; charset=iso-8859-1 | clean |
http://xxxfotka.ru/?err | 200 OK Content-Length: 4492 Content-Type: text/html | clean |
http://v.alian.biz/v/110924 | 200 OK Content-Length: 62488 Content-Type: text/javascript | clean |
http://c.waptut.ru/7632/main.js | 200 OK Content-Length: 1120 Content-Type: application/javascript | clean |
http://mobtop.ru/c/16490.js | 200 OK Content-Length: 860 Content-Type: application/x-javascript | clean |
http://x21x.ru/test404page.js | HTTP/1.1 302 Found Connection: close Date: Fri, 29 Aug 2014 09:42:27 GMT Location: http://xxxfotka.ru/?err Server: nginx/1.0.15 Content-Length: 280 Content-Type: text/html; charset=iso-8859-1 | clean |
http://xxxfotka.ru/test404page.js | HTTP/1.1 302 Found Connection: close Date: Fri, 29 Aug 2014 09:42:27 GMT Location: http://gazenwagen.com/?err Server: nginx/1.0.15 Content-Length: 287 Content-Type: text/html; charset=iso-8859-1 | clean |
http://gazenwagen.com/?err | HTTP/1.1 302 Moved Temporarily Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Connection: close Date: Fri, 29 Aug 2014 09:42:28 GMT Pragma: no-cache Location: http://gazenwagen.com/gallery/index.php?id=3 Server: Apache Vary: Accept-Encoding Content-Type: text/html; charset=UTF-8 Expires: Thu, 19 Nov 1981 08:52:00 GMT Set-Cookie: SESID=q4mag50a72emmfm3kqatbc88o4; path=/ X-Powered-By: PleskLin | clean |
http://gazenwagen.com/gallery/index.php?id=3 | 200 OK Content-Length: 4315 Content-Type: text/html | clean |
http://gazenwagen.com/ | 200 OK Content-Length: 24910 Content-Type: text/html | clean |
http://gazenwagen.com/go.php?lng | 200 OK Content-Length: 3102 Content-Type: text/html | clean |
http://gazenwagen.com/login.php | 200 OK Content-Length: 3017 Content-Type: text/html | clean |
http://gazenwagen.com/registration.php | 200 OK Content-Length: 5333 Content-Type: text/html | clean |
http://gazenwagen.com/users/index.php?act=online | 200 OK Content-Length: 5240 Content-Type: text/html | clean |
http://gazenwagen.com/users/index.php?act=online&mod=history | 200 OK Content-Length: 15403 Content-Type: text/html | clean |
http://gazenwagen.com/users/index.php?act=online&mod=history&page=2 | 200 OK Content-Length: 15544 Content-Type: text/html | clean |