Scanned pages/files
Request | Server response | Status |
http://xapkib.org/content | 404 Not Found Content-Length: 79319 Content-Type: text/html | suspicious |
Suspicious code found <div class="footer"> <div class="wrap"> <div class="copy fl mt23"> Создание и поддеÑжка Loveplanet.ru. ÐÑего полÑзоваÑелей: <b><a href="/a-search/d-1/" class="blue_bm">15,546,578</a></b>, новÑÑ : <b><a href="/a-search/d-1/newface-1/" class="blue_bm">8,656</a></b>, онлайн: <b><a href="/a-search/d-1/online-1/ escape(document.referrer)+((typeof(screen)=="undefined")?"": ";s"+screen.width+"*"+screen.height+"*"+(screen.colorDepth? screen.colorDepth:screen.pixelDepth))+";u"+escape(document.URL)+ ";"+Math.random()+ "' alt='ÐнакомÑÑва ХаÑÑков' title='ÐнакомÑÑва ХаÑÑков' "+ "border=0 width=31 height=31><\/a>")//--></script> </noindex></div> </div> </div> | ||
http://css.loveplanet.ru/3/imgstc/lp14/main.js | 200 OK Content-Length: 12031 Content-Type: application/x-javascript | clean |
http://css.loveplanet.ru/3/imgstc/lp14/v1.js | 200 OK Content-Length: 4441 Content-Type: application/x-javascript | clean |
http://css.loveplanet.ru/3/imgstc/fw_slideshow2.js | 200 OK Content-Length: 3078 Content-Type: application/x-javascript | clean |
http://css.loveplanet.ru/3/imgstc/swfobject.js | 200 OK Content-Length: 10220 Content-Type: application/x-javascript | clean |
http://css.loveplanet.ru/3/imgstc/exchange_v1d.js?71 | 200 OK Content-Length: 52733 Content-Type: application/x-javascript | clean |
http://css.loveplanet.ru/3/imgstc/lp14/count_rules.js | 200 OK Content-Length: 3069 Content-Type: application/x-javascript | clean |
http://css.loveplanet.ru/3/imgstc/xforms/js/lpjl-core.min.js | 200 OK Content-Length: 16042 Content-Type: application/x-javascript | clean |
http://css.loveplanet.ru/3/imgstc/xforms/js/lpjl-ui.js | 200 OK Content-Length: 104560 Content-Type: application/x-javascript | clean |
http://css.loveplanet.ru/3/imgstc/criteo.js | 200 OK Content-Length: 1169 Content-Type: application/x-javascript | clean |
http://css.loveplanet.ru/3/imgstc/xforms/js/ui/tags-search-control.js | 200 OK Content-Length: 22573 Content-Type: application/x-javascript | clean |
http://css.loveplanet.ru/3/imgstc/lp14/lpjl-code.js | 200 OK Content-Length: 571 Content-Type: application/x-javascript | clean |
http://css.loveplanet.ru/3/imgstc/xforms/js/ui/placeholder.min.js | 200 OK Content-Length: 438 Content-Type: application/x-javascript | clean |
http://xapkib.org/ | 200 OK Content-Length: 82013 Content-Type: text/html | suspicious |
Suspicious code found <div class="footer"> <div class="wrap"> <div class="copy fl mt23"> Создание и поддеÑжка Loveplanet.ru. ÐÑего полÑзоваÑелей: <b><a href="/a-search/d-1/" class="blue_bm">15,546,579</a></b>, новÑÑ : <b><a href="/a-search/d-1/newface-1/" class="blue_bm">8,657</a></b>, онлайн: <b><a href="/a-search/d-1/online-1/ escape(document.referrer)+((typeof(screen)=="undefined")?"": ";s"+screen.width+"*"+screen.height+"*"+(screen.colorDepth? screen.colorDepth:screen.pixelDepth))+";u"+escape(document.URL)+ ";"+Math.random()+ "' alt='ÐнакомÑÑва ХаÑÑков' title='ÐнакомÑÑва ХаÑÑков' "+ "border=0 width=31 height=31><\/a>")//--></script> </noindex></div> </div> </div> | ||
http://xapkib.org/a-register/ | 200 OK Content-Length: 26937 Content-Type: text/html | suspicious |
Suspicious code found <div class="head"> <div class="wrap"> <div class="logo_box fl"> </div> <img src="http://engine.mediamir.medialand.ru/code?pid=3025&gid=332&gbo=on&rid=1351768232" width="1" height="1" class="p_abs"> <div class="fr mt15 bt_top_form"> <div class="bg_white rds5 fr"><a href="/a-logon" class="gbut_grd_blue gnl_but30 w90"><div>ÐойÑи</div></a></div> <div class="cb"></div> </div> <div class="cb"></div> <img src="http://engine.mediamir.medialand.ru/code?pid=3090&gid=332&gbo=on&rid=1361966280" width="1" height="1" class="p_abs"> </div> </div> |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: xapkib.org
Result:
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Mon, 23 Mar 2015 07:11:30 GMT
Server: nginx
Content-Type: text/html; charset=utf-8
Expires: Mon, 23 Mar 2015 07:11:30 GMT
Last-Modified: Mon, 23 Mar 2015 07:11:30 GMT
Set-Cookie: split=1%2C9%2C0%3B2%2C9%2C0%3B3%2C10%2C0%3B4%2C8%2C0%3B5%2C4%2C0%3B6%2C5%2C0%3B7%2C7%2C0%3B8%2C6%2C0; path=/; expires=Wed, 22-Apr-2015 07:11:30 GMT; domain=.xapkib.org
Set-Cookie: domhit1=1427058000; path=/; expires=Wed, 25-Mar-2015 07:11:30 GMT; domain=.xapkib.org
Set-Cookie: randomhit=1420379837; path=/; expires=Wed, 22-Apr-2015 07:11:30 GMT; domain=.xapkib.org
Set-Cookie: landing_raw=aHR0cDovL3hhcGtpYi5vcmcvaW5kZXguaHRtbA%3D%3D; path=/; expires=Tue, 24-Mar-2015 07:11:30 GMT; domain=.xapkib.org
GET / HTTP/1.1
Host: xapkib.org
Result:
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Mon, 23 Mar 2015 07:11:30 GMT
Server: nginx
Content-Type: text/html; charset=utf-8
Expires: Mon, 23 Mar 2015 07:11:30 GMT
Last-Modified: Mon, 23 Mar 2015 07:11:30 GMT
Set-Cookie: split=1%2C9%2C0%3B2%2C9%2C0%3B3%2C10%2C0%3B4%2C8%2C0%3B5%2C4%2C0%3B6%2C5%2C0%3B7%2C7%2C0%3B8%2C6%2C0; path=/; expires=Wed, 22-Apr-2015 07:11:30 GMT; domain=.xapkib.org
Set-Cookie: domhit1=1427058000; path=/; expires=Wed, 25-Mar-2015 07:11:30 GMT; domain=.xapkib.org
Set-Cookie: randomhit=1420379837; path=/; expires=Wed, 22-Apr-2015 07:11:30 GMT; domain=.xapkib.org
Set-Cookie: landing_raw=aHR0cDovL3hhcGtpYi5vcmcvaW5kZXguaHRtbA%3D%3D; path=/; expires=Tue, 24-Mar-2015 07:11:30 GMT; domain=.xapkib.org
Second query (visit from search engine):
GET / HTTP/1.1
Host: xapkib.org
Referer: http://www.google.com/search?q=xapkib.org
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: xapkib.org
Referer: http://www.google.com/search?q=xapkib.org
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=xapkib.org
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://xapkib.org/
Result: xapkib.org is not infected or malware details are not published yet.
Result: xapkib.org is not infected or malware details are not published yet.