Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=xvpctrou.kh.ua
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://xvpctrou.kh.ua/
Result: The website is marked by Yandex as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Yandex as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
| Request | Server response | Status |
http://xvpctrou.kh.ua/ | 200 OK Content-Length: 53771 Content-Type: text/html | clean |
http://xvpctrou.kh.ua/engine/classes/js/jquery.js | 200 OK Content-Length: 93637 Content-Type: text/javascript | clean |
http://xvpctrou.kh.ua/engine/classes/js/jqueryui.js | 200 OK Content-Length: 75927 Content-Type: text/javascript | clean |
http://xvpctrou.kh.ua/engine/classes/js/dle_js.js | 200 OK Content-Length: 23054 Content-Type: text/javascript | clean |
http://xvpctrou.kh.ua/templates/city-skyline/assets/js/bootstrap.min.js | 200 OK Content-Length: 28550 Content-Type: text/javascript | clean |
http://xvpctrou.kh.ua/remvpod.html | 200 OK Content-Length: 36901 Content-Type: text/html | suspicious |
Suspicious code found </span> | ||
http://xvpctrou.kh.ua/engine/classes/highslide/highslide.js | 200 OK Content-Length: 33499 Content-Type: text/javascript | clean |
http://xvpctrou.kh.ua/engine/classes/masha/ierange.js | 200 OK Content-Length: 16681 Content-Type: text/javascript | clean |
http://xvpctrou.kh.ua/engine/classes/masha/masha.js | 200 OK Content-Length: 24766 Content-Type: text/javascript | clean |
http://xvpctrou.kh.ua/fagotzabor.html | 200 OK Content-Length: 28187 Content-Type: text/html | clean |
http://xvpctrou.kh.ua/flokator.html | 200 OK Content-Length: 44824 Content-Type: text/html | suspicious |
Suspicious code found </span> | ||
http://xvpctrou.kh.ua/photo | 200 OK Content-Length: 48743 Content-Type: text/html | suspicious |
Suspicious code found <table class="photoid_"> <tr><td> <a href="http://xvpctrou.kh.ua/photo/1639-95-1/495_dsc09061.jpg" onclick="return hs.expand(this)"><img src="/uploads/photos/previews/[1]_11_Feb_13/495_dsc09061.jpg" class="photo_" alt=""/></a><br/></td></tr> <tr><td> <div><a href="http://xvpctrou.kh.ua/photo-55">Óëèöà Ñòàäèîîíàÿ 2 4 ïîäúåçä</a> (15 ôåâðàëÿ)</div> </td></tr> <tr><td style="padding:3px;"><a href="http://xvpctrou.kh.ua/photo-id-496.html">ïîäðîáíåå</a></td></tr> </table> | ||
http://xvpctrou.kh.ua/engine/photo/photo_nucleus/javascripts/R.js | 200 OK Content-Length: 9085 Content-Type: text/javascript | clean |
http://iknopo.ru/iknopo.js | 200 OK Content-Length: 20861 Content-Type: text/javascript | clean |
http://xvpctrou.kh.ua/engine/photo/photo_nucleus/javascripts/V.js | 200 OK Content-Length: 92637 Content-Type: text/javascript | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: xvpctrou.kh.ua
Result:
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Tue, 19 Aug 2014 17:36:28 GMT
Pragma: no-cache
Server: Apache/2.2.15 (CentOS)
Content-Type: text/html; charset=windows-1251
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Set-Cookie: PHPSESSID=de0aefc2d749028b3702420424424994; path=/; domain=.xvpctrou.kh.ua; HttpOnly
Set-Cookie: dle_user_id=deleted; expires=Mon, 19-Aug-2013 17:36:27 GMT; path=/; domain=.xvpctrou.kh.ua; httponly
Set-Cookie: dle_password=deleted; expires=Mon, 19-Aug-2013 17:36:27 GMT; path=/; domain=.xvpctrou.kh.ua; httponly
Set-Cookie: dle_hash=deleted; expires=Mon, 19-Aug-2013 17:36:27 GMT; path=/; domain=.xvpctrou.kh.ua; httponly
X-Powered-By: PHP/5.2.17
GET / HTTP/1.1
Host: xvpctrou.kh.ua
Result:
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Tue, 19 Aug 2014 17:36:28 GMT
Pragma: no-cache
Server: Apache/2.2.15 (CentOS)
Content-Type: text/html; charset=windows-1251
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Set-Cookie: PHPSESSID=de0aefc2d749028b3702420424424994; path=/; domain=.xvpctrou.kh.ua; HttpOnly
Set-Cookie: dle_user_id=deleted; expires=Mon, 19-Aug-2013 17:36:27 GMT; path=/; domain=.xvpctrou.kh.ua; httponly
Set-Cookie: dle_password=deleted; expires=Mon, 19-Aug-2013 17:36:27 GMT; path=/; domain=.xvpctrou.kh.ua; httponly
Set-Cookie: dle_hash=deleted; expires=Mon, 19-Aug-2013 17:36:27 GMT; path=/; domain=.xvpctrou.kh.ua; httponly
X-Powered-By: PHP/5.2.17
Second query (visit from search engine):
GET / HTTP/1.1
Host: xvpctrou.kh.ua
Referer: http://www.google.com/search?q=xvpctrou.kh.ua
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: xvpctrou.kh.ua
Referer: http://www.google.com/search?q=xvpctrou.kh.ua
Result:
The result is similar to the first query. There are no suspicious redirects found.