| The following excerpts of scripts give
some insight into the behavior of these Cyrillic-alphabet (Russian language)
websites. The metadata scripts may be used to plant data in the headers
of vulnerable US domains. For social media, the selected Facebook
buttons seen on several websites have been opened & their
sourcecodes captured - See the Screenshot
of Facebook Button links below. The results seem to
indicate that data is being collected from many users; the mechanism by
which that data is collected may or may not be up to the user ... |
| Social
Media AS9123 |
MetaData AS9123 |
| 9123/gkclab.com/gkclab.com.txt 9123/gkclab.com02/gkclab.com.acoustic.txt <script>(function(d, s, id) { var js, fjs = d.getElementsByTagName(s)[0]; if (d.getElementById(id)) return; js = d.createElement(s); js.id = id; js.src = "//connect.facebook.net/ru_RU/all.js#xfbml=1"; fjs.parentNode.insertBefore(js, fjs);}(document, 'script', 'facebook-jssdk')); </script> |
9123/giftbig.ru/giftbig.ru.txt 9123/giftbig.ru02/giftbig.ru.nastolnye-nabori.txt 9123/giftbig.ru03/giftbig.ru.podstavki-i-krepleniya.txt <html prefix="og: http://ogp.me/ns#" dir="ltr" lang="ru" class="unknown unknownunknown journal-desktop is-guest skin-100 responsive-layout center-header catalog-language lang-full currency-full lang-flag-mobile currency-symbol-mobile collapse-footer-columns filter-columns- mobile mobile-menu-on-tablet header-center header-sticky sticky-menu backface product-grid- second-image product-list-second-image hide-cart category-page category- page-148 layout-3 route-product-category oc2 oc23 one-column no-secondary no-currency no- language" data-j2v="2.15.4<br>lowenet.biz"> <head prefix="og:http://ogp.me/ns# fb:http://ogp.me/ns/fb# product:http://ogp.me/ns/product#"> |
| 9123/xn----dtbbjn3acd8j.xn--p1ai/xn----dtbbjn3acd8j.xn--p1ai.txt
9123/xn----dtbbjn3acd8j.xn--p1ai02/xn----dtbbjn3acd8j.xn--p1ai.about.txt <li> <a href="https://www.facebook.com/UMI.CMS/" target="_blank"> <img src="img/social-fb.png" alt=""></a></li> <li> <a href="https://vk.com/umi_cms" target="_blank"> <img src="img/social-vk.png" alt=""></a></li> <li> <a href="https://twitter.com/umi_cms" target="_blank"> <img src="img/social-tw.png" alt=""></a></li> <li> <a href="https://www.instagram.com/umi.cms/" target="_blank"> <img src="img/social-in.png" alt=""></a></li> |
9123/nashkomp.ru/nashkomp.ru.category.telegram.txt 9123/nashkomp.ru02/nashkomp.ru.ustanovka-telegram.txt <html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://ogp.me/ns/fb#" xmlns:og="http://ogp.me/ns#" lang="ru-RU" prefix="og: http://ogp.me/ns# fb: http://ogp.me/ns/fb#"> <head> <script type='text/javascript'> /* <![CDATA[ */ var ratingsL10n = {"plugin_url":"https:\/\/nashkomp.ru\/wp-content\/plugins\/wp-postratings","ajax_url":" https:\/\/nashkomp.ru\/wp-admin\/admin-ajax.php","text_wait":"\u041f\u043e\u0436\u0430\ u043b\u0443\u0439\u0441\u0442\u0430, \u043d\u0435 \u0433\u043e\u043b\u043e\u0441\ u0443\u0439\u0442\u0435 \u0437\u0430 \u043d\u0435\u0441\u043a\u043e\u043b\u044c\ u043a\u043e \u0437\u0430\u043f\u0438\u0441\u0435\u0439 \u043e\u0434\u043d\u043e\u0432\u0440\u0435\u043c\u0435\u043d\u043d\u043e."," image":"stars_crystal","image_ext":"gif","max":"5","show_loading":"1","show_fading":"1"," custom":"0"}; var ratings_mouseover_image=new Image();ratings_mouseover_image.src="https://nashkomp.ru/wp-content/plugins/ wp-postratings/images/stars_crystal/rating_over.gif";; /* ]]> */</script> |
| Social Media
AS9123 |
| 9123/estate24.moscow/estate24.moscow.streets.beregovaja-ulica.txt <script>window.fbAsyncInit = function() {FB.init({appId : '376883422522228',status : false, cookie : true,xfbml : true,oauth : true}); $(".fb_login").click(function() {FB.login(function(response) {Facebook_login();}, {scope: 'email,public_profile'});}); }; (function(d){var js, id = 'facebook-jssdk'; if (d.getElementById(id)) {return;} js = d.createElement('script'); js.id = id; js.async = true; js.src = "//connect.facebook.net/en_US/all.js"; d.getElementsByTagName('head')[0].appendChild(js); }(document)); function Facebook_login () {FB.getLoginStatus(function(response) {if (response.status = 'connected') {var request = $.ajax({url: "/entrance/fb-redirect.php", method: "POST", data: {accessToken :response.authResponse.accessToken}, dataType: "html"}); request.done(function(msg) {location.reload();});}});} function logOut() {var request = $.ajax({url: "/entrance/logout/",method: "POST",});location.reload();} </script> |
| 9123/vseprobrak.ru/vseprobrak.ru.esli-muzh-pet.txt
9123/vseprobrak.ru02/vseprobrak.ru.ne-tolko-vodka.txt <div class="twit" style="float:left"> <!--noindex--><a rel="hofollow" target="_blank" href="https://twitter.com/share" class="twitter-share-button" data-text="Ã�Â�Ã�µ Ñ‚Ã�¾Ã�»ÑŒÃ�ºÃ�¾ Ã�²Ã�¾Ã�´Ã�ºÃ�° Ã�µÑÂ�Ñ‚ÑŒ у Ã�¼ÑƒÃ�¶Ã�° — ÑÂ�Ñ‚Ã�¸Ñ…Ã�¸ Ã�´Ã�ȄÂ� Ã�¼ÑƒÃ�¶Ã�° чтÃ�¾Ã�±Ñ‹ Ã�½Ã�µ Ã�¿Ã�¸Ã�» "data-lang="ru">Ã�¢Ã�²Ã�¸Ñ‚Ã�½ÑƒÑ‚ÑŒ</a><!--/noindex--> <script>!function(d,s,id){var js,fjs=d.getElementsByTagName(s)[0];if(!d.getElementById(id)){js=d.createElement(s);js.id=id; js.src="//platform.twitter.com/widgets.js";fjs.parentNode.insertBefore(js,fjs);}}(document,"script","twitter-wjs");</script> </div> |
| 9123/in-sto.ru/in-sto.ru.poleznye-stati.txt 9123/in-sto.ru02/in-sto.ru.techno-vektor-7-truck.txt <ul class="social"><li class="facebook"><a target="_blank" href="https://www.facebook.com/Carholod/" title="Facebook"><i class="icon-facebook"></i></a></li> <li class="googleplus"><a target="_blank" href="https://plus.google.com/u/1/115486133435688203326" title="Google+"><i class="icon-gplus"></i></a></li> <li class="twitter"><a target="_blank" href="https://twitter.com/In_STO_Company" title="Twitter"><i class="icon-twitter"></i></a></li><li class="youtube"> <a target="_blank" href="https://www.youtube.com/channel/UCW-Ql0iH9aHVL0LQr8M8jxQ" title="YouTube"><i class="icon-play"></i></a></li><li class="linkedin"> <a target="_blank" href="www.linkedin.com/in/evzarik" title="LinkedIn"><i class="icon-linkedin"></i></a></li><li class="instagram"><a target="_blank" href="https://www.instagram.com/in_sto.ru/" title="Instagram"><i class="icon-instagram"></i></a></li><li class="vkontakte"><a target="_blank" href="https://vk.com/instoclub" title="VKontakte"><i class="icon-vkontakte"></i></a></li></ul> <script type='text/javascript'> /* <![CDATA[ */var wpcf7 = {"apiSettings":{"root":"https:\/\/in-sto.ru\/wp-json\/contact-form-7\/v1","namespace":"contact-form-7\/v1"},"recaptcha":{"messages":{"empty":" \u041f\u043e\u0436\u0430\u043b\u0443\u0439\u0441\u0442\u0430, \u043f\u043e\u0434\u0442\u0432\u0435\u0440\u0434\u0438\u0442\u0435, \u0447\u0442\ u043e \u0432\u044b \u043d\u0435 \u0440\u043e\u0431\u043e\u0442."}}}; /* ]]> */</script> |
| 9123/flyontime.ru/flyontime.ru.tailand.txt
9123/flyontime.ru02/flyontime.ru.kupit-tur-v-tunis.txt <div class="soc"> <ul> <li><a href="/feed/" rel="nofollow"><i class="fa fa-rss" aria-hidden="true"></i></a></li> <li><a href="https://www.facebook.com/flyontime" rel="nofollow"><i class="fa fa-facebook" aria-hidden="true"></i></a></li> <li><a href="https://vk.com/flyontime_ru" rel="nofollow"><i class="fa fa-vk" aria-hidden="true"></i></a></li> <li><a href="https://twitter.com/flyontime_ru" rel="nofollow"><i class="fa fa-twitter" aria-hidden="true"></i></a></li> <!-- <li><a href="#" rel="nofollow"><i class="fa fa-instagram" aria-hidden="true"></i></a></li> <li><a href="#" rel="nofollow"><i class="fa fa-linkedin" aria-hidden="true"></i></a></li> --> </ul></div> <div class="social"><ul class="social_auth"> <li data-social="fb"><a href="#" title="Facebook" target="_blank"><img src="https://flyontime.ru/wp-content/themes/flynow/include/assets/facebook.svg"></a></li> <li data-social="vk"><a href="#" title="VK" target="_blank"><img src="https://flyontime.ru/wp-content/themes/flynow/include/assets/vk.svg"></a></li> <li data-social="ok"><a href="#" title="OK" target="_blank"><img src="https://flyontime.ru/wp-content/themes/flynow/include/assets/odnoklassniki.svg"></a></li> <li data-social="im"><a href="#" title="Instagram" target="_blank"><img src="https://flyontime.ru/wp-content/themes/flynow/include/assets/instagram.svg"></a> </li> <li data-social="google"><a href="#" title="Google+" target="_blank"><img src="https://flyontime.ru/wp-content/themes/flynow/include/assets/google-plus.svg"></a> </li> <li data-social="twitter"><a href="#" title="Twitter" target="_blank"><img src="https://flyontime.ru/wp-content/themes/flynow/include/assets/twitter.svg"></a></li> </ul><span class="auth_text">- �²�¾�¹Ñ‚�¸ ч�µÑ€�µ�· Ñ��¾Ñ†. Ñ��µÑ‚ÑŒ</span></div> <script type="text/javascript"> gtx_social = {"fb":{"client_id":"","redirect_uri":""},"vk":{"client_id":"","redirect_uri":""},"ok":{"client_id":"","redirect_uri":""},"instagram":{"client_id":"f049469deaa94b7d92eec5edaca703de", "redirect":"https:\/\/new.flyontime.ru\/social\/auth\/im.php","access_token":"2312258342.54da896.76fdf15c64f5457d83cf09b67e66384b"},"google":{"client_id":"", "redirect_uri":""},"twitter":{"auth_url":""}}; gtx_vars = {"is_auth":false};</script> |