Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=all4mobil.ru
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: ski-tyumen.ru
Result:
HTTP/1.1 200 OK
Cache-Control: private
Connection: close
Date: Fri, 06 Jun 2014 12:54:21 GMT
Server: Jino.ru/mod_pizza
Content-Type: text/html; charset=utf-8
Expires:
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Set-Cookie: e22efa7c93838a9790d1db7c011798c5=6e37c69788460a316841e729947716a2; path=/
Set-Cookie: ja_anion_tpl=ja_anion; expires=Wed, 27-May-2015 12:54:19 GMT; path=/
X-Logged-In: False
GET / HTTP/1.1
Host: ski-tyumen.ru
Result:
HTTP/1.1 200 OK
Cache-Control: private
Connection: close
Date: Fri, 06 Jun 2014 12:54:21 GMT
Server: Jino.ru/mod_pizza
Content-Type: text/html; charset=utf-8
Expires:
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Set-Cookie: e22efa7c93838a9790d1db7c011798c5=6e37c69788460a316841e729947716a2; path=/
Set-Cookie: ja_anion_tpl=ja_anion; expires=Wed, 27-May-2015 12:54:19 GMT; path=/
X-Logged-In: False
Second query (visit from search engine):
GET / HTTP/1.1
Host: ski-tyumen.ru
Referer: http://www.google.com/search?q=ski-tyumen.ru
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: ski-tyumen.ru
Referer: http://www.google.com/search?q=ski-tyumen.ru
Result:
The result is similar to the first query. There are no suspicious redirects found.
Scanned pages/files
Request | Server response | Status |
http://all4mobil.ru/ | HTTP/1.1 302 Found Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Connection: close Date: Fri, 25 Jul 2014 22:26:27 GMT Pragma: no-cache Location: http://yandexnalytics.com/d.html Server: Apache/2.2.25 (FreeBSD) PHP/5.2.17 with Suhosin-Patch mod_ssl/2.2.25 OpenSSL/1.0.1e DAV/2 Content-Length: 0 Content-Type: text/html Expires: Thu, 19 Nov 1981 08:52:00 GMT Set-Cookie: PHPSESSID=0kjhs28l5e1i8hst8ft1e7h1n7; path=/ X-Powered-By: PHP/5.2.17 | malicious |
http://yandexnalytics.com/d.html | 200 OK Content-Length: 0 Content-Type: text/html | clean |
http://yandexnalytics.com/test404page.js | 404 Not Found Content-Length: 296 Content-Type: text/html | clean |