Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=doska.023.ru
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://doska.023.ru/
Result: The website is marked by Yandex as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Yandex as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://doska.023.ru/ | 200 OK Content-Length: 38166 Content-Type: text/html | suspicious |
Page code contains blacklisted domain: spravka.023.ru ...[2487 bytes skipped]... script type='text/javascript'><!--//<![CDATA[ var m3_u = (location.protocol=='https:'?'https://o23.ru/openx/www/delivery/ajs.php':'http://o23.ru/openx/www/delivery/ajs.php'); var m3_r = Math.floor(Math.random()*99999999999); if (!document.MAX_used) document.MAX_used = ','; document.write ("<scr"+"ipt type='text/javascript' src='"+m3_u); document.write ("?zoneid=19&source=http%3A%2F%2Fspravka.023.ru"); document.write ('&cb=' + m3_r); if (document.MAX_used != ',') document.write ("&exclude=" + document.MAX_used); document.write (document.charset ? '&charset='+document.charset : (document.characterSet ? '&charset='+document.characterSet : '')); document.write ("&loc=" + escape(window.location)); if (document.referrer) document.write ("&referer=" + escape(document.referrer)); if (document.context) document.wr ...[1262 bytes skipped]... | ||
http://yabl.ru/template/all.js | 200 OK Content-Length: 933 Content-Type: application/x-javascript | clean |
http://get.promofor.me/?uid=640&zone=728x90&align=center | 200 OK Content-Length: 0 Content-Type: text/html | clean |
http://get.promofor.me/test404page.js | 404 Not Found Content-Length: 212 Content-Type: text/html | clean |
http://www.google-analytics.com/urchin.js | 200 OK Content-Length: 22678 Content-Type: text/javascript | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: doska.023.ru
Result:
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Fri, 09 Jan 2015 21:37:33 GMT
Pragma: no-cache
Server: nginx/1.4.2
Vary: Host
Content-Type: text/html
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Set-Cookie: sn=01218124b34dd96e3b95183d221730d5; path=/; domain=.doska.023.ru
X-Powered-By: PHP/5.2.17
GET / HTTP/1.1
Host: doska.023.ru
Result:
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Fri, 09 Jan 2015 21:37:33 GMT
Pragma: no-cache
Server: nginx/1.4.2
Vary: Host
Content-Type: text/html
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Set-Cookie: sn=01218124b34dd96e3b95183d221730d5; path=/; domain=.doska.023.ru
X-Powered-By: PHP/5.2.17
Second query (visit from search engine):
GET / HTTP/1.1
Host: doska.023.ru
Referer: http://www.google.com/search?q=doska.023.ru
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: doska.023.ru
Referer: http://www.google.com/search?q=doska.023.ru
Result:
The result is similar to the first query. There are no suspicious redirects found.