Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=gtasoft.ru
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://gtasoft.ru/
Result: The website is marked by Yandex as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Yandex as suspicious. - visiting this web site may harm your computer.
Details are available here.
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: gtasoft.ru
Result:
HTTP/1.1 200 OK
Connection: close
Date: Tue, 26 Aug 2014 20:15:20 GMT
Accept-Ranges: bytes
Server: Apache/2.2.25 (Unix) mod_ssl/2.2.25 OpenSSL/0.9.8e-fips-rhel5 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635 PHP/5.3.27
Content-Type: text/html
GET / HTTP/1.1
Host: gtasoft.ru
Result:
HTTP/1.1 200 OK
Connection: close
Date: Tue, 26 Aug 2014 20:15:20 GMT
Accept-Ranges: bytes
Server: Apache/2.2.25 (Unix) mod_ssl/2.2.25 OpenSSL/0.9.8e-fips-rhel5 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635 PHP/5.3.27
Content-Type: text/html
Second query (visit from search engine):
GET / HTTP/1.1
Host: gtasoft.ru
Referer: http://www.google.com/search?q=gtasoft.ru
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: gtasoft.ru
Referer: http://www.google.com/search?q=gtasoft.ru
Result:
The result is similar to the first query. There are no suspicious redirects found.
Scanned pages/files
| Request | Server response | Status |
http://gtasoft.ru/ | 200 OK Content-Length: 9900 Content-Type: text/html | clean |
http://gtasoft.ru/inc/common.js | 200 OK Content-Length: 1604 Content-Type: application/javascript | clean |
http://gtasoft.ru/news/ | 200 OK Content-Length: 9900 Content-Type: text/html | clean |
http://gtasoft.ru/blog/ | 200 OK Content-Length: 8191 Content-Type: text/html | clean |
http://gtasoft.ru/vcenter/ | 200 OK Content-Length: 8338 Content-Type: text/html | clean |
http://gtasoft.ru/rus/contacts | HTTP/1.1 301 Moved Permanently Connection: close Date: Tue, 26 Aug 2014 20:15:23 GMT Location: http://gtasoft.ru/rus/contacts/ Server: Apache/2.2.25 (Unix) mod_ssl/2.2.25 OpenSSL/0.9.8e-fips-rhel5 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635 PHP/5.3.27 Content-Length: 429 Content-Type: text/html; charset=iso-8859-1 | clean |
http://gtasoft.ru/rus/contacts/ | 200 OK Content-Length: 10692 Content-Type: text/html | clean |
http://gtasoft.ru/gta1.shtml | 200 OK Content-Length: 9194 Content-Type: text/html | clean |
http://gtasoft.ru/cgi-bin/fbs/fbs.pl?14 | HTTP/1.1 302 Found Connection: close Date: Tue, 26 Aug 2014 20:15:25 GMT Location: http://www.domains4sale.ru/renew_domain.shtml Server: Apache/2.2.25 (Unix) mod_ssl/2.2.25 OpenSSL/0.9.8e-fips-rhel5 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635 PHP/5.3.27 Content-Length: 419 Content-Type: text/html; charset=iso-8859-1 | clean |
http://www.domains4sale.ru/renew_domain.shtml | 200 OK Content-Length: 10353 Content-Type: text/html | clean |
http://www.domains4sale.ru/inc/common.js | 200 OK Content-Length: 1774 Content-Type: application/javascript | clean |
http://gtasoft.ru/domains.shtml | 404 Not Found Content-Length: 8718 Content-Type: text/html | clean |
http://gtasoft.ru/cgi-bin/fbs/fbs.pl?3 | HTTP/1.1 302 Found Connection: close Date: Tue, 26 Aug 2014 20:15:29 GMT Location: http://www.cities.su/ Server: Apache/2.2.25 (Unix) mod_ssl/2.2.25 OpenSSL/0.9.8e-fips-rhel5 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635 PHP/5.3.27 Content-Length: 395 Content-Type: text/html; charset=iso-8859-1 | clean |
http://www.cities.su/ | HTTP/1.1 301 Moved Permanently Connection: close Date: Tue, 26 Aug 2014 20:15:29 GMT Location: http://auction.nic.ru/torgi/lot.cgi?id=285266 Server: Apache/2.2.11 (Unix) mod_ssl/2.2.11 OpenSSL/0.9.8e-fips-rhel5 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635 PHP/5.2.9 Content-Length: 445 Content-Type: text/html; charset=iso-8859-1 | clean |
http://auction.nic.ru/torgi/lot.cgi?id=285266 | 200 OK Content-Length: 24339 Content-Type: text/html | clean |
http://auction.nic.ru/js/jquery.js?06062013 | 200 OK Content-Length: 134595 Content-Type: application/x-javascript | clean |
http://gtasoft.ru/js/jquery_handlebars.js?26102011 | 404 Not Found Content-Length: 8682 Content-Type: text/html | clean |
http://gtasoft.ru/cgi-bin/fbs/fbs.pl?8 | HTTP/1.1 302 Found Connection: close Date: Tue, 26 Aug 2014 20:15:31 GMT Location: http://www.emirates.su/ Server: Apache/2.2.25 (Unix) mod_ssl/2.2.25 OpenSSL/0.9.8e-fips-rhel5 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635 PHP/5.3.27 Content-Length: 397 Content-Type: text/html; charset=iso-8859-1 | clean |
http://www.emirates.su/ | 200 OK Content-Length: 28379 Content-Type: text/html | clean |
http://www.emirates.su/inc/common.js | 200 OK Content-Length: 1550 Content-Type: application/javascript | clean |