Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=io4.pw
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: io4.pw
Result:
HTTP/1.1 302 Moved Temporarily
Cache-Control: max-age=0
Connection: Close
Date: Thu, 29 Jan 2015 23:17:27 GMT
Pragma: no-cache
Location: http://aaa.rambler.pw/?7a2z
Server: nginx
Content-Length: 0
Content-Type: text/html; charset=utf-8
Expires: Thu, 21 Jul 1977 07:30:00 GMT
Last-Modified: Thu, 29 Jan 2015 23:17:27 GMT
...0 bytes of data.
GET / HTTP/1.1
Host: io4.pw
Result:
HTTP/1.1 302 Moved Temporarily
Cache-Control: max-age=0
Connection: Close
Date: Thu, 29 Jan 2015 23:17:27 GMT
Pragma: no-cache
Location: http://aaa.rambler.pw/?7a2z
Server: nginx
Content-Length: 0
Content-Type: text/html; charset=utf-8
Expires: Thu, 21 Jul 1977 07:30:00 GMT
Last-Modified: Thu, 29 Jan 2015 23:17:27 GMT
...0 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: io4.pw
Referer: http://www.google.com/search?q=io4.pw
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: io4.pw
Referer: http://www.google.com/search?q=io4.pw
Result:
The result is similar to the first query. There are no suspicious redirects found.
Scanned pages/files
Request | Server response | Status |
http://io4.pw/ | HTTP/1.1 302 Moved Temporarily Cache-Control: max-age=0 Connection: Close Date: Thu, 29 Jan 2015 23:17:27 GMT Pragma: no-cache Location: http://aaa.rambler.pw/?7a2z Server: nginx Content-Length: 0 Content-Type: text/html; charset=utf-8 Expires: Thu, 21 Jul 1977 07:30:00 GMT Last-Modified: Thu, 29 Jan 2015 23:17:27 GMT | clean |
http://aaa.rambler.pw/?7a2z | HTTP/1.1 302 Moved Temporarily Cache-Control: max-age=0 Connection: close Date: Thu, 29 Jan 2015 23:17:28 GMT Pragma: no-cache Location: http://go.onclasrv.com/afu.php?zoneid=105814 Server: nginx/1.2.1 Content-Type: text/html; charset=utf-8 Expires: Thu, 21 Jul 1977 07:30:00 GMT Last-Modified: Thu, 29 Jan 2015 23:17:28 GMT X-Powered-By: PHP/5.4.34-0+deb7u1 | clean |
http://go.onclasrv.com/afu.php?zoneid=105814 | HTTP/1.1 302 Moved Temporarily Connection: close Date: Thu, 29 Jan 2015 23:17:49 GMT Location: http://onclickads.net/afu.php?zoneid=105814 Server: nginx Content-Length: 154 Content-Type: text/html | clean |
http://onclickads.net/afu.php?zoneid=105814 | HTTP/1.1 200 OK Cache-Control: private, max-age=0, no-cache Connection: close Date: Thu, 29 Jan 2015 23:17:29 GMT Pragma: no-cache Server: nginx Content-Type: text/html Expires: Mon, 26 Jul 1997 05:00:00 GMT P3P: CP="CUR ADM OUR NOR STA NID" Set-Cookie: OAGEO3c1d5=1%7CLT%7CVL%7CVILNIUS%7C01100%7C54.6894%7C25.28%7C-1%7C0%7CBROADBAND%7CUAB+CONSILIUM+OPTIMUM%7C; expires=Fri, 30-Jan-2015 23:17:28 GMT; path=/ Set-Cookie: ppucnt=1; expires=Fri, 30-Jan-2015 23:17:28 GMT; path=/ Set-Cookie: OAID=e925b9b3a4e9916e200fec022b087928; expires=Fri, 29-Jan-2016 23:17:28 GMT; path=/ Set-Cookie: _OACCAP[45384]=1; expires=Fri, 29-Jan-2016 23:17:28 GMT; path=/ Set-Cookie: _OACBLOCK[45384]=1422573448; expires=Sat, 28-Feb-2015 23:17:28 GMT; path=/ | clean |
http://click.alibaba.com/rd/ji9003p1?pid=105814&tp1=31480345563&cv=147001&cn=lt | HTTP/1.1 302 Moved Temporarily Connection: close Date: Thu, 29 Jan 2015 23:17:28 GMT Location: http://offer.alibaba.com/exclusive.html?imp=5b1e9619crvobnm654q&xp=vuMRtPxEYBxdo37tM5eQg2-a8RQrqKXv2tmBq08FSxx746M3ZIreyZabI9MazVbnDUx8TIPcmoCh8bk9Bc4CQSwxt5qccAirBxMQBFPntL4&pid=105814&td=Propellerads&cv=147001&aff_id=182463618&ct=1&size=000_000&cn=lt&an=50001&bm=cpa&tp1=31480345563&src=saf Server: Apache Vary: Accept-Encoding,User-Agent Content-Language: zh-CN Content-Length: 0 Content-Type: text/html;charset=UTF-8 P3P: CP="CAO PSA OUR" Set-Cookie: ali_apache_id=78.158.11.226.1422573448949.684423.9; path=/; domain=.alibaba.com; expires=Wed, 30-Nov-2084 01:01:01 GMT Set-Cookie: JSESSIONID=tRP4FV8EEkJ8U1A6wvrI94i-; Path=/ Set-Cookie: ali_apache_track=""; Domain=.alibaba.com; Expires=Wed, 17-Feb-2083 02:31:35 GMT; Path=/ Set-Cookie: ali_apache_tracktmp=""; Domain=.alibaba.com; Path=/ Set-Cookie: xman_us_f=x_l=0; Domain=.alibaba.com; Expires=Wed, 17-Feb-2083 02:31:35 GMT; Path=/ Set-Cookie: xman_t=6nfJGn9ucKk/6n4HB01bySOpAHgRJhVELSi3oD5pZ3YzNBkGYGAGfXeqKblicy1s; Domain=.alibaba.com; Path=/; HttpOnly Set-Cookie: acs_usuc_t=acs_rt=b3519525b9a5498f883df7612e991a55; Domain=.alibaba.com; Path=/ Set-Cookie: acs_t=666tWe3QH+4ob2cKzsDwCX3Kk90IrkFS/PooZiRISnK6scBvJWZyfkMWYsQasoQU; Domain=.alibaba.com; Path=/; HttpOnly Set-Cookie: xman_f=rSDJk1O/Hgys1UYJDgfoW4fjd60CzEgBPmWevB/W4O+Cv58QA2Zp000l2jQBvkN+T4ySjIctLExISVhMyliZ60V8cP7UEkEqwWl+muBdXBUnrljuNjeBBw==; Domain=.alibaba.com; Expires=Wed, 17-Feb-2083 02:31:35 GMT; Path=/; HttpOnly X-XSS-Protection: 1;mode=block | clean |
http://offer.alibaba.com/exclusive.html?imp=5b1e9619crvobnm654q&xp=vumrtpxeybxdo37tm5eqg2-a8rqrqkxv2tmbq08fsxx746m3zireyzabi9mazvbndux8tipcmoch8bk9bc4cqswxt5qccairbxmqbfpntl4&pid=105814&td=propellerads&cv=147001&aff_id=182463618&ct=1&size=000_000&cn=lt&an=50001&bm=cpa&tp1=31480345563&src=saf | 200 OK Content-Length: 64437 Content-Type: text/html | clean |
http://style.aliunicorn.com/js/6v/biz/arcadia/dpm-log/affiliate-cookie.js | 200 OK Content-Length: 522 Content-Type: application/javascript | clean |
http://style.aliunicorn.com/js/6v/atom/??atom-sc.js?t=6453147c_dccb47b47 | 200 OK Content-Length: 36874 Content-Type: application/javascript | clean |
http://img.alibaba.com/js/beacon_en.js | 200 OK Content-Length: 36354 Content-Type: application/javascript | clean |
http://io4.pw/test404page.js | 404 Not Found Content-Length: 564 Content-Type: text/html | clean |