Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=mail.fer.es
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://mail.fer.es/
Result: The website is marked by Yandex as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Yandex as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
| Request | Server response | Status |
http://mail.fer.es/ | HTTP/1.1 302 Found Connection: close Date: Sat, 13 Sep 2014 21:57:24 GMT Location: src/login.php Server: Apache/2.0.52 (Red Hat) Content-Length: 0 Content-Type: text/html; charset=UTF-8 X-Powered-By: PHP/4.4.9 | clean |
http://mail.fer.es/src/login.php | 200 OK Content-Length: 4486 Content-Type: text/html | suspicious |
Page code contains blacklisted domain: www.fer.es <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"> <html> <head> <meta name="robots" content="noindex,nofollow"> <link rel="stylesheet" type="text/css" href="/themes/css/bluehive.css" /> <link rel="stylesheet" type="text/css" href="http://www.fer.es/webmailAddOns/stylesheet.css" /> <title>mail.fer.es - Entrar</title><script language="JavaScript" type="text/javascript"> <!-- function squirrelmail_loginpage_onload() { document.forms[0].js_autodetect_results.value = '1'; var textElements = 0; for (i = 0; i < document.forms[0].elements.length; i++) { if (document.forms[0].elements[i].type == "text" || document.forms ...[5134 bytes skipped]... | ||
http://mail.fer.es/src/../plugins/login_auto/security.en.php | 200 OK Content-Length: 2347 Content-Type: text/html | suspicious |
Page code contains blacklisted domain: fer.es <HTML>
<HEAD> <LINK REL="stylesheet" TYPE="text/css" HREF="../../themes/css/bluehive.css"> <TITLE>fer.es - Security Notice</TITLE> </HEAD> <BODY> <BR><BR> <TABLE BGCOLOR="FFFFFF" BORDER="0" COLS="1" WIDTH="90%" CELLSPACING="0" CELLPADDING="2" ALIGN="CENTER"> <TR> <TD> <b>What does "Remeber my Name & Password" mean? </b> </TD> </TR> <TR> <TD> When you sign in with ...[2483 bytes skipped]... | ||
http://mail.fer.es/test404page.js | 404 Not Found Content-Length: 290 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: mail.fer.es
Result:
HTTP/1.1 302 Found
Connection: close
Date: Sat, 13 Sep 2014 21:57:24 GMT
Location: src/login.php
Server: Apache/2.0.52 (Red Hat)
Content-Length: 0
Content-Type: text/html; charset=UTF-8
X-Powered-By: PHP/4.4.9
...0 bytes of data.
GET / HTTP/1.1
Host: mail.fer.es
Result:
HTTP/1.1 302 Found
Connection: close
Date: Sat, 13 Sep 2014 21:57:24 GMT
Location: src/login.php
Server: Apache/2.0.52 (Red Hat)
Content-Length: 0
Content-Type: text/html; charset=UTF-8
X-Powered-By: PHP/4.4.9
...0 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: mail.fer.es
Referer: http://www.google.com/search?q=mail.fer.es
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: mail.fer.es
Referer: http://www.google.com/search?q=mail.fer.es
Result:
The result is similar to the first query. There are no suspicious redirects found.