Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: y1y1.com
Result:
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Thu, 05 Mar 2015 21:26:43 GMT
Pragma: no-cache
Server: Apache
Content-Type: text/html
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Set-Cookie: sessionid=f15f10d6a344e12412755be71a65b5b7; path=/
Set-Cookie: 4images_lastvisit=1425590803; expires=Fri, 04-Mar-2016 21:26:43 GMT
Set-Cookie: 4images_userid=-1; expires=Fri, 04-Mar-2016 21:26:43 GMT
GET / HTTP/1.1
Host: y1y1.com
Result:
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Thu, 05 Mar 2015 21:26:43 GMT
Pragma: no-cache
Server: Apache
Content-Type: text/html
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Set-Cookie: sessionid=f15f10d6a344e12412755be71a65b5b7; path=/
Set-Cookie: 4images_lastvisit=1425590803; expires=Fri, 04-Mar-2016 21:26:43 GMT
Set-Cookie: 4images_userid=-1; expires=Fri, 04-Mar-2016 21:26:43 GMT
Second query (visit from search engine):
GET / HTTP/1.1
Host: y1y1.com
Referer: http://www.google.com/search?q=y1y1.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: y1y1.com
Referer: http://www.google.com/search?q=y1y1.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Scanned pages/files
| Request | Server response | Status |
http://y1y1.com/ | 200 OK Content-Length: 16931 Content-Type: text/html | clean |
http://pagead2.googlesyndication.com/pagead/show_ads.js | 200 OK Content-Length: 20008 Content-Type: text/javascript | clean |
http://y1y1.com/contactus.php | 404 Not Found Content-Length: 330 Content-Type: text/html | clean |
http://y1y1.com/test404page.js | 404 Not Found Content-Length: 331 Content-Type: text/html | clean |
http://y1y1.com/search.php | 200 OK Content-Length: 21470 Content-Type: text/html | clean |
http://y1y1.com/index.php | 200 OK Content-Length: 16931 Content-Type: text/html | clean |
http://y1y1.com/./register.php?sessionid=ddc98cc2e4fc4f1540af7eea4b8c62e7 | 200 OK Content-Length: 16755 Content-Type: text/html | clean |
http://y1y1.com/./contactus.php | 404 Not Found Content-Length: 330 Content-Type: text/html | clean |
http://y1y1.com/./search.php | 200 OK Content-Length: 21470 Content-Type: text/html | clean |
http://y1y1.com/./index.php | 200 OK Content-Length: 16931 Content-Type: text/html | clean |
http://y1y1.com/././register.php?sessionid=2f1b79fb066d40a5155597320b5df977 | 200 OK Content-Length: 16755 Content-Type: text/html | clean |
http://y1y1.com/././contactus.php | 404 Not Found Content-Length: 330 Content-Type: text/html | clean |
http://y1y1.com/././search.php | 200 OK Content-Length: 21470 Content-Type: text/html | clean |
http://y1y1.com/././index.php | 200 OK Content-Length: 16931 Content-Type: text/html | clean |
http://y1y1.com/./././register.php?sessionid=3d8be91c7a8841149094cd6cdfb186c2 | 200 OK Content-Length: 16755 Content-Type: text/html | clean |
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=y1y1.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://y1y1.com/
Result: y1y1.com is not infected or malware details are not published yet.
Result: y1y1.com is not infected or malware details are not published yet.