Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=zstat.ru
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://zstat.ru/ | HTTP/1.1 302 Found Cache-Control: max-age=0 Connection: close Date: Sat, 07 Mar 2015 00:48:10 GMT Pragma: no-cache Location: http://mail.ru/ Server: nginx/1.2.1 Vary: Accept-Encoding Content-Length: 0 Content-Type: text/html; charset=utf-8 Expires: Thu, 21 Jul 1977 07:30:00 GMT Last-Modified: Sat, 07 Mar 2015 00:48:10 GMT | clean |
http://mail.ru/ | HTTP/1.1 302 OK Cache-Control: no-cache,no-store,must-revalidate Connection: close Date: Sat, 07 Mar 2015 00:48:09 GMT Pragma: no-cache Location: https://mail.ru Server: nginx/1.6.2 Content-Length: 37 Content-Type: text/html Expires: Fri, 07 Mar 2014 00:48:09 GMT Last-Modified: Sat, 07 Mar 2015 03:48:09 GMT Set-Cookie: mrcu=1BFF54FA4AC93B2DC31FE20B9E4E; expires=Tue, 04 Mar 2025 00:48:09 GMT; path=/; domain=.mail.ru X-Content-Type-Options: nosniff X-Frame-Options: SAMEORIGIN X-XSS-Protection: 1; mode=block; report=https://cspreport.mail.ru/xxssprotection | clean |
https://mail.ru/ | 200 OK Content-Length: 222456 Content-Type: text/html | suspicious |
Suspicious code found <style>.x-ph{position:relative;z-index:1003;margin:0;padding:0;font:12px/16px Helvetica,Arial,sans-serif;white-space:nowrap;text-align:left;background:#fff;height:28px;*zoom:1}.w-x-ph{width:100%;margin:0;padding:0;border:0;border-spacing:0;border-collapse:collapse;font:12px/16px Helve document.createElement("script"),X=document.getElementsByTagName("head")[0];v.defer="defer";v.async="async";v.type="text/javascript";v.src=c.settings.newDesign?c.settings.externalNewJS:c.settings.externalJS;!("opera"in window)||"complete"===document.readyState?X.appendChild(v):window.addEventListener("DOMContentLoaded",function(){X.appendChild(v)},!1)}u.timeEnd("headline.inline.js")}})(); </script> | ||
https://mail.ru//limg.imgsmail.ru/splash/v/j/s_n.js.d87ff32350a8e8e3a9b8b46c001fdd153fc280d6.js/ | HTTP/1.1 302 OK Cache-Control: no-cache,no-store,must-revalidate Connection: close Date: Sat, 07 Mar 2015 00:48:10 GMT Pragma: no-cache Location: https://mail.ru Server: nginx/1.6.2 Content-Length: 37 Content-Type: text/html Expires: Fri, 07 Mar 2014 00:48:10 GMT Last-Modified: Sat, 07 Mar 2015 03:48:10 GMT Set-Cookie: mrcu=476F54FA4ACA123403FAE20B9E4E; expires=Tue, 04 Mar 2025 00:48:10 GMT; path=/; domain=.mail.ru Strict-Transport-Security: max-age=16070400 X-Content-Type-Options: nosniff X-XSS-Protection: 1; mode=block; report=https://cspreport.mail.ru/xxssprotection | clean |
http://mail.ru/test404page.js | HTTP/1.1 302 OK Cache-Control: no-cache,no-store,must-revalidate Connection: close Date: Sat, 07 Mar 2015 00:48:10 GMT Pragma: no-cache Location: https://mail.ru Server: nginx/1.6.2 Content-Length: 37 Content-Type: text/html Expires: Fri, 07 Mar 2014 00:48:10 GMT Last-Modified: Sat, 07 Mar 2015 03:48:10 GMT Set-Cookie: mrcu=5DEF54FA4ACA633F73D0E20B9E4E; expires=Tue, 04 Mar 2025 00:48:10 GMT; path=/; domain=.mail.ru X-Content-Type-Options: nosniff X-XSS-Protection: 1; mode=block; report=https://cspreport.mail.ru/xxssprotection | clean |
http://zstat.ru/cache | HTTP/1.1 302 Found Cache-Control: max-age=0 Connection: close Date: Sat, 07 Mar 2015 00:48:12 GMT Pragma: no-cache Location: http://mail.ru/ Server: nginx/1.2.1 Vary: Accept-Encoding Content-Length: 0 Content-Type: text/html; charset=utf-8 Expires: Thu, 21 Jul 1977 07:30:00 GMT Last-Modified: Sat, 07 Mar 2015 00:48:12 GMT | clean |
http://zstat.ru//limg.imgsmail.ru/splash/v/j/a_n.js.a0ce8e5dffb0cb6822b6a8dae8a19473226454fd.js/ | HTTP/1.1 302 Found Cache-Control: max-age=0 Connection: close Date: Sat, 07 Mar 2015 00:48:12 GMT Pragma: no-cache Location: http://mail.ru/ Server: nginx/1.2.1 Vary: Accept-Encoding Content-Length: 0 Content-Type: text/html; charset=utf-8 Expires: Thu, 21 Jul 1977 07:30:00 GMT Last-Modified: Sat, 07 Mar 2015 00:48:12 GMT | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: zstat.ru
Result:
HTTP/1.1 302 Found
Cache-Control: max-age=0
Connection: close
Date: Sat, 07 Mar 2015 00:48:10 GMT
Pragma: no-cache
Location: http://mail.ru/
Server: nginx/1.2.1
Vary: Accept-Encoding
Content-Length: 0
Content-Type: text/html; charset=utf-8
Expires: Thu, 21 Jul 1977 07:30:00 GMT
Last-Modified: Sat, 07 Mar 2015 00:48:10 GMT
...0 bytes of data.
GET / HTTP/1.1
Host: zstat.ru
Result:
HTTP/1.1 302 Found
Cache-Control: max-age=0
Connection: close
Date: Sat, 07 Mar 2015 00:48:10 GMT
Pragma: no-cache
Location: http://mail.ru/
Server: nginx/1.2.1
Vary: Accept-Encoding
Content-Length: 0
Content-Type: text/html; charset=utf-8
Expires: Thu, 21 Jul 1977 07:30:00 GMT
Last-Modified: Sat, 07 Mar 2015 00:48:10 GMT
...0 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: zstat.ru
Referer: http://www.google.com/search?q=zstat.ru
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: zstat.ru
Referer: http://www.google.com/search?q=zstat.ru
Result:
The result is similar to the first query. There are no suspicious redirects found.