Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=2ndin.com
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: 2ndin.com
Result:
HTTP/1.1 302 Redirect
Date: Thu, 25 Dec 2014 02:51:52 GMT
Location: http://www.hnhtlvye.com/
Server: IIS
Content-Length: 147
Content-Type: text/html; charset=UTF-8
X-Powered-By: WAF/2.0
...147 bytes of data.
GET / HTTP/1.1
Host: 2ndin.com
Result:
HTTP/1.1 302 Redirect
Date: Thu, 25 Dec 2014 02:51:52 GMT
Location: http://www.hnhtlvye.com/
Server: IIS
Content-Length: 147
Content-Type: text/html; charset=UTF-8
X-Powered-By: WAF/2.0
...147 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: 2ndin.com
Referer: http://www.google.com/search?q=2ndin.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: 2ndin.com
Referer: http://www.google.com/search?q=2ndin.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Scanned pages/files
Request | Server response | Status |
http://2ndin.com/ | HTTP/1.1 302 Redirect Date: Thu, 25 Dec 2014 02:51:52 GMT Location: http://www.hnhtlvye.com/ Server: IIS Content-Length: 147 Content-Type: text/html; charset=UTF-8 X-Powered-By: WAF/2.0 | clean |
http://www.hnhtlvye.com/ | 200 OK Content-Length: 50298 Content-Type: text/html | clean |
http://www.hnhtlvye.com/js/tj.js | 200 OK Content-Length: 660 Content-Type: application/x-javascript | clean |
http://2ndin.com/./ | HTTP/1.1 302 Redirect Date: Thu, 25 Dec 2014 02:51:56 GMT Location: http://www.hnhtlvye.com/ Server: IIS Content-Length: 147 Content-Type: text/html; charset=UTF-8 X-Powered-By: WAF/2.0 | clean |
http://www.hnhtlvye.com/test404page.js | 200 OK Content-Length: 3173 Content-Type: text/html | clean |
http://2ndin.com/list1.html | HTTP/1.1 302 Redirect Date: Thu, 25 Dec 2014 02:51:59 GMT Location: http://www.hnhtlvye.com/list1.html Server: IIS Content-Length: 157 Content-Type: text/html; charset=UTF-8 X-Powered-By: WAF/2.0 | clean |
http://www.hnhtlvye.com/list1.html | 200 OK Content-Length: 13009 Content-Type: text/html | clean |
http://www.hnhtlvye.com/js/common.js | 200 OK Content-Length: 20480 Content-Type: application/x-javascript | clean |
http://2ndin.com/js/tj.js | 200 OK Content-Length: 3173 Content-Type: text/html | clean |
http://2ndin.com/js/ | 200 OK Content-Length: 3173 Content-Type: text/html | clean |
http://2ndin.com/list2.html | HTTP/1.1 302 Redirect Date: Thu, 25 Dec 2014 02:52:05 GMT Location: http://www.hnhtlvye.com/list2.html Server: IIS Content-Length: 157 Content-Type: text/html; charset=UTF-8 X-Powered-By: WAF/2.0 | clean |
http://www.hnhtlvye.com/list2.html | 200 OK Content-Length: 13475 Content-Type: text/html | clean |
http://www.hnhtlvye.com/./ | 200 OK Content-Length: 50298 Content-Type: text/html | clean |
http://www.hnhtlvye.com/./js/tj.js | 200 OK Content-Length: 660 Content-Type: application/x-javascript | clean |
http://www.hnhtlvye.com/././ | 200 OK Content-Length: 50298 Content-Type: text/html | clean |
http://www.hnhtlvye.com/././js/tj.js | 200 OK Content-Length: 660 Content-Type: application/x-javascript | clean |
http://www.hnhtlvye.com/./././ | 200 OK Content-Length: 50298 Content-Type: text/html | clean |
http://www.hnhtlvye.com/./././js/tj.js | 200 OK Content-Length: 660 Content-Type: application/x-javascript | clean |
http://www.hnhtlvye.com/././././ | 200 OK Content-Length: 50298 Content-Type: text/html | clean |