Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=64mir.com
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://www.64mir.com/ | HTTP/1.1 200 OK Date: Tue, 13 Jan 2015 13:40:40 GMT Accept-Ranges: bytes ETag: "9235f9946afacf1:a664" Server: Microsoft-IIS/6.0 Content-Length: 15183 Content-Location: http://www.64mir.com/index.htm Content-Type: text/html Last-Modified: Fri, 07 Nov 2014 09:09:48 GMT .7z: application/octet-stream X-Died: timeout at scan.pm line 1566. X-Powered-By: ASP.NET | clean |
http://www.64mir.com/index.htm | 200 OK Content-Length: 15183 Content-Type: text/html | suspicious |
Page code contains blacklisted domain: www.317511.net ...[1300 bytes skipped]... ent.documentElement.scrollTop));margin:140px 0 0 0;} .fixediv-l{left:0px;} .fixediv-r{right:0px;} .fixediv .btn{height:25px;background:#CCCCCC;text-align:right;line-height:25px;overflow:hidden;} </style> <div id="Bar1190_big" class="fixediv fixediv-l"> <div class="btn"><a href="javascript:void(0);" onClick="bar1190_hidden()">å ³é</a> </div> <a href="http://www.317511.net/tgjl.htm" target="_blank"><img width="120" height="600" src="img/1.jpg" alt="å ¬çå¤ä¼ " /></a> </div> <div id="Bar1190_small" class="fixediv fixediv-l" style="width:25px;display:none;"> <div class="btn"><a href="javascript:void(0);" onClick="bar1190_show()">å±å¼</a></div> <a href="http://www.317511.net/tgjl.htm" target="_blank"><img width="120" height="600" src="img/2.jpg" alt="å ¬çå¤ä¼ " /> ...[2074 bytes skipped]... | ||
http://www.ksdnewr.com/js/w.js | HTTP/1.1 301 Moved Permanently Connection: close Date: Tue, 13 Jan 2015 13:40:43 GMT Location: http://go.oclaserver.com/entry.php?zoneid=59044&var=ksdnewr.com Server: Apache Vary: Accept-Encoding Content-Length: 0 Content-Type: text/html | clean |
http://go.oclaserver.com/entry.php?zoneid=59044&var=ksdnewr.com | HTTP/1.1 302 Moved Temporarily Connection: close Date: Tue, 13 Jan 2015 14:37:02 GMT Location: http://onclickads.net/entry.php?zoneid=59044&var=ksdnewr.com Server: nginx Content-Length: 154 Content-Type: text/html | clean |
http://onclickads.net/entry.php?zoneid=59044&var=ksdnewr.com | HTTP/1.1 200 OK Connection: close Date: Tue, 13 Jan 2015 13:41:01 GMT Server: nginx Content-Type: text/html P3P: CP="CUR ADM OUR NOR STA NID" Set-Cookie: OAGEO3c1d5=1%7CLT%7CVL%7CVILNIUS%7C01100%7C54.6894%7C25.28%7C-1%7C0%7CBROADBAND%7CUAB+CONSILIUM+OPTIMUM%7C; expires=Wed, 14-Jan-2015 13:40:43 GMT; path=/ | clean |
http://quick-loan.us/ | 200 OK Content-Length: 8506 Content-Type: text/html | clean |
http://d32ffatx74qnju.cloudfront.net/scripts/js3caf.js | 200 OK Content-Length: 3490 Content-Type: application/javascript | clean |
http://www.ksdnewr.com/test404page.js | HTTP/1.1 301 Moved Permanently Connection: close Date: Tue, 13 Jan 2015 13:40:44 GMT Location: http://go.oclaserver.com/entry.php?zoneid=59044&var=ksdnewr.com Server: Apache Vary: Accept-Encoding Content-Length: 0 Content-Type: text/html | clean |
http://go.oclaserver.com/test404page.js | HTTP/1.1 302 Moved Temporarily Connection: close Date: Tue, 13 Jan 2015 14:37:03 GMT Location: http://onclickads.net/test404page.js Server: nginx Content-Length: 154 Content-Type: text/html | clean |
http://onclickads.net/test404page.js | 204 No Content Content-Length: 0 | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: 64mir.com
Result:
GET / HTTP/1.1
Host: 64mir.com
Result:
Second query (visit from search engine):
GET / HTTP/1.1
Host: 64mir.com
Referer: http://www.google.com/search?q=64mir.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: 64mir.com
Referer: http://www.google.com/search?q=64mir.com
Result:
The result is similar to the first query. There are no suspicious redirects found.