Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=dreams-travel.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://dreams-travel.com/
Result: The website is marked by Yandex as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Yandex as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://dreams-travel.com/ | HTTP/1.1 301 Moved Permanently Date: Sat, 20 Sep 2014 16:10:59 GMT Location: http://www.dreams-travel.com/ Server: Microsoft-IIS/6.0 Content-Length: 239 Content-Type: text/html X-Powered-By: ASP.NET | clean |
http://www.dreams-travel.com/ | 200 OK Content-Length: 180968 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) window._bd_share_config={"common":{"bdSnsKey":{},"bdText":"","bdMini":"2","bdMiniList":false,"bdPic":"","bdStyle":"0","bdSize":"16"},"slide":{"type":"slide","bdImg":"0","bdPos":"left","bdTop":"250"}};with(document)0[(getElementsByTagName('head')[0]||body).appendChild(createElement('script')).src='http://bdimg.share.baidu.com/static/api/js/share.js?v=89860593.js?cdnversion='+~(-new Date()/36e5)]; Antivirus reports:
| ||
http://pw.dreams-travel.com/index/@py-z_class/jquery.lazyload.min.js | HTTP/1.1 200 OK Cache-Control: max-age=5760000 Date: Sat, 20 Sep 2014 16:11:57 GMT Accept-Ranges: bytes ETag: "014aaa38459cd1:2449b" Server: Microsoft-IIS/6.0 Content-Length: 3212 Content-Location: http://pw.dreams-travel.com/index/@py-z_class/jquery.lazyload.min.js Content-Type: application/x-javascript Last-Modified: Wed, 04 Jul 2012 01:30:48 GMT X-Powered-By: ASP.NET | clean |
http://pw.dreams-travel.com/test404page.js | 404 Not Found Content-Length: 1308 Content-Type: text/html | clean |
http://pw4.dreams-travel.com/Public/js/cyaccordion.js | 500 timeout Content-Length: 30 Content-Type: text/plain | clean |
http://pw.dreams-travel.com/index/jsfile/tongji.js | HTTP/1.1 200 OK Cache-Control: max-age=5760000 Date: Sat, 20 Sep 2014 16:12:04 GMT Accept-Ranges: bytes ETag: "0e013a54796cd1:2449b" Server: Microsoft-IIS/6.0 Content-Length: 746 Content-Location: http://pw.dreams-travel.com/index/jsfile/tongji.js Content-Type: application/x-javascript Last-Modified: Wed, 19 Sep 2012 09:17:52 GMT X-Powered-By: ASP.NET | clean |
http://s20.cnzz.com/stat.php?id=3997718&web_id=3997718&show=pic1 | 200 OK Content-Length: 9326 Content-Type: application/javascript | clean |
http://wpa.b.qq.com/cgi/wpa.php?key=XzkzODAzMjE0OV8xMzY5MTBfNDAwMDA1MTcwNl8 | 200 OK Content-Length: 11089 Content-Type: text/javascript | clean |
http://pw4.dreams-travel.com/Public/js/kefu.js | 200 OK Content-Length: 18260 Content-Type: text/javascript | clean |
http://pw.dreams-travel.com/css/index_2.js | HTTP/1.1 200 OK Cache-Control: max-age=5760000 Date: Sat, 20 Sep 2014 16:12:10 GMT Accept-Ranges: bytes ETag: "0d550151e87cd1:2449b" Server: Microsoft-IIS/6.0 Content-Length: 18777 Content-Location: http://pw.dreams-travel.com/css/index_2.js Content-Type: application/x-javascript Last-Modified: Fri, 31 Aug 2012 02:12:34 GMT X-Powered-By: ASP.NET | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: dreams-travel.com
Result:
HTTP/1.1 301 Moved Permanently
Date: Sat, 20 Sep 2014 16:10:59 GMT
Location: http://www.dreams-travel.com/
Server: Microsoft-IIS/6.0
Content-Length: 239
Content-Type: text/html
X-Powered-By: ASP.NET
...239 bytes of data.
GET / HTTP/1.1
Host: dreams-travel.com
Result:
HTTP/1.1 301 Moved Permanently
Date: Sat, 20 Sep 2014 16:10:59 GMT
Location: http://www.dreams-travel.com/
Server: Microsoft-IIS/6.0
Content-Length: 239
Content-Type: text/html
X-Powered-By: ASP.NET
...239 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: dreams-travel.com
Referer: http://www.google.com/search?q=dreams-travel.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: dreams-travel.com
Referer: http://www.google.com/search?q=dreams-travel.com
Result:
The result is similar to the first query. There are no suspicious redirects found.