Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=enchantedpapercrafts.com
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: enchantedpapercrafts.com
Result:
HTTP/1.1 301 Moved Permanently
Connection: close
Date: Tue, 20 Jan 2015 07:49:26 GMT
Location: http://google.com/
Server: nginx
Content-Length: 226
Content-Type: text/html; charset=iso-8859-1
...226 bytes of data.
GET / HTTP/1.1
Host: enchantedpapercrafts.com
Result:
HTTP/1.1 301 Moved Permanently
Connection: close
Date: Tue, 20 Jan 2015 07:49:26 GMT
Location: http://google.com/
Server: nginx
Content-Length: 226
Content-Type: text/html; charset=iso-8859-1
...226 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: enchantedpapercrafts.com
Referer: http://www.google.com/search?q=enchantedpapercrafts.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: enchantedpapercrafts.com
Referer: http://www.google.com/search?q=enchantedpapercrafts.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Scanned pages/files
Request | Server response | Status |
http://enchantedpapercrafts.com/ | HTTP/1.1 301 Moved Permanently Connection: close Date: Tue, 20 Jan 2015 07:49:26 GMT Location: http://google.com/ Server: nginx Content-Length: 226 Content-Type: text/html; charset=iso-8859-1 | clean |
http://google.com/ | HTTP/1.1 302 Found Cache-Control: private Connection: close Date: Tue, 20 Jan 2015 07:49:27 GMT Location: http://www.google.lt/?gws_rd=cr&ei=hwi-VI74Ccn4yQP4wYCgDA Server: gws Content-Length: 258 Content-Type: text/html; charset=UTF-8 Alternate-Protocol: 80:quic,p=0.02 P3P: CP="This is not a P3P policy! See http://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info." Set-Cookie: PREF=ID=e9655fa34c750dbc:FF=0:TM=1421740167:LM=1421740167:S=-vQiHvSM6ODRPK8w; expires=Thu, 19-Jan-2017 07:49:27 GMT; path=/; domain=.google.com Set-Cookie: NID=67=DxxJOqaoLVZWVRuZYg60Kb3w3ZmNRvqXx7p1da3vbTX2NEUv-86xhDf83TxIy9ty1cQCETLt_NCtT3JTnCI-_o7jskWDOryymLNFQ6YTbcWFIK4QGiPdGg-b17Y6Td8f; expires=Wed, 22-Jul-2015 07:49:27 GMT; path=/; domain=.google.com; HttpOnly X-Frame-Options: SAMEORIGIN X-XSS-Protection: 1; mode=block | clean |
http://www.google.lt/?gws_rd=cr&ei=hwi-vi74ccn4yqp4wycgda | 200 OK Content-Length: 51216 Content-Type: text/html | clean |
https://www.google.lt/webhp?tab=ww | 200 OK Content-Length: 64005 Content-Type: text/html | clean |
https://www.google.lt/imghp?hl=lt&tab=wi | 200 OK Content-Length: 57590 Content-Type: text/html | clean |
https://www.google.lt/webhp?hl=lt&tab=iw | 200 OK Content-Length: 64001 Content-Type: text/html | clean |
http://www.google.lt/intl/lt/options/ | HTTP/1.1 301 Moved Permanently Cache-Control: public, max-age=2592000 Connection: close Date: Fri, 26 Dec 2014 10:38:00 GMT Age: 2149888 Location: http://www.google.lt/intl/lt/about/products/ Server: sffe Content-Length: 241 Content-Type: text/html; charset=UTF-8 Expires: Sun, 25 Jan 2015 10:38:00 GMT Alternate-Protocol: 80:quic,p=0.02 X-Content-Type-Options: nosniff X-XSS-Protection: 1; mode=block | clean |
http://www.google.lt/intl/lt/about/products/ | 200 OK Content-Length: 7068 Content-Type: text/html | clean |
http://www.google.lt//www.google.com/js/gweb/analytics/autotrack.js/ | 404 Not Found Content-Length: 1471 Content-Type: text/html | clean |
http://www.google.lt//www.google.com/ | 404 Not Found Content-Length: 1440 Content-Type: text/html | clean |
http://www.google.lt/test404page.js | 404 Not Found Content-Length: 1439 Content-Type: text/html | clean |
http://www.google.lt/preferences?hl=lt | 200 OK Content-Length: 63966 Content-Type: text/html | clean |
http://www.google.lt/imghp?hl=lt&tab=wi | 200 OK Content-Length: 51221 Content-Type: text/html | clean |
http://www.google.lt/imghp?hl=lt&tab=ii | 200 OK Content-Length: 51185 Content-Type: text/html | clean |
http://www.google.lt/history/optout?hl=lt | HTTP/1.1 302 Found Cache-Control: private Connection: close Date: Tue, 20 Jan 2015 07:49:30 GMT Location: https://history.google.com/history/optout?hl=lt Server: Search-History HTTP Server Content-Length: 244 Content-Type: text/html; charset=UTF-8 Alternate-Protocol: 80:quic,p=0.02 Set-Cookie: PREF=ID=1f5a673d00aa349e:TM=1421740170:LM=1421740170:S=Dyi4boYXBtJtzTEP; expires=Thu, 19-Jan-2017 07:49:30 GMT; path=/; domain=.google.lt X-Content-Type-Options: nosniff X-Frame-Options: SAMEORIGIN X-XSS-Protection: 1; mode=block | clean |
https://history.google.com/history/optout?hl=lt | 200 OK Content-Length: 36865 Content-Type: text/html | clean |
https://history.google.com/history/ | HTTP/1.1 302 Found Cache-Control: private Connection: close Date: Tue, 20 Jan 2015 07:49:30 GMT Location: https://accounts.google.com/Login?continue=https://history.google.com/history/&hl=en Server: Search-History HTTP Server Content-Length: 285 Content-Type: text/html; charset=UTF-8 Alternate-Protocol: 443:quic,p=0.02 Set-Cookie: PREF=ID=dbcd0872f16fad11:TM=1421740170:LM=1421740170:S=wWnNM1_Py8UyZOJ3; expires=Thu, 19-Jan-2017 07:49:30 GMT; path=/; domain=.google.com X-Content-Type-Options: nosniff X-Frame-Options: SAMEORIGIN X-XSS-Protection: 1; mode=block | clean |
https://accounts.google.com/login?continue=https://history.google.com/history/&hl=en | 200 OK Content-Length: 67042 Content-Type: text/html | clean |
https://accounts.google.com/RecoverAccount?continue=https%3A%2F%2Fhistory.google.com%2Fhistory%2F | HTTP/1.1 302 Moved Temporarily Cache-Control: private, max-age=0 Connection: close Date: Tue, 20 Jan 2015 07:49:31 GMT Location: https://www.google.com/accounts/recovery?hl=en&ard=AHwGkRm3NiV1zad89a9Y5KsN9lZxmNw16SRAfwzv38V6pT7BZM9EkUILyOkjuiBVvfmqQj8ahbNjZPIPaiLwaS94bB2VcB-r2JDM8cr6_bh7uJdWJUczSsKPrTdmizYbLODuK0en8LX8Hop7fzhJIL7NOuHEzwTuMg Server: GSE Content-Length: 399 Content-Type: text/html; charset=UTF-8 Expires: Tue, 20 Jan 2015 07:49:31 GMT Alternate-Protocol: 443:quic,p=0.02 Set-Cookie: GAPS=1:MF_9_bszoaAia6ykjSyOovdyLnXmng:NOuWH6H-3fDHBovq;Path=/;Expires=Thu, 19-Jan-2017 07:49:31 GMT;Secure;HttpOnly;Priority=HIGH Strict-Transport-Security: max-age=10893354; includeSubDomains X-Content-Type-Options: nosniff X-Frame-Options: DENY X-XSS-Protection: 1; mode=block | clean |
https://www.google.com/accounts/recovery?hl=en&ard=ahwgkrm3niv1zad89a9y5ksn9lzxmnw16srafwzv38v6pt7bzm9ekuilyokjuibvvfmqqj8ahbnjzpipailwas94bb2vcb-r2jdm8cr6_bh7ujdwjuczsskprtdmizybloduk0en8lx8hop7fzhjil7nouhezwtumg | HTTP/1.1 302 Moved Temporarily Cache-Control: no-cache, no-store, max-age=0, must-revalidate Connection: close Date: Tue, 20 Jan 2015 07:49:31 GMT Pragma: no-cache Accept-Ranges: none Location: https://www.google.com/accounts/recovery/?hl=en&ard=ahwgkrm3niv1zad89a9y5ksn9lzxmnw16srafwzv38v6pt7bzm9ekuilyokjuibvvfmqqj8ahbnjzpipailwas94bb2vcb-r2jdm8cr6_bh7ujdwjuczsskprtdmizybloduk0en8lx8hop7fzhjil7nouhezwtumg Server: GSE Vary: Accept-Encoding Content-Type: text/html; charset=UTF-8 Expires: Fri, 01 Jan 1990 00:00:00 GMT Alternate-Protocol: 443:quic,p=0.02 X-Content-Type-Options: nosniff X-Frame-Options: SAMEORIGIN X-XSS-Protection: 1; mode=block | clean |
https://www.google.com/accounts/recovery/?hl=en&ard=ahwgkrm3niv1zad89a9y5ksn9lzxmnw16srafwzv38v6pt7bzm9ekuilyokjuibvvfmqqj8ahbnjzpipailwas94bb2vcb-r2jdm8cr6_bh7ujdwjuczsskprtdmizybloduk0en8lx8hop7fzhjil7nouhezwtumg | HTTP/1.1 302 Moved Temporarily Cache-Control: no-cache, no-store, max-age=0, must-revalidate Connection: close Date: Tue, 20 Jan 2015 07:49:32 GMT Pragma: no-cache Accept-Ranges: none Location: https://www.google.com/accounts/RecoverAccount?hl=en&ard=ahwgkrm3niv1zad89a9y5ksn9lzxmnw16srafwzv38v6pt7bzm9ekuilyokjuibvvfmqqj8ahbnjzpipailwas94bb2vcb-r2jdm8cr6_bh7ujdwjuczsskprtdmizybloduk0en8lx8hop7fzhjil7nouhezwtumg&arr=AHwGkRnFwYxL6bzM4p-GS3lMllwyL5vBHqDfHO-Q4PDSkSEwJYOIIZiVT8kUtms-RHekJprkIIURWOgeVQa7MiBf7IMqZaQ7wC3gp7qRZ-xMWIJtgqB2aLDnIVyTxTQWh2GTFP0TYFSr Server: GSE Vary: Accept-Encoding Content-Type: text/html; charset=UTF-8 Expires: Fri, 01 Jan 1990 00:00:00 GMT Alternate-Protocol: 443:quic,p=0.02 Set-Cookie: accountrecoverylocale=en; Expires=Tue, 27-Jan-2015 07:49:32 GMT; Path=/accounts/recovery; Secure; HttpOnly Set-Cookie: S=account-recovery=5RPaYdBQZos; Domain=.google.com; Path=/; Secure; HttpOnly X-Content-Type-Options: nosniff X-Frame-Options: SAMEORIGIN X-XSS-Protection: 1; mode=block | clean |
https://www.google.com/accounts/recoveraccount?hl=en&ard=ahwgkrm3niv1zad89a9y5ksn9lzxmnw16srafwzv38v6pt7bzm9ekuilyokjuibvvfmqqj8ahbnjzpipailwas94bb2vcb-r2jdm8cr6_bh7ujdwjuczsskprtdmizybloduk0en8lx8hop7fzhjil7nouhezwtumg&arr=ahwgkrnfwyxl6bzm4p-gs3lmllwyl5vbhqdfho-q4pdsksewjyoiizivt8kutms-rhekjprkiiurwogevqa7mibf7imqzaq7wc3gp7qrz-xmwijtgqb2aldnivytxtqwh2gtfp0tyfsr | HTTP/1.1 302 Moved Temporarily Cache-Control: private, max-age=0 Connection: close Date: Tue, 20 Jan 2015 07:49:32 GMT Location: https://accounts.google.com/recoveraccount?hl=en&ard=ahwgkrm3niv1zad89a9y5ksn9lzxmnw16srafwzv38v6pt7bzm9ekuilyokjuibvvfmqqj8ahbnjzpipailwas94bb2vcb-r2jdm8cr6_bh7ujdwjuczsskprtdmizybloduk0en8lx8hop7fzhjil7nouhezwtumg&arr=ahwgkrnfwyxl6bzm4p-gs3lmllwyl5vbhqdfho-q4pdsksewjyoiizivt8kutms-rhekjprkiiurwogevqa7mibf7imqzaq7wc3gp7qrz-xmwijtgqb2aldnivytxtqwh2gtfp0tyfsr Server: GSE Content-Length: 550 Content-Type: text/html; charset=UTF-8 Expires: Tue, 20 Jan 2015 07:49:32 GMT Alternate-Protocol: 443:quic,p=0.02 Set-Cookie: GoogleAccountsLocale_session=en; Path=/; Secure; HttpOnly X-Content-Type-Options: nosniff X-XSS-Protection: 1; mode=block | clean |
https://accounts.google.com/recoveraccount?hl=en&ard=ahwgkrm3niv1zad89a9y5ksn9lzxmnw16srafwzv38v6pt7bzm9ekuilyokjuibvvfmqqj8ahbnjzpipailwas94bb2vcb-r2jdm8cr6_bh7ujdwjuczsskprtdmizybloduk0en8lx8hop7fzhjil7nouhezwtumg&arr=ahwgkrnfwyxl6bzm4p-gs3lmllwyl5vbhqdfho-q4pdsksewjyoiizivt8kutms-rhekjprkiiurwogevqa7mibf7imqzaq7wc3gp7qrz-xmwijtgqb2aldnivytxtqwh2gtfp0tyfsr | 400 Bad Request Content-Length: 145 Content-Type: text/html | clean |
http://www.google.lt/chrome/index.html?hl=lt&brand=CHNG&utm_source=lt-hpp&utm_medium=hpp&utm_campaign=lt | HTTP/1.1 302 Found Cache-Control: private Connection: close Date: Tue, 20 Jan 2015 07:49:32 GMT Location: https://www.google.lt/chrome/browser/?hl=lt&brand=CHNG&utm_source=lt-hpp&utm_medium=hpp&utm_campaign=lt Server: sffe Content-Length: 316 Content-Type: text/html; charset=UTF-8 Alternate-Protocol: 80:quic,p=0.02 X-Content-Type-Options: nosniff X-XSS-Protection: 1; mode=block | clean |
https://www.google.lt/chrome/browser/?hl=lt&brand=chng&utm_source=lt-hpp&utm_medium=hpp&utm_campaign=lt | HTTP/1.1 200 OK Cache-Control: private, max-age=0 Connection: close Date: Tue, 20 Jan 2015 07:49:32 GMT Accept-Ranges: none Server: sffe Vary: Accept-Encoding Content-Type: text/html Expires: Tue, 20 Jan 2015 07:49:32 GMT Last-Modified: Tue, 02 Dec 2014 18:04:39 GMT Alternate-Protocol: 443:quic,p=0.02 X-Content-Type-Options: nosniff X-XSS-Protection: 1; mode=block | clean |
https://www.google.lt/chrome/browser/../../chrome/browser/desktop/index.html | HTTP/1.1 302 Found Cache-Control: private Connection: close Date: Tue, 20 Jan 2015 07:49:32 GMT Location: https://www.google.lt/chrome/browser/desktop/index.html Server: GFE/2.0 Content-Length: 252 Content-Type: text/html; charset=UTF-8 | clean |
https://www.google.lt/chrome/browser/desktop/index.html | 200 OK Content-Length: 43032 Content-Type: text/html | clean |