Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: gazou-upstage.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Sun, 19 Apr 2015 15:08:10 GMT
Accept-Ranges: bytes
ETag: "44a804e-1521b-5f65e240"
Server: Apache
Content-Length: 86555
Content-Type: text/html
Last-Modified: Sun, 19 Apr 2015 12:58:41 GMT
...86555 bytes of data.
GET / HTTP/1.1
Host: gazou-upstage.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Sun, 19 Apr 2015 15:08:10 GMT
Accept-Ranges: bytes
ETag: "44a804e-1521b-5f65e240"
Server: Apache
Content-Length: 86555
Content-Type: text/html
Last-Modified: Sun, 19 Apr 2015 12:58:41 GMT
...86555 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: gazou-upstage.com
Referer: http://www.google.com/search?q=gazou-upstage.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: gazou-upstage.com
Referer: http://www.google.com/search?q=gazou-upstage.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Scanned pages/files
Request | Server response | Status |
http://gazou-upstage.com/ | 200 OK Content-Length: 86555 Content-Type: text/html | clean |
http://gazou-upstage.com/js/entryVote.js | 200 OK Content-Length: 2979 Content-Type: application/x-javascript | clean |
http://gazou-upstage.com/js/jQ.js | 200 OK Content-Length: 94019 Content-Type: application/x-javascript | clean |
http://gazou-upstage.com/js/accordion2.js | 200 OK Content-Length: 938 Content-Type: application/x-javascript | clean |
http://gazou-upstage.com/js/popup.js | 200 OK Content-Length: 285 Content-Type: application/x-javascript | clean |
http://gazou-upstage.com/js/scroll.js | 200 OK Content-Length: 356 Content-Type: application/x-javascript | clean |
http://gazou-upstage.com/js/shadowbox.js | 200 OK Content-Length: 22304 Content-Type: application/x-javascript | clean |
http://rss-rank.com/wan.php?id=203 | 200 OK Content-Length: 2584 Content-Type: application/x-javascript | clean |
http://blogroll.livedoor.net/js/blogroll.js | 200 OK Content-Length: 15522 Content-Type: application/x-javascript | clean |
http://rranking13.ziyu.net/rank.php?gazouupstage | 200 OK Content-Length: 394 Content-Type: application/x-javascript | clean |
http://rranking13.ziyu.net/js/gazouupstage.js | 200 OK Content-Length: 5706 Content-Type: application/x-javascript | clean |
http://rranking13.ziyu.net/rank.php?gazouupstage2 | 200 OK Content-Length: 395 Content-Type: application/x-javascript | clean |
http://rranking13.ziyu.net/js/gazouupstage2.js | 200 OK Content-Length: 5689 Content-Type: application/x-javascript | clean |
http://counter1.fc2.com/counter.php?id=89354660 | 200 Ok Content-Length: 1134 Content-Type: application/x-javascript | clean |
http://gazou-upstage.com/cat/cat109/ | 200 OK Content-Length: 74296 Content-Type: text/html | clean |
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=gazou-upstage.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://gazou-upstage.com/
Result: gazou-upstage.com is not infected or malware details are not published yet.
Result: gazou-upstage.com is not infected or malware details are not published yet.