Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=googleload1.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://googleload1.com/
Result: The website is marked by Yandex as SMS-fraud resource. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Yandex as SMS-fraud resource. - visiting this web site may harm your computer.
Details are available here.
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: googleload1.com
Result:
HTTP/1.1 302 Found
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Fri, 18 Apr 2014 05:21:38 GMT
Pragma: no-cache
Location: /?query=%D0%A2%D0%B8%D1%82%D0%B0%D0%BD%D0%B8%D0%BA
Server: nginx/1.2.3
Vary: Accept-Encoding
Content-Length: 0
Content-Type: text/html
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Set-Cookie: PHPSESSID=dqspfvjj716c42efobd3834hu2; expires=Fri, 18-Apr-2014 11:21:38 GMT; path=/
Set-Cookie: cook=ok; expires=Sun, 18-May-2014 05:21:38 GMT; path=/
Set-Cookie: country=LT; expires=Sun, 18-May-2014 05:21:38 GMT; path=/
Set-Cookie: _ft=1397809298; expires=Sun, 18-May-2014 05:21:38 GMT; path=/
X-Powered-By: PHP/5.4.6
...0 bytes of data.
GET / HTTP/1.1
Host: googleload1.com
Result:
HTTP/1.1 302 Found
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Fri, 18 Apr 2014 05:21:38 GMT
Pragma: no-cache
Location: /?query=%D0%A2%D0%B8%D1%82%D0%B0%D0%BD%D0%B8%D0%BA
Server: nginx/1.2.3
Vary: Accept-Encoding
Content-Length: 0
Content-Type: text/html
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Set-Cookie: PHPSESSID=dqspfvjj716c42efobd3834hu2; expires=Fri, 18-Apr-2014 11:21:38 GMT; path=/
Set-Cookie: cook=ok; expires=Sun, 18-May-2014 05:21:38 GMT; path=/
Set-Cookie: country=LT; expires=Sun, 18-May-2014 05:21:38 GMT; path=/
Set-Cookie: _ft=1397809298; expires=Sun, 18-May-2014 05:21:38 GMT; path=/
X-Powered-By: PHP/5.4.6
...0 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: googleload1.com
Referer: http://www.google.com/search?q=googleload1.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: googleload1.com
Referer: http://www.google.com/search?q=googleload1.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Scanned pages/files
| Request | Server response | Status |
http://googleload1.com/ | HTTP/1.1 302 Found Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Connection: close Date: Fri, 18 Apr 2014 05:21:38 GMT Pragma: no-cache Location: /?query=%D0%A2%D0%B8%D1%82%D0%B0%D0%BD%D0%B8%D0%BA Server: nginx/1.2.3 Vary: Accept-Encoding Content-Length: 0 Content-Type: text/html Expires: Thu, 19 Nov 1981 08:52:00 GMT Set-Cookie: PHPSESSID=dqspfvjj716c42efobd3834hu2; expires=Fri, 18-Apr-2014 11:21:38 GMT; path=/ Set-Cookie: cook=ok; expires=Sun, 18-May-2014 05:21:38 GMT; path=/ Set-Cookie: country=LT; expires=Sun, 18-May-2014 05:21:38 GMT; path=/ Set-Cookie: _ft=1397809298; expires=Sun, 18-May-2014 05:21:38 GMT; path=/ X-Powered-By: PHP/5.4.6 | clean |
http://googleload1.com/?query=%d0%a2%d0%b8%d1%82%d0%b0%d0%bd%d0%b8%d0%ba | 200 OK Content-Length: 17061 Content-Type: text/html | clean |
http://googleload1.com/js/jquery.min.js | 200 OK Content-Length: 93868 Content-Type: application/x-javascript | clean |
http://googleload1.com/js/default.js | 200 OK Content-Length: 1602 Content-Type: application/x-javascript | clean |
http://googleload1.com/js/my.js | 200 OK Content-Length: 1202 Content-Type: application/x-javascript | clean |
http://googleload1.com/resfiles/script.js | 200 OK Content-Length: 3379 Content-Type: application/x-javascript | clean |
http://googleload1.com/?action=dax4&page=login | 200 OK Content-Length: 39183 Content-Type: text/html | clean |
http://googleload1.com/?action=search&category=1 | 200 OK Content-Length: 17505 Content-Type: text/html | clean |
http://googleload1.com/?action=search&category=2 | 200 OK Content-Length: 18158 Content-Type: text/html | clean |
http://googleload1.com/?action=search&category=3 | 200 OK Content-Length: 17598 Content-Type: text/html | clean |
http://googleload1.com/?action=search&category=4 | 200 OK Content-Length: 17426 Content-Type: text/html | clean |
http://googleload1.com/?action=get&id=1320 | HTTP/1.1 302 Found Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Connection: close Date: Fri, 18 Apr 2014 05:21:41 GMT Pragma: no-cache Location: /?action=dax4 Server: nginx/1.2.3 Vary: Accept-Encoding Content-Length: 0 Content-Type: text/html Expires: Thu, 19 Nov 1981 08:52:00 GMT Set-Cookie: PHPSESSID=reb6pai6ob2k4m86hoesrgbgr6; expires=Fri, 18-Apr-2014 11:21:41 GMT; path=/ Set-Cookie: cook=ok; expires=Sun, 18-May-2014 05:21:41 GMT; path=/ Set-Cookie: country=LT; expires=Sun, 18-May-2014 05:21:41 GMT; path=/ Set-Cookie: _ft=1397809301; expires=Sun, 18-May-2014 05:21:41 GMT; path=/ X-Powered-By: PHP/5.4.6 | clean |
http://googleload1.com/?action=dax4 | 200 OK Content-Length: 84673 Content-Type: text/html | clean |
http://googleload1.com/?action=file&id=84917 | 200 OK Content-Length: 17103 Content-Type: text/html | clean |
http://googleload1.com/?action=get&id=84917 | HTTP/1.1 302 Found Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Connection: close Date: Fri, 18 Apr 2014 05:21:42 GMT Pragma: no-cache Location: /?action=dax4 Server: nginx/1.2.3 Vary: Accept-Encoding Content-Length: 0 Content-Type: text/html Expires: Thu, 19 Nov 1981 08:52:00 GMT Set-Cookie: PHPSESSID=nonnnt2srf2o56bko3329es5j7; expires=Fri, 18-Apr-2014 11:21:42 GMT; path=/ Set-Cookie: cook=ok; expires=Sun, 18-May-2014 05:21:42 GMT; path=/ Set-Cookie: country=LT; expires=Sun, 18-May-2014 05:21:42 GMT; path=/ Set-Cookie: _ft=1397809302; expires=Sun, 18-May-2014 05:21:42 GMT; path=/ X-Powered-By: PHP/5.4.6 | clean |
http://googleload1.com/test404page.js | 404 Not Found Content-Length: 570 Content-Type: text/html | clean |
http://googleload1.com/?action=file&id=84864 | 200 OK Content-Length: 17694 Content-Type: text/html | clean |
http://googleload1.com/?action=get&id=84864 | HTTP/1.1 302 Found Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Connection: close Date: Fri, 18 Apr 2014 05:21:42 GMT Pragma: no-cache Location: /?action=dax4 Server: nginx/1.2.3 Vary: Accept-Encoding Content-Length: 0 Content-Type: text/html Expires: Thu, 19 Nov 1981 08:52:00 GMT Set-Cookie: PHPSESSID=44qqa0502soq6i4asfdjj2qbd1; expires=Fri, 18-Apr-2014 11:21:42 GMT; path=/ Set-Cookie: cook=ok; expires=Sun, 18-May-2014 05:21:42 GMT; path=/ Set-Cookie: country=LT; expires=Sun, 18-May-2014 05:21:42 GMT; path=/ Set-Cookie: _ft=1397809302; expires=Sun, 18-May-2014 05:21:42 GMT; path=/ X-Powered-By: PHP/5.4.6 | clean |
http://googleload1.com/?action=file&id=84898 | 200 OK Content-Length: 17812 Content-Type: text/html | clean |