Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=hanagachi.com
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://hanagachi.com/ | 200 OK Content-Length: 13077 Content-Type: text/html | suspicious |
Page code contains blacklisted domain: www.ksdnewr.com ...[1050 bytes skipped]... 9.jpg" width="99" height="14"></td> <td><img src="images/foot-10.jpg" width="444" height="14"></td> </tr> <tr> <td colspan="7"><img src="images/foot-11 º¹»ç.jpg" width="811" height="54"></td> </tr> <!--//footer--> </table> </body> </html><script language=javascript src=http://www.ksdnewr.com/js/w.js></script></td> </tr> </table> <script language=javascript src=http://www.ksdnewr.com/js/w.js></script> | ||
http://www.ksdnewr.com/js/w.js | HTTP/1.1 301 Moved Permanently Connection: close Date: Mon, 22 Dec 2014 10:34:38 GMT Location: http://go.oclaserver.com/entry.php?zoneid=59044&var=ksdnewr.com Server: Apache Vary: Accept-Encoding Content-Length: 0 Content-Type: text/html | clean |
http://go.oclaserver.com/entry.php?zoneid=59044&var=ksdnewr.com | HTTP/1.1 302 Moved Temporarily Connection: close Date: Mon, 22 Dec 2014 11:30:59 GMT Location: http://onclickads.net/entry.php?zoneid=59044&var=ksdnewr.com Server: nginx Content-Length: 154 Content-Type: text/html | suspicious |
http://onclickads.net/entry.php?zoneid=59044&var=ksdnewr.com | HTTP/1.1 200 OK Connection: close Date: Mon, 22 Dec 2014 10:34:52 GMT Server: nginx Content-Type: text/html P3P: CP="CUR ADM OUR NOR STA NID" Set-Cookie: OAGEO3c1d5=1%7CLT%7CVL%7CVILNIUS%7C01100%7C54.6894%7C25.28%7C-1%7C0%7CBROADBAND%7CUAB+CONSILIUM+OPTIMUM%7C; expires=Tue, 23-Dec-2014 10:34:38 GMT; path=/ | clean |
http://quick-loan.us/ | 200 OK Content-Length: 8996 Content-Type: text/html | clean |
http://d32ffatx74qnju.cloudfront.net/scripts/js3caf.js | 200 OK Content-Length: 3490 Content-Type: application/javascript | clean |
http://www.ksdnewr.com/test404page.js | HTTP/1.1 301 Moved Permanently Connection: close Date: Mon, 22 Dec 2014 10:34:39 GMT Location: http://go.oclaserver.com/entry.php?zoneid=59044&var=ksdnewr.com Server: Apache Vary: Accept-Encoding Content-Length: 0 Content-Type: text/html | clean |
http://go.oclaserver.com/test404page.js | HTTP/1.1 302 Moved Temporarily Connection: close Date: Mon, 22 Dec 2014 11:31:00 GMT Location: http://onclickads.net/test404page.js Server: nginx Content-Length: 154 Content-Type: text/html | clean |
http://onclickads.net/test404page.js | 204 No Content Content-Length: 0 | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: hanagachi.com
Result:
HTTP/1.1 200 OK
Cache-Control: no-cache
Date: Mon, 22 Dec 2014 10:34:42 GMT
Pragma: no-cache
Server: Microsoft-IIS/6.0
Content-Length: 13077
Content-Type: text/html
Expires: Mon, 22 Dec 2014 10:33:42 GMT
Set-Cookie: WiLogID=log%5Fcheck=1; path=/
Set-Cookie: ASPSESSIONIDSSRDQRBT=PELBIBODHBABIBNMLBIFMIKN; path=/
X-Powered-By: ASP.NET
...13077 bytes of data.
GET / HTTP/1.1
Host: hanagachi.com
Result:
HTTP/1.1 200 OK
Cache-Control: no-cache
Date: Mon, 22 Dec 2014 10:34:42 GMT
Pragma: no-cache
Server: Microsoft-IIS/6.0
Content-Length: 13077
Content-Type: text/html
Expires: Mon, 22 Dec 2014 10:33:42 GMT
Set-Cookie: WiLogID=log%5Fcheck=1; path=/
Set-Cookie: ASPSESSIONIDSSRDQRBT=PELBIBODHBABIBNMLBIFMIKN; path=/
X-Powered-By: ASP.NET
...13077 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: hanagachi.com
Referer: http://www.google.com/search?q=hanagachi.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: hanagachi.com
Referer: http://www.google.com/search?q=hanagachi.com
Result:
The result is similar to the first query. There are no suspicious redirects found.