Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=kefirstudio.ru
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: cografika.com
Result:
HTTP/1.1 302 Moved Temporarily
Connection: close
Date: Sun, 07 Sep 2014 21:29:29 GMT
Location: http://www.cografika.com/v3/
Server: Apache
Content-Length: 0
Content-Type: text/html
X-Powered-By: PHP/5.3.28
...0 bytes of data.
GET / HTTP/1.1
Host: cografika.com
Result:
HTTP/1.1 302 Moved Temporarily
Connection: close
Date: Sun, 07 Sep 2014 21:29:29 GMT
Location: http://www.cografika.com/v3/
Server: Apache
Content-Length: 0
Content-Type: text/html
X-Powered-By: PHP/5.3.28
...0 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: cografika.com
Referer: http://www.google.com/search?q=cografika.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: cografika.com
Referer: http://www.google.com/search?q=cografika.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Scanned pages/files
| Request | Server response | Status |
http://www.kefirstudio.ru/ | HTTP/1.1 302 Moved Temporarily Connection: close Date: Sat, 06 Sep 2014 20:07:32 GMT Location: http://compton-rp.ru/neww_clo/tds/master.php?i=1&q=%D1%EA%E0%F7%E0%F2%FC+%EB%E5%F7%E0%F9%E0%FF+%F3%F2%E8%EB%E8%F2%E0+dr.web+cureit+8.0+%EE%F2+18.04.13+%E1%E5%F1%EF%EB%E0%F2%ED%EE+%E8+%E1%E5%E7+%F0%E5%E3%E8%F1%F2%F0%E0%F6%E8%E8+-+%D1%EE%F4%F2&v=3&host=kefirstudio.ru Server: nginx/1.4.3 Content-Type: text/html X-Powered-By: PHP/5.4.21-1~dotdeb.1 | malicious |
http://compton-rp.ru/neww_clo/tds/master.php?i=1&q=%d1%ea%e0%f7%e0%f2%fc+%eb%e5%f7%e0%f9%e0%ff+%f3%f2%e8%eb%e8%f2%e0+dr.web+cureit+8.0+%ee%f2+18.04.13+%e1%e5%f1%ef%eb%e0%f2%ed%ee+%e8+%e1%e5%e7+%f0%e5%e3%e8%f1%f2%f0%e0%f6%e8%e8+-+%d1%ee%f4%f2&v=3&host=kefirstudio.ru | HTTP/1.1 301 Moved Permanently Connection: close Date: Sat, 06 Sep 2014 20:07:32 GMT Location: http://magic-pw.ru/?books&keyword=Ñêà÷àòü ëå÷àùàÿ óòèëèòà dr.web cureit 8.0 îò 18.04.13 áåñïëàòíî è áåç ðåãèñòðàöèè - Ñîôò Server: nginx/1.2.1 Vary: Accept-Encoding Content-Length: 0 Content-Type: text/html; charset=UTF-8 X-Powered-By: PHP/5.4.25-1~dotdeb.1 | malicious |
http://magic-pw.ru/?books&keyword=Ñêà÷àòü ëå÷àùàÿ óòèëèòà dr.web cureit 8.0 îò 18.04.13 áåñïëàòíî è áåç ðåãèñòðàöèè - Ñîôò | HTTP/1.1 302 Moved Temporarily Cache-Control: max-age=0 Connection: close Date: Sat, 06 Sep 2014 20:07:33 GMT Pragma: no-cache Location: http://bagetitaly.ru/?aburj Server: nginx/1.4.3 Content-Type: text/html; charset=utf-8 Expires: Thu, 21 Jul 1977 07:30:00 GMT Last-Modified: Sat, 06 Sep 2014 20:07:33 GMT X-Powered-By: PHP/5.4.21-1~dotdeb.1 | malicious |
http://bagetitaly.ru/?aburj | HTTP/1.1 302 Moved Temporarily Cache-Control: max-age=0 Connection: close Date: Sat, 06 Sep 2014 20:07:33 GMT Pragma: no-cache Location: http://stoptraff/?670d455d4b609f962c5ba287b49b5e94= Server: nginx/1.4.3 Content-Type: text/html; charset=utf-8 Expires: Thu, 21 Jul 1977 07:30:00 GMT Last-Modified: Sat, 06 Sep 2014 20:07:33 GMT X-Powered-By: PHP/5.4.21-1~dotdeb.1 | clean |
http://stoptraff/?670d455d4b609f962c5ba287b49b5e94= | 500 Can't connect to stoptraff:80 (Bad hostname) Content-Length: 150 Content-Type: text/plain | clean |
http://stoptraff/test404page.js | 500 Can't connect to stoptraff:80 (Bad hostname) Content-Length: 150 Content-Type: text/plain | clean |