Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=leppert.biz
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: leppert.biz
Result:
HTTP/1.1 302 Found
Connection: close
Date: Fri, 27 Feb 2015 22:48:13 GMT
Location: http://www.google.com
Server: Apache/2.2.17 (Linux/SUSE)
Vary: Accept-Encoding
Content-Length: 286
Content-Type: text/html; charset=iso-8859-1
...286 bytes of data.
GET / HTTP/1.1
Host: leppert.biz
Result:
HTTP/1.1 302 Found
Connection: close
Date: Fri, 27 Feb 2015 22:48:13 GMT
Location: http://www.google.com
Server: Apache/2.2.17 (Linux/SUSE)
Vary: Accept-Encoding
Content-Length: 286
Content-Type: text/html; charset=iso-8859-1
...286 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: leppert.biz
Referer: http://www.google.com/search?q=leppert.biz
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: leppert.biz
Referer: http://www.google.com/search?q=leppert.biz
Result:
The result is similar to the first query. There are no suspicious redirects found.
Scanned pages/files
Request | Server response | Status |
http://leppert.biz/ | HTTP/1.1 302 Found Connection: close Date: Fri, 27 Feb 2015 22:48:13 GMT Location: http://www.google.com Server: Apache/2.2.17 (Linux/SUSE) Vary: Accept-Encoding Content-Length: 286 Content-Type: text/html; charset=iso-8859-1 | clean |
http://www.google.com/ | HTTP/1.1 302 Found Cache-Control: private Connection: close Date: Fri, 27 Feb 2015 22:48:10 GMT Location: http://www.google.lt/?gws_rd=cr&ei=KvTwVJ2mDYL_ygO20oKQDw Server: gws Content-Length: 258 Content-Type: text/html; charset=UTF-8 Alternate-Protocol: 80:quic,p=0.08 P3P: CP="This is not a P3P policy! See http://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info." Set-Cookie: PREF=ID=ad0f1abc1915bb5e:FF=0:TM=1425077290:LM=1425077290:S=Lh-rtuSKOJotml_y; expires=Sun, 26-Feb-2017 22:48:10 GMT; path=/; domain=.google.com Set-Cookie: NID=67=Qv9_9xOCN76Me16l69OhHVluAOHYEC-LNed7vTeyh9bOBPVzGTCIphAp5Lq06Iuqpr3xrAgGJc65_KAx15JLwwQUm4XHfdScTdQU1WsDvWxPrkArOsaB7IPr2neK5gB2; expires=Sat, 29-Aug-2015 22:48:10 GMT; path=/; domain=.google.com; HttpOnly X-Frame-Options: SAMEORIGIN X-XSS-Protection: 1; mode=block | clean |
http://www.google.lt/?gws_rd=cr&ei=kvtwvj2mdyl_ygo20okqdw | 200 OK Content-Length: 51482 Content-Type: text/html | clean |
https://www.google.lt/webhp?tab=ww | 200 OK Content-Length: 64214 Content-Type: text/html | clean |
https://www.google.lt/imghp?hl=lt&tab=wi | 200 OK Content-Length: 58041 Content-Type: text/html | clean |
https://www.google.lt/webhp?hl=lt&tab=iw | 200 OK Content-Length: 64207 Content-Type: text/html | clean |
http://www.google.lt/intl/lt/options/ | HTTP/1.1 301 Moved Permanently Cache-Control: public, max-age=2592000 Connection: close Date: Fri, 27 Feb 2015 22:48:11 GMT Location: http://www.google.lt/intl/lt/about/products/ Server: sffe Content-Length: 241 Content-Type: text/html; charset=UTF-8 Expires: Sun, 29 Mar 2015 22:48:11 GMT Alternate-Protocol: 80:quic,p=0.08 X-Content-Type-Options: nosniff X-XSS-Protection: 1; mode=block | clean |
http://www.google.lt/intl/lt/about/products/ | 200 OK Content-Length: 7068 Content-Type: text/html | clean |
http://www.google.lt//www.google.com/js/gweb/analytics/autotrack.js/ | 404 Not Found Content-Length: 1471 Content-Type: text/html | clean |
http://www.google.lt//www.google.com/ | 404 Not Found Content-Length: 1440 Content-Type: text/html | clean |
http://www.google.lt/test404page.js | 404 Not Found Content-Length: 1439 Content-Type: text/html | clean |
http://www.google.lt/preferences?hl=lt | 200 OK Content-Length: 65684 Content-Type: text/html | clean |
http://www.google.lt/imghp?hl=lt&tab=wi | 200 OK Content-Length: 51529 Content-Type: text/html | clean |
http://www.google.lt/imghp?hl=lt&tab=ii | 200 OK Content-Length: 51491 Content-Type: text/html | clean |
http://www.google.lt/history/optout?hl=lt | HTTP/1.1 302 Found Cache-Control: private Connection: close Date: Fri, 27 Feb 2015 22:48:13 GMT Location: https://history.google.com/history/optout?hl=lt Server: Search-History HTTP Server Content-Length: 244 Content-Type: text/html; charset=UTF-8 Alternate-Protocol: 80:quic,p=0.08 Set-Cookie: PREF=ID=37aee3f667c964ce:TM=1425077293:LM=1425077293:S=Pqkrl82143o1RaHi; expires=Sun, 26-Feb-2017 22:48:13 GMT; path=/; domain=.google.lt X-Content-Type-Options: nosniff X-Frame-Options: SAMEORIGIN X-XSS-Protection: 1; mode=block | clean |
https://history.google.com/history/optout?hl=lt | 200 OK Content-Length: 36868 Content-Type: text/html | clean |
https://history.google.com/history/ | HTTP/1.1 302 Found Cache-Control: private Connection: close Date: Fri, 27 Feb 2015 22:48:13 GMT Location: https://accounts.google.com/Login?continue=https://history.google.com/history/&hl=en Server: Search-History HTTP Server Content-Length: 285 Content-Type: text/html; charset=UTF-8 Alternate-Protocol: 443:quic,p=0.08 Set-Cookie: PREF=ID=45d625fcf5491673:TM=1425077293:LM=1425077293:S=sE-Rm_RALDPwhQqW; expires=Sun, 26-Feb-2017 22:48:13 GMT; path=/; domain=.google.com X-Content-Type-Options: nosniff X-Frame-Options: SAMEORIGIN X-XSS-Protection: 1; mode=block | clean |
https://accounts.google.com/login?continue=https://history.google.com/history/&hl=en | 200 OK Content-Length: 67066 Content-Type: text/html | clean |
https://accounts.google.com/RecoverAccount?continue=https%3A%2F%2Fhistory.google.com%2Fhistory%2F | HTTP/1.1 302 Moved Temporarily Cache-Control: private, max-age=0 Connection: close Date: Fri, 27 Feb 2015 22:48:14 GMT Location: https://www.google.com/accounts/recovery?hl=en&ard=AHwGkRlpnzcI3AK_lX-Sx8ZDAI-bZJsI-fchzUMPZ0jTu9yM1KjuWZmoNgekqKuxRqHUigV-554kNKCCLAjSKllHm7OCl2zkcXV15BhzJv5--sFcCMbRZsJu4A5DS920EnR7Gfbi-7gkhv8pnIA1DkjunWrkiFZNfQ Server: GSE Content-Length: 399 Content-Type: text/html; charset=UTF-8 Expires: Fri, 27 Feb 2015 22:48:14 GMT Alternate-Protocol: 443:quic,p=0.08 Set-Cookie: GAPS=1:UTzCQ3irYJ6f__Ne6mIaLo8Sx2kBxQ:XQM_rWOs1by7ni99;Path=/;Expires=Sun, 26-Feb-2017 22:48:14 GMT;Secure;HttpOnly;Priority=HIGH Strict-Transport-Security: max-age=10893354; includeSubDomains X-Content-Type-Options: nosniff X-Frame-Options: DENY X-XSS-Protection: 1; mode=block | clean |
https://www.google.com/accounts/recovery?hl=en&ard=ahwgkrlpnzci3ak_lx-sx8zdai-bzjsi-fchzumpz0jtu9ym1kjuwzmongekqkuxrqhuigv-554knkcclajskllhm7ocl2zkcxv15bhzjv5--sfccmbrzsju4a5ds920enr7gfbi-7gkhv8pnia1dkjunwrkifznfq | HTTP/1.1 302 Moved Temporarily Cache-Control: no-cache, no-store, max-age=0, must-revalidate Connection: close Date: Fri, 27 Feb 2015 22:48:14 GMT Pragma: no-cache Accept-Ranges: none Location: https://www.google.com/accounts/recovery/?hl=en&ard=ahwgkrlpnzci3ak_lx-sx8zdai-bzjsi-fchzumpz0jtu9ym1kjuwzmongekqkuxrqhuigv-554knkcclajskllhm7ocl2zkcxv15bhzjv5--sfccmbrzsju4a5ds920enr7gfbi-7gkhv8pnia1dkjunwrkifznfq Server: GSE Vary: Accept-Encoding Content-Type: text/html; charset=UTF-8 Expires: Fri, 01 Jan 1990 00:00:00 GMT X-Content-Type-Options: nosniff X-Frame-Options: SAMEORIGIN X-XSS-Protection: 1; mode=block | clean |
https://www.google.com/accounts/recovery/?hl=en&ard=ahwgkrlpnzci3ak_lx-sx8zdai-bzjsi-fchzumpz0jtu9ym1kjuwzmongekqkuxrqhuigv-554knkcclajskllhm7ocl2zkcxv15bhzjv5--sfccmbrzsju4a5ds920enr7gfbi-7gkhv8pnia1dkjunwrkifznfq | HTTP/1.1 302 Moved Temporarily Cache-Control: no-cache, no-store, max-age=0, must-revalidate Connection: close Date: Fri, 27 Feb 2015 22:48:15 GMT Pragma: no-cache Accept-Ranges: none Location: https://www.google.com/accounts/RecoverAccount?hl=en&ard=ahwgkrlpnzci3ak_lx-sx8zdai-bzjsi-fchzumpz0jtu9ym1kjuwzmongekqkuxrqhuigv-554knkcclajskllhm7ocl2zkcxv15bhzjv5--sfccmbrzsju4a5ds920enr7gfbi-7gkhv8pnia1dkjunwrkifznfq&arr=AHwGkRkNPTkLDO-hBZLFbSX7EIkDn4f2Yz6Bkh3e10GzUtTIVFMNrk58_jxIw4qPVYQ9aC5pBIyIG_IRwq81bCg2thfIprAvTpLWgrE43xKKxyDV4g3A1L1ZkGwTpEBWaOkm2S7DYZ1H Server: GSE Vary: Accept-Encoding Content-Type: text/html; charset=UTF-8 Expires: Fri, 01 Jan 1990 00:00:00 GMT Set-Cookie: accountrecoverylocale=en; expires=Fri, 06-Mar-2015 22:48:15 GMT; path=/accounts/recovery; Secure; HttpOnly Set-Cookie: S=account-recovery=bbVsPl3DkJQ; path=/; domain=.google.com; Secure; HttpOnly X-Content-Type-Options: nosniff X-Frame-Options: SAMEORIGIN X-XSS-Protection: 1; mode=block | clean |
https://www.google.com/accounts/recoveraccount?hl=en&ard=ahwgkrlpnzci3ak_lx-sx8zdai-bzjsi-fchzumpz0jtu9ym1kjuwzmongekqkuxrqhuigv-554knkcclajskllhm7ocl2zkcxv15bhzjv5--sfccmbrzsju4a5ds920enr7gfbi-7gkhv8pnia1dkjunwrkifznfq&arr=ahwgkrknptkldo-hbzlfbsx7eikdn4f2yz6bkh3e10gzuttivfmnrk58_jxiw4qpvyq9ac5pbiyig_irwq81bcg2thfipravtplwgre43xkkxydv4g3a1l1zkgwtpebwaokm2s7dyz1h | HTTP/1.1 302 Moved Temporarily Cache-Control: private, max-age=0 Connection: close Date: Fri, 27 Feb 2015 22:48:15 GMT Location: https://accounts.google.com/recoveraccount?hl=en&ard=ahwgkrlpnzci3ak_lx-sx8zdai-bzjsi-fchzumpz0jtu9ym1kjuwzmongekqkuxrqhuigv-554knkcclajskllhm7ocl2zkcxv15bhzjv5--sfccmbrzsju4a5ds920enr7gfbi-7gkhv8pnia1dkjunwrkifznfq&arr=ahwgkrknptkldo-hbzlfbsx7eikdn4f2yz6bkh3e10gzuttivfmnrk58_jxiw4qpvyq9ac5pbiyig_irwq81bcg2thfipravtplwgre43xkkxydv4g3a1l1zkgwtpebwaokm2s7dyz1h Server: GSE Content-Length: 550 Content-Type: text/html; charset=UTF-8 Expires: Fri, 27 Feb 2015 22:48:15 GMT Set-Cookie: GoogleAccountsLocale_session=en; Path=/; Secure; HttpOnly X-Content-Type-Options: nosniff X-XSS-Protection: 1; mode=block | clean |
https://accounts.google.com/recoveraccount?hl=en&ard=ahwgkrlpnzci3ak_lx-sx8zdai-bzjsi-fchzumpz0jtu9ym1kjuwzmongekqkuxrqhuigv-554knkcclajskllhm7ocl2zkcxv15bhzjv5--sfccmbrzsju4a5ds920enr7gfbi-7gkhv8pnia1dkjunwrkifznfq&arr=ahwgkrknptkldo-hbzlfbsx7eikdn4f2yz6bkh3e10gzuttivfmnrk58_jxiw4qpvyq9ac5pbiyig_irwq81bcg2thfipravtplwgre43xkkxydv4g3a1l1zkgwtpebwaokm2s7dyz1h | 400 Bad Request Content-Length: 145 Content-Type: text/html | clean |
http://www.google.lt/chrome/index.html?hl=lt&brand=CHNG&utm_source=lt-hpp&utm_medium=hpp&utm_campaign=lt | HTTP/1.1 302 Found Cache-Control: private Connection: close Date: Fri, 27 Feb 2015 22:48:15 GMT Location: https://www.google.lt/chrome/browser/?hl=lt&brand=CHNG&utm_source=lt-hpp&utm_medium=hpp&utm_campaign=lt Server: sffe Content-Length: 316 Content-Type: text/html; charset=UTF-8 Alternate-Protocol: 80:quic,p=0.08 X-Content-Type-Options: nosniff X-XSS-Protection: 1; mode=block | clean |
https://www.google.lt/chrome/browser/?hl=lt&brand=chng&utm_source=lt-hpp&utm_medium=hpp&utm_campaign=lt | HTTP/1.1 200 OK Cache-Control: private, max-age=0 Connection: close Date: Fri, 27 Feb 2015 22:48:15 GMT Accept-Ranges: none Server: sffe Vary: Accept-Encoding Content-Type: text/html Expires: Fri, 27 Feb 2015 22:48:15 GMT Last-Modified: Tue, 02 Dec 2014 18:04:39 GMT X-Content-Type-Options: nosniff X-XSS-Protection: 1; mode=block | clean |
https://www.google.lt/chrome/browser/../../chrome/browser/desktop/index.html | HTTP/1.1 302 Found Cache-Control: private Connection: close Date: Fri, 27 Feb 2015 22:48:15 GMT Location: https://www.google.lt/chrome/browser/desktop/index.html Server: GFE/2.0 Content-Length: 252 Content-Type: text/html; charset=UTF-8 | clean |
https://www.google.lt/chrome/browser/desktop/index.html | 200 OK Content-Length: 42841 Content-Type: text/html | clean |