Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=moskva.inbox24.net
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://moskva.inbox24.net/
Result: The website is marked by Yandex as SMS-fraud resource. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Yandex as SMS-fraud resource. - visiting this web site may harm your computer.
Details are available here.
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: moskva.inbox24.net
Result:
HTTP/1.1 503 Service Unavailable
Connection: close
Date: Mon, 08 Sep 2014 04:24:35 GMT
Retry-After: 604800
Server: Apache/2.2.9
Vary: Accept-Encoding
Content-Length: 2343
Content-Type: text/html; charset=UTF-8
X-Powered-By: PHP/5.2.6-1+lenny16
...2343 bytes of data.
GET / HTTP/1.1
Host: moskva.inbox24.net
Result:
HTTP/1.1 503 Service Unavailable
Connection: close
Date: Mon, 08 Sep 2014 04:24:35 GMT
Retry-After: 604800
Server: Apache/2.2.9
Vary: Accept-Encoding
Content-Length: 2343
Content-Type: text/html; charset=UTF-8
X-Powered-By: PHP/5.2.6-1+lenny16
...2343 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: moskva.inbox24.net
Referer: http://www.google.com/search?q=moskva.inbox24.net
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: moskva.inbox24.net
Referer: http://www.google.com/search?q=moskva.inbox24.net
Result:
The result is similar to the first query. There are no suspicious redirects found.
Scanned pages/files
| Request | Server response | Status |
http://moskva.inbox24.net/ | HTTP/1.1 503 Service Unavailable Connection: close Date: Mon, 08 Sep 2014 04:24:35 GMT Retry-After: 604800 Server: Apache/2.2.9 Vary: Accept-Encoding Content-Length: 2343 Content-Type: text/html; charset=UTF-8 X-Powered-By: PHP/5.2.6-1+lenny16 | clean |
http://www.qualigo.de/doks/search/source/std/charge_direct.php?ds=subdomzz&subds=inbox24.net&fallback_url=http%3a%2f%2fwww.inbox24.net | HTTP/1.1 503 Service Unavailable Connection: close Date: Mon, 08 Sep 2014 04:24:35 GMT Accept-Ranges: bytes Retry-After: 604800 Server: Apache Vary: Accept-Encoding Content-Length: 298 Content-Type: text/html; charset=UTF-8 | clean |
http://www.qualigo.de/doks/search/source/std/charge_direct.php?ds=subdomzz&subds=inbox24.net&fallback_url=http%3a%2f%2fwww.inbox24.net&force_refresh=1 | HTTP/1.1 302 Found Connection: close Date: Mon, 08 Sep 2014 04:24:36 GMT Accept-Ranges: bytes Location: http://www.qualigo.de/doks/search/source/std/charge_query.php?ds=subdomzz&subds=inbox24.net&pid=157650231&pcid=1925696 Server: Apache Vary: Accept-Encoding Content-Length: 0 Content-Type: text/html; charset=ISO-8859-15 | clean |
http://www.qualigo.de/doks/search/source/std/charge_query.php?ds=subdomzz&subds=inbox24.net&pid=157650231&pcid=1925696 | HTTP/1.1 301 Moved Permanently Connection: close Date: Mon, 08 Sep 2014 04:24:36 GMT Accept-Ranges: bytes Location: https://p1.dntrck.com/tr?id=385a4386b2c19261648265b3a500cc4350b87742.r Server: Apache Vary: Accept-Encoding Content-Length: 0 Content-Type: text/html; charset=ISO-8859-15 | clean |
https://p1.dntrck.com/tr?id=385a4386b2c19261648265b3a500cc4350b87742.r | 200 OK Content-Length: 1570 Content-Type: text/html | clean |
http://p1.dntrck.com/test404page.js | HTTP/1.1 301 Moved Permanently Connection: Close Date: Mon, 08 Sep 2014 04:24:37 GMT Location: https://www.dntx.com/test404page.js Server: nginx Content-Length: 178 Content-Type: text/html | clean |
https://www.dntx.com/test404page.js | 404 Not Found Content-Length: 26 Content-Type: text/plain | clean |
http://www.dntx.com/test404page.js | HTTP/1.1 301 Moved Permanently Connection: Close Date: Mon, 08 Sep 2014 04:24:38 GMT Location: https://www.dntx.com/test404page.js Server: nginx Content-Length: 178 Content-Type: text/html | clean |