Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=overtha.com
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: floristflorist.co.uk
Result:
HTTP/1.1 302 Found
Connection: close
Date: Wed, 04 Mar 2015 01:58:14 GMT
Location: http://ww15.floristflorist.co.uk/
Server: Apache
Content-Length: 0
Content-Type: text/html; charset=UTF-8
X-Powered-By: PHP/5.3.3-7+squeeze25
...0 bytes of data.
GET / HTTP/1.1
Host: floristflorist.co.uk
Result:
HTTP/1.1 302 Found
Connection: close
Date: Wed, 04 Mar 2015 01:58:14 GMT
Location: http://ww15.floristflorist.co.uk/
Server: Apache
Content-Length: 0
Content-Type: text/html; charset=UTF-8
X-Powered-By: PHP/5.3.3-7+squeeze25
...0 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: floristflorist.co.uk
Referer: http://www.google.com/search?q=floristflorist.co.uk
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: floristflorist.co.uk
Referer: http://www.google.com/search?q=floristflorist.co.uk
Result:
The result is similar to the first query. There are no suspicious redirects found.
Scanned pages/files
Request | Server response | Status |
http://www.overtha.com/ | HTTP/1.1 302 Moved Temporarily Connection: close Date: Thu, 25 Dec 2014 12:08:17 GMT Location: http://www.overtha.com/fetch//MTktMjAwMDAtMTQxOTUwOTI5Ny1hZmI3MmMxZTgwYTc5YTQ3YmQ4ZDlmOTE3YmNhMTQ0Zg?prod=2 Server: cloudflare-nginx Content-Type: text/html CF-RAY: 19e4ec54c73a0b02-WAW Set-Cookie: __cfduid=d9901e86a954d80053f7d0cb984b921201419509297; expires=Fri, 25-Dec-15 12:08:17 GMT; path=/; domain=.overtha.com; HttpOnly Set-Cookie: cookie=cvalue; expires=Thu, 25-Dec-2014 13:08:17 GMT; path=/ X-Powered-By: PHP/5.4.28-1~dotdeb.1 | clean |
http://www.overtha.com/fetch//mtktmjawmdatmtqxotuwoti5ny1hzmi3mmmxztgwytc5ytq3ymq4zdlmote3ymnhmtq0zg?prod=2 | 403 Forbidden Content-Length: 3 Content-Type: text/html | clean |
http://www.overtha.com/test404page.js | HTTP/1.1 302 Moved Temporarily Cache-Control: public, max-age=14400 Connection: close Date: Thu, 25 Dec 2014 12:08:18 GMT Location: http://www.mannesoth.com/ Server: cloudflare-nginx Content-Type: text/html Expires: Thu, 25 Dec 2014 16:08:17 GMT CF-Cache-Status: MISS CF-RAY: 19e4ec58648a0afc-WAW Set-Cookie: __cfduid=de10120f81c782d93361c3c0c9ee7a5231419509297; expires=Fri, 25-Dec-15 12:08:17 GMT; path=/; domain=.overtha.com; HttpOnly | malicious |
http://www.mannesoth.com/ | HTTP/1.1 302 Moved Temporarily Connection: close Date: Thu, 25 Dec 2014 12:08:18 GMT Location: http://www.mannesoth.com/fetch//MTktMjAwMDAtMTQxOTUwOTI5OC1hZmI3MmMxZTgwYTc5YTQ3YmQ4ZDlmOTE3YmNhMTQ0Zg?prod=2 Server: nginx/1.4.7 Content-Type: text/html Set-Cookie: cookie=cvalue; expires=Thu, 25-Dec-2014 13:08:18 GMT; path=/ X-Powered-By: PHP/5.4.28-1~dotdeb.1 | clean |
http://www.mannesoth.com/fetch//mtktmjawmdatmtqxotuwoti5oc1hzmi3mmmxztgwytc5ytq3ymq4zdlmote3ymnhmtq0zg?prod=2 | 403 Forbidden Content-Length: 3 Content-Type: text/html | clean |
http://www.mannesoth.com/test404page.js | HTTP/1.1 302 Moved Temporarily Connection: close Date: Thu, 25 Dec 2014 12:08:18 GMT Location: http://www.mannesoth.com/ Server: nginx/1.4.7 Content-Length: 160 Content-Type: text/html | clean |