Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=parking.www.530.at
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://parking.www.530.at/
Result: The website is marked by Yandex as SMS-fraud resource. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Yandex as SMS-fraud resource. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://parking.www.530.at/ | HTTP/1.1 302 Found Connection: close Date: Tue, 12 Aug 2014 18:42:23 GMT Location: http://ww1.parking.www.530.at/ Server: Apache Content-Length: 0 Content-Type: text/html; charset=UTF-8 X-Powered-By: PHP/5.3.3-7+squeeze21 | clean |
http://ww1.parking.www.530.at/ | HTTP/1.1 200 OK Cache-Control: no-store, no-cache, must-revalidate Cache-Control: post-check=0, pre-check=0 Connection: close Date: Tue, 12 Aug 2014 18:42:23 GMT Pragma: no-cache Server: Apache Vary: User-Agent,Accept-Encoding Content-Type: text/html; charset=UTF-8 Expires: Mon, 26 Jul 1997 05:00:00 GMT Last-Modified: Tue, 12 Aug 2014 18:42:23 GMT Set-Cookie: tu=fc5292025568a0303fd0f331b2c0d304; expires=Tue, 31-Dec-2019 23:00:00 GMT; path=/; domain=530.at; httponly X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBANnylWw2vLY4hUn9w06zQKbhKBfvjFUCsdFlb6TdQhxb9RXWXuI4t31c+o8fYOv/s8q1LGPga3DE1L/tHU4LENMCAwEAAQ==_S3J3Hk3r2BaNY16nY5RUWfysn41cOQLR1mvJsfjJSHjywtaa6iYHa3PaNEbTyLROYOr2FMoFI4ZPB2fLJtw1Yw== X-Cache: MISS from 831149 X-Powered-By: PHP/5.3.3-7+squeeze19 | clean |
http://ww1.parking.www.530.at//?gtnjs=1/ | 200 OK Content-Length: 19303 Content-Type: text/html | suspicious |
Page code contains blacklisted domain: 530.at ...[1946 bytes skipped]... eft:-7px;}button,input,select,textarea{font-size:100%;margin:0;vertical-align:middle+$.param(d),this.caf.number=e);if("relatedsearch"===this.caf.type&&2!==prs)return!0;if("relatedsearch"!==this.caf.type||2===prs)"searchbox"===this.caf.type&&!1==dsb||b.push(this.caf)}});return b}())})(); </script> <script type="text/html" id="related_links_tmpl"><li<%=cssClass%>><a href="http://ww1.parking.www.530.at/info/<%=urlKeyword%>.html?ses=Y3JlPTE0MDc4Njg5NDQmdGNpZD13dzEucGFya2luZy53d3cuNTMwLmF0NTNlYTYwMTA1MWFmYjguNjAxODA4NzAmZmtpPTY2NzExNCZ0YXNrPXNlYXJjaCZkb21haW49NTMwLmF0JnM9OGE0ZmVhM2VjZjk3ODE3NzQxNTAmbGFuZ3VhZ2U9ZW4mYV9pZD0y&keyword=<%=urlKeyword%>&token=<%=token%>"><%=keyword%></a></li></script><script type="text/javascript" language="JavaScript"> var rls = {b1: {position: '1',use_from: '0',start: '0',end: '0',amount ...[1392 bytes skipped]... | ||
http://img.sedoparking.com/js/jquery-1.4.2.min.js | 200 OK Content-Length: 52579 Content-Type: application/x-javascript | clean |
http://www.google.com/adsense/domains/caf.js | 200 OK Content-Length: 258 Content-Type: text/javascript | clean |
http://parking.www.530.at/test404page.js | 404 Not Found Content-Length: 212 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: parking.www.530.at
Result:
HTTP/1.1 302 Found
Connection: close
Date: Tue, 12 Aug 2014 18:42:23 GMT
Location: http://ww1.parking.www.530.at/
Server: Apache
Content-Length: 0
Content-Type: text/html; charset=UTF-8
X-Powered-By: PHP/5.3.3-7+squeeze21
...0 bytes of data.
GET / HTTP/1.1
Host: parking.www.530.at
Result:
HTTP/1.1 302 Found
Connection: close
Date: Tue, 12 Aug 2014 18:42:23 GMT
Location: http://ww1.parking.www.530.at/
Server: Apache
Content-Length: 0
Content-Type: text/html; charset=UTF-8
X-Powered-By: PHP/5.3.3-7+squeeze21
...0 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: parking.www.530.at
Referer: http://www.google.com/search?q=parking.www.530.at
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: parking.www.530.at
Referer: http://www.google.com/search?q=parking.www.530.at
Result:
The result is similar to the first query. There are no suspicious redirects found.