Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=restincity.ru
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: restincity.ru
Result:
HTTP/1.1 302 Moved Temporarily
Connection: close
Date: Sun, 21 Sep 2014 09:31:26 GMT
Location: http://dnsparking.fv.ee/index.html
Server: nginx/1.2.1
Content-Length: 160
Content-Type: text/html
...160 bytes of data.
GET / HTTP/1.1
Host: restincity.ru
Result:
HTTP/1.1 302 Moved Temporarily
Connection: close
Date: Sun, 21 Sep 2014 09:31:26 GMT
Location: http://dnsparking.fv.ee/index.html
Server: nginx/1.2.1
Content-Length: 160
Content-Type: text/html
...160 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: restincity.ru
Referer: http://www.google.com/search?q=restincity.ru
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: restincity.ru
Referer: http://www.google.com/search?q=restincity.ru
Result:
The result is similar to the first query. There are no suspicious redirects found.
Scanned pages/files
Request | Server response | Status |
http://restincity.ru/ | HTTP/1.1 302 Moved Temporarily Connection: close Date: Sun, 21 Sep 2014 09:31:26 GMT Location: http://dnsparking.fv.ee/index.html Server: nginx/1.2.1 Content-Length: 160 Content-Type: text/html | clean |
http://dnsparking.fv.ee/index.html | HTTP/1.1 200 OK Connection: close Date: Sun, 21 Sep 2014 09:31:26 GMT Accept-Ranges: bytes Server: nginx/1.2.1 Content-Length: 361 Content-Type: text/html Last-Modified: Thu, 18 Sep 2014 08:24:55 GMT | clean |
http://promodns.fastvps24.com/ | 200 OK Content-Length: 20596 Content-Type: text/html | clean |
http://promodns.fastvps24.com//ajax.googleapis.com/ajax/libs/jquery/1.8.3/jquery.min.js/ | 200 OK Content-Length: 20596 Content-Type: text/html | clean |
https://new.landingi.com/bootstrap/js/landend.bootstrap.min.js | 200 OK Content-Length: 4955 Content-Type: application/javascript | clean |
https://new.landingi.com/bootstrap/js/bootbox.min.js | 200 OK Content-Length: 5590 Content-Type: application/javascript | clean |
https://new.landingi.com/js/libs/landingi/validator.js | 200 OK Content-Length: 3275 Content-Type: application/javascript | clean |
https://new.landingi.com/js/landing.js | 200 OK Content-Length: 171 Content-Type: application/javascript | clean |
https://new.landingi.com/js/libs/jquery/jquery-placeholder.js | 200 OK Content-Length: 6663 Content-Type: application/javascript | clean |
http://promodns.fastvps24.com/outgoing/6cca158cff3b444b09d3?url=https%3A%2F%2Fbill2fast.com%2Fcart.php%3Fa%3Dadd%26pid%3D115 | HTTP/1.1 302 Found Connection: close Date: Sun, 21 Sep 2014 09:31:30 GMT Location: https://bill2fast.com/cart.php?a=add&pid=115 Server: Apache/2.2.22 (Debian) Vary: Accept-Encoding Content-Length: 119 Content-Type: text/html; charset=utf-8 Set-Cookie: stg-tracker=tid=&first_visit=1411291890&last_visit=1411291890&uid=0db424648bcbccea254c6df9bb5c2a511e3500f0; expires=Tue, 21-Oct-2014 09:31:30 GMT; path=/ X-Powered-By: PHP/5.4.4-14+deb7u14 | clean |
https://bill2fast.com/cart.php?a=add&pid=115 | HTTP/1.1 302 Moved Temporarily Connection: close Date: Sun, 21 Sep 2014 09:31:31 GMT Location: /cart.php?a=confproduct&i=0 Server: QRATOR Content-Type: text/html; charset=utf-8 Set-Cookie: WHMCSO8g4P2PrxP24=s74n48sifh9kbko5olc8plh5q5; path=/ Strict-Transport-Security: max-age=2592000 | clean |
https://bill2fast.com/cart.php?a=confproduct&i=0 | HTTP/1.1 302 Moved Temporarily Connection: close Date: Sun, 21 Sep 2014 09:31:31 GMT Location: /cart.php Server: QRATOR Content-Type: text/html; charset=utf-8 Set-Cookie: WHMCSO8g4P2PrxP24=u6tcmiuq3qg11l2mfee83a3kh1; path=/ Strict-Transport-Security: max-age=2592000 | clean |
https://bill2fast.com/cart.php | 200 OK Content-Length: 22449 Content-Type: text/html | clean |
https://bill2fast.com/lib/jquery/dist/jquery.js | 200 OK Content-Length: 282766 Content-Type: application/javascript | clean |
http://promodns.fastvps24.com/outgoing/lib/jquery-ui/ui/jquery-ui.js | 200 OK Content-Length: 20596 Content-Type: text/html | clean |
http://promodns.fastvps24.com/outgoing/6cca158cff3b444b09d3?url=https%3A%2F%2Fbill2fast.com%2Fcart.php%3Fa%3Dadd%26pid%3D116 | HTTP/1.1 302 Found Connection: close Date: Sun, 21 Sep 2014 09:31:34 GMT Location: https://bill2fast.com/cart.php?a=add&pid=116 Server: Apache/2.2.22 (Debian) Vary: Accept-Encoding Content-Length: 119 Content-Type: text/html; charset=utf-8 Set-Cookie: stg-tracker=tid=&first_visit=1411291894&last_visit=1411291894&uid=9aee3c819a10294ae238e8d015ef1b43b11e9cdd; expires=Tue, 21-Oct-2014 09:31:34 GMT; path=/ X-Powered-By: PHP/5.4.4-14+deb7u14 | clean |
https://bill2fast.com/cart.php?a=add&pid=116 | HTTP/1.1 302 Moved Temporarily Connection: close Date: Sun, 21 Sep 2014 09:31:35 GMT Location: /cart.php?a=confproduct&i=0 Server: QRATOR Content-Type: text/html; charset=utf-8 Set-Cookie: WHMCSO8g4P2PrxP24=vo0set52sidumhp8im3jd4rkj5; path=/ Strict-Transport-Security: max-age=2592000 | clean |
http://bill2fast.com/test404page.js | HTTP/1.1 301 Moved Permanently Connection: close Date: Sun, 21 Sep 2014 09:31:35 GMT Location: https://bill2fast.com/test404page.js Server: QRATOR Content-Length: 36 Content-Type: text/html | clean |
https://bill2fast.com/test404page.js | 404 Not Found Content-Length: 303 Content-Type: text/html | clean |
http://promodns.fastvps24.com/outgoing/6cca158cff3b444b09d3?url=https%3A%2F%2Fbill2fast.com%2Fcart.php%3Fa%3Dadd%26pid%3D117 | HTTP/1.1 302 Found Connection: close Date: Sun, 21 Sep 2014 09:31:36 GMT Location: https://bill2fast.com/cart.php?a=add&pid=117 Server: Apache/2.2.22 (Debian) Vary: Accept-Encoding Content-Length: 119 Content-Type: text/html; charset=utf-8 Set-Cookie: stg-tracker=tid=&first_visit=1411291896&last_visit=1411291896&uid=96a6f9aeb6b0c3d3f3733f147c9fb67ca08ef4ed; expires=Tue, 21-Oct-2014 09:31:36 GMT; path=/ X-Powered-By: PHP/5.4.4-14+deb7u14 | clean |
https://bill2fast.com/cart.php?a=add&pid=117 | HTTP/1.1 302 Moved Temporarily Connection: close Date: Sun, 21 Sep 2014 09:31:37 GMT Location: /cart.php?a=confproduct&i=0 Server: QRATOR Content-Type: text/html; charset=utf-8 Set-Cookie: WHMCSO8g4P2PrxP24=n5emnsl5ptmvjblatqv85s2lg5; path=/ Strict-Transport-Security: max-age=2592000 | clean |
http://promodns.fastvps24.com/outgoing/lib/jquery-cookie/jquery.cookie.js | 200 OK Content-Length: 20596 Content-Type: text/html | clean |
http://promodns.fastvps24.com/outgoing/includes/jscript/websocket.js | 200 OK Content-Length: 20596 Content-Type: text/html | clean |
http://promodns.fastvps24.com/outgoing/includes/jscript/appapi.js | 200 OK Content-Length: 20596 Content-Type: text/html | clean |
http://promodns.fastvps24.com/outgoing/includes/jscript/unpaidservices_fastvps.js | 200 OK Content-Length: 20596 Content-Type: text/html | clean |