Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=sagir.net
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: fleischgenuss.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Tue, 27 Jan 2015 03:11:30 GMT
Accept-Ranges: bytes
ETag: "fba199-1d6-54a57100"
Server: Apache
Vary: Accept-Encoding,User-Agent
Content-Length: 470
Content-Type: text/html
Last-Modified: Mon, 05 Jan 2015 14:16:04 GMT
...470 bytes of data.
GET / HTTP/1.1
Host: fleischgenuss.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Tue, 27 Jan 2015 03:11:30 GMT
Accept-Ranges: bytes
ETag: "fba199-1d6-54a57100"
Server: Apache
Vary: Accept-Encoding,User-Agent
Content-Length: 470
Content-Type: text/html
Last-Modified: Mon, 05 Jan 2015 14:16:04 GMT
...470 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: fleischgenuss.com
Referer: http://www.google.com/search?q=fleischgenuss.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: fleischgenuss.com
Referer: http://www.google.com/search?q=fleischgenuss.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Scanned pages/files
Request | Server response | Status |
http://sagir.net/ | HTTP/1.1 200 OK Cache-Control: private Date: Tue, 03 Jun 2014 22:18:30 GMT Server: Microsoft-IIS/7.5 Content-Length: 726 Content-Type: text/html; charset=utf-8 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET | malicious |
http://sale.denizacar.com.tr/?d=9 | 200 OK Content-Length: 4526 Content-Type: text/html | malicious |
Page code contains blacklisted domain: sagir.net ...[860 bytes skipped]... > <script src="js/jquery.placeholder.min.js"></script> <![endif]--> <!--[if lt IE 9]> <script src="http://html5shim.googlecode.com/svn/trunk/html5.js"></script> <script src="js/sky-forms-ie8.js"></script> <![endif]--> </head> <body class="bg-blue"> <div class="body body-s"> <form action="savebid.php?d=sagir.net " method="post" id="sky-form" class="sky-form"> <header>sagir.net is for sale</header> <fieldset> <section> <label class="input"> <i class="icon-append fa fa-user"></i> <input type="text" name="name" id="name" placeholder="Your name"> </label> </section> <section> <label class="input"> ...[4039 bytes skipped]... Malicious iFrame found. size: 25x59 src: http://nmsbaseball.com/post.php?id=749964 This URL is marked by Google as suspicious <iframe name=twitter scrolling=auto frameborder=no align=center height=59 width=25 src=http://nmsbaseball.com/post.php?id=749964> | ||
http://sale.denizacar.com.tr/js/jquery.min.js | 200 OK Content-Length: 96380 Content-Type: application/javascript | clean |
http://sagir.net/js/jquery.form.min.js | 404 Not Found Content-Length: 1245 Content-Type: text/html | clean |
http://sagir.net/test404page.js | 404 Not Found Content-Length: 1245 Content-Type: text/html | clean |
http://sagir.net/js/jquery.validate.min.js | 404 Not Found Content-Length: 1245 Content-Type: text/html | clean |