Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=shoricika.ro
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://shoricika.ro/
Result: The website is marked by Yandex as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Yandex as suspicious. - visiting this web site may harm your computer.
Details are available here.
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: shoricika.ro
Result:
HTTP/1.1 301 Moved Permanently
Connection: close
Date: Fri, 08 Aug 2014 15:18:18 GMT
Location: http://www.shoricika.ro/
Server: ghs
Content-Length: 221
Content-Type: text/html; charset=UTF-8
Alternate-Protocol: 80:quic
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
...221 bytes of data.
GET / HTTP/1.1
Host: shoricika.ro
Result:
HTTP/1.1 301 Moved Permanently
Connection: close
Date: Fri, 08 Aug 2014 15:18:18 GMT
Location: http://www.shoricika.ro/
Server: ghs
Content-Length: 221
Content-Type: text/html; charset=UTF-8
Alternate-Protocol: 80:quic
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
...221 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: shoricika.ro
Referer: http://www.google.com/search?q=shoricika.ro
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: shoricika.ro
Referer: http://www.google.com/search?q=shoricika.ro
Result:
The result is similar to the first query. There are no suspicious redirects found.
Scanned pages/files
Request | Server response | Status |
http://shoricika.ro/ | HTTP/1.1 301 Moved Permanently Connection: close Date: Fri, 08 Aug 2014 15:18:18 GMT Location: http://www.shoricika.ro/ Server: ghs Content-Length: 221 Content-Type: text/html; charset=UTF-8 Alternate-Protocol: 80:quic X-Frame-Options: SAMEORIGIN X-XSS-Protection: 1; mode=block | clean |
http://www.shoricika.ro/ | HTTP/1.1 302 Moved Temporarily Cache-Control: no-cache, no-store, max-age=0, must-revalidate Connection: close Date: Fri, 08 Aug 2014 15:18:19 GMT Pragma: no-cache Location: http://www.blogger.com/blogin.g?blogspotURL=http://www.shoricika.ro/ Server: GSE Content-Type: text/html; charset=UTF-8 Expires: Fri, 01 Jan 1990 00:00:00 GMT Alternate-Protocol: 80:quic,80:quic X-Content-Type-Options: nosniff X-Frame-Options: SAMEORIGIN X-Robots-Tag: noindex, nofollow X-XSS-Protection: 1; mode=block | clean |
http://www.blogger.com/blogin.g?blogspoturl=http://www.shoricika.ro/ | HTTP/1.1 302 Moved Temporarily Cache-Control: private, max-age=0 Connection: close Date: Fri, 08 Aug 2014 15:18:19 GMT Location: https://www.blogger.com/blogin.g?blogspoturl=http://www.shoricika.ro/ Server: GSE Content-Type: text/html; charset=UTF-8 Expires: Fri, 08 Aug 2014 15:18:19 GMT Alternate-Protocol: 80:quic P3P: CP="This is not a P3P policy! See http://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info." X-Content-Type-Options: nosniff X-Frame-Options: SAMEORIGIN X-XSS-Protection: 1; mode=block | clean |
https://www.blogger.com/blogin.g?blogspoturl=http://www.shoricika.ro/ | 400 Bad Request Content-Length: 4728 Content-Type: text/html | clean |
https://www.blogger.com/ | HTTP/1.1 302 Moved Temporarily Cache-Control: no-cache, no-store, max-age=0, must-revalidate Connection: close Date: Fri, 08 Aug 2014 15:18:20 GMT Pragma: no-cache Location: https://www.blogger.com/home Server: GSE Content-Type: text/html; charset=UTF-8 Expires: Fri, 01 Jan 1990 00:00:00 GMT Alternate-Protocol: 443:quic P3P: CP="This is not a P3P policy! See http://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info." X-Content-Type-Options: nosniff X-Frame-Options: SAMEORIGIN X-XSS-Protection: 1; mode=block | clean |
https://www.blogger.com/home | HTTP/1.1 302 Moved Temporarily Cache-Control: private, max-age=0 Connection: close Date: Fri, 08 Aug 2014 15:18:20 GMT Location: https://accounts.google.com/ServiceLogin?service=blogger&passive=1209600&continue=https://www.blogger.com/home&followup=https://www.blogger.com/home<mpl=start Server: GSE Content-Type: text/html; charset=UTF-8 Expires: Fri, 08 Aug 2014 15:18:20 GMT Alternate-Protocol: 443:quic P3P: CP="This is not a P3P policy! See http://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info." X-Content-Type-Options: nosniff X-Frame-Options: SAMEORIGIN X-XSS-Protection: 1; mode=block | clean |
https://accounts.google.com/servicelogin?service=blogger&passive=1209600&continue=https://www.blogger.com/home&followup=https://www.blogger.com/home<mpl=start | 200 OK Content-Length: 69588 Content-Type: text/html | clean |
https://accounts.google.com/SignUp?service=blogger&continue=https%3A%2F%2Fwww.blogger.com%2Fhome<mpl=start | 200 OK Content-Length: 300420 Content-Type: text/html | clean |
https://accounts.google.com/ServiceLogin?continue=https%3A%2F%2Fwww.blogger.com%2Fhome&service=blogger<mpl=start&dsh=8909637296446807713 | 200 OK Content-Length: 66995 Content-Type: text/html | clean |
https://accounts.google.com/TOS?loc=LT&hl=en | HTTP/1.1 302 Moved Temporarily Cache-Control: no-cache, no-store Connection: close Date: Fri, 08 Aug 2014 15:18:23 GMT Pragma: no-cache Location: https://www.google.lt/intl/en/policies/terms/ Server: GSE Content-Length: 227 Content-Type: text/html; charset=UTF-8 Expires: Mon, 01-Jan-1990 00:00:00 GMT Alternate-Protocol: 443:quic Set-Cookie: GoogleAccountsLocale_session=en; Path=/; Secure; HttpOnly Strict-Transport-Security: max-age=10893354; includeSubDomains X-Content-Type-Options: nosniff X-Frame-Options: DENY X-XSS-Protection: 1; mode=block | clean |
https://www.google.lt/intl/en/policies/terms/ | HTTP/1.1 200 OK Cache-Control: private, max-age=0 Connection: close Date: Fri, 08 Aug 2014 15:18:23 GMT Server: sffe Vary: Accept-Encoding Content-Type: text/html Expires: Fri, 08 Aug 2014 15:18:23 GMT Last-Modified: Tue, 24 Jan 2012 14:44:29 GMT X-Content-Type-Options: nosniff X-XSS-Protection: 1; mode=block | clean |
https://www.google.lt/intl/en/policies/terms/regional.html | 200 OK Content-Length: 20900 Content-Type: text/html | clean |
https://www.google.lt//www.google.com/js/google.js/ | 404 Not Found Content-Length: 1438 Content-Type: text/html | clean |
https://www.google.lt//www.google.com/ | 404 Not Found Content-Length: 1425 Content-Type: text/html | clean |
http://www.google.lt/test404page.js | 404 Not Found Content-Length: 1439 Content-Type: text/html | clean |
http://www.google.lt//www.google.com/ | 404 Not Found Content-Length: 1440 Content-Type: text/html | clean |
https://accounts.google.com//www.google.com/js/maia.js/ | 404 Not Found Content-Length: 1413 Content-Type: text/html | clean |
https://accounts.google.com//www.google.com/ | 404 Not Found Content-Length: 1413 Content-Type: text/html | clean |
https://accounts.google.com/ | HTTP/1.1 302 Moved Temporarily Cache-Control: private, max-age=0 Connection: close Date: Fri, 08 Aug 2014 15:18:25 GMT Location: https://accounts.google.com/ManageAccount Server: GSE Content-Length: 223 Content-Type: text/html; charset=UTF-8 Expires: Fri, 08 Aug 2014 15:18:25 GMT Alternate-Protocol: 443:quic Strict-Transport-Security: max-age=10893354; includeSubDomains X-Content-Type-Options: nosniff X-Frame-Options: DENY X-XSS-Protection: 1; mode=block | clean |
https://accounts.google.com/manageaccount | HTTP/1.1 302 Moved Temporarily Cache-Control: private, max-age=0 Connection: close Date: Fri, 08 Aug 2014 15:18:25 GMT Location: https://accounts.google.com/ServiceLogin?passive=1209600&continue=https%3A%2F%2Faccounts.google.com%2Fmanageaccount&followup=https%3A%2F%2Faccounts.google.com%2Fmanageaccount Server: GSE Content-Length: 364 Content-Type: text/html; charset=UTF-8 Expires: Fri, 08 Aug 2014 15:18:25 GMT Alternate-Protocol: 443:quic Set-Cookie: GAPS=1:yyw4IVEMxuTFKVCYcrYj6d6pq2CNCA:X1WuCNHKdh-1no5w;Path=/;Expires=Sun, 07-Aug-2016 15:18:25 GMT;Secure;HttpOnly;Priority=HIGH Strict-Transport-Security: max-age=10893354; includeSubDomains X-Content-Type-Options: nosniff X-Frame-Options: DENY X-XSS-Protection: 1; mode=block | clean |
https://accounts.google.com/servicelogin?passive=1209600&continue=https%3a%2f%2faccounts.google.com%2fmanageaccount&followup=https%3a%2f%2faccounts.google.com%2fmanageaccount | 200 OK Content-Length: 66868 Content-Type: text/html | clean |
https://accounts.google.com/RecoverAccount?continue=https%3A%2F%2Faccounts.google.com%2Fmanageaccount | HTTP/1.1 302 Moved Temporarily Cache-Control: private, max-age=0 Connection: close Date: Fri, 08 Aug 2014 15:18:26 GMT Location: https://www.google.com/accounts/recovery?hl=en&ard=AHwGkRkNoFf2A7Lx5_bWX1r6C4l0dbX0ygMrc-DF6hGJX5rjhBdQ9s8bGg6QSVTKYBR9eStkzjqM20ttfLHpJNqQideOIWBCgWyzT03KnQQDs_7mYzPRCosOLucs8sObXF8Q-dKaAYHJNfuXXuM8u0KsgBMAX47HRg Server: GSE Content-Length: 399 Content-Type: text/html; charset=UTF-8 Expires: Fri, 08 Aug 2014 15:18:26 GMT Alternate-Protocol: 443:quic Set-Cookie: GAPS=1:p4HBfKObj7JdQ3VlEZlxIOCOEivP_A:suEOITvUrjp_cMo2;Path=/;Expires=Sun, 07-Aug-2016 15:18:26 GMT;Secure;HttpOnly;Priority=HIGH Strict-Transport-Security: max-age=10893354; includeSubDomains X-Content-Type-Options: nosniff X-Frame-Options: DENY X-XSS-Protection: 1; mode=block | clean |
https://www.google.com/accounts/recovery?hl=en&ard=ahwgkrknoff2a7lx5_bwx1r6c4l0dbx0ygmrc-df6hgjx5rjhbdq9s8bgg6qsvtkybr9estkzjqm20ttflhpjnqqideoiwbcgwyzt03knqqds_7myzprcosolucs8sobxf8q-dkaayhjnfuxxum8u0ksgbmax47hrg | HTTP/1.1 302 Moved Temporarily Cache-Control: no-cache, no-store, max-age=0, must-revalidate Connection: close Date: Fri, 08 Aug 2014 15:18:26 GMT Pragma: no-cache Location: https://www.google.com/accounts/recovery/?hl=en&ard=ahwgkrknoff2a7lx5_bwx1r6c4l0dbx0ygmrc-df6hgjx5rjhbdq9s8bgg6qsvtkybr9estkzjqm20ttflhpjnqqideoiwbcgwyzt03knqqds_7myzprcosolucs8sobxf8q-dkaayhjnfuxxum8u0ksgbmax47hrg Server: GSE Content-Type: text/html; charset=UTF-8 Expires: Fri, 01 Jan 1990 00:00:00 GMT X-Content-Type-Options: nosniff X-Frame-Options: SAMEORIGIN X-XSS-Protection: 1; mode=block | clean |
https://www.google.com/accounts/recovery/?hl=en&ard=ahwgkrknoff2a7lx5_bwx1r6c4l0dbx0ygmrc-df6hgjx5rjhbdq9s8bgg6qsvtkybr9estkzjqm20ttflhpjnqqideoiwbcgwyzt03knqqds_7myzprcosolucs8sobxf8q-dkaayhjnfuxxum8u0ksgbmax47hrg | HTTP/1.1 302 Moved Temporarily Cache-Control: no-cache, max-age=0, must-revalidate Connection: close Date: Fri, 08 Aug 2014 15:18:27 GMT Pragma: no-cache Location: https://www.google.com/accounts/RecoverAccount?hl=en&ard=ahwgkrknoff2a7lx5_bwx1r6c4l0dbx0ygmrc-df6hgjx5rjhbdq9s8bgg6qsvtkybr9estkzjqm20ttflhpjnqqideoiwbcgwyzt03knqqds_7myzprcosolucs8sobxf8q-dkaayhjnfuxxum8u0ksgbmax47hrg&arr=AHwGkRmeBFM5Gj9iHEkLAI6_89z3tOJCd1kAx7FI5jO1x4daW1lmgPl0LluaqrkwoILcxI4fRTwOq1a3yScPsWrfJgv8vC_DSOrkq3htMpDIQwWD5m4_lO-0v_IWBtJNVZFnEt2pLBEA Server: GSE Content-Type: text/html; charset=UTF-8 Expires: Fri, 01 Jan 1990 00:00:00 GMT Set-Cookie: accountrecoverylocale=en; Expires=Fri, 15-Aug-2014 15:18:27 GMT; Path=/accounts/recovery; Secure; HttpOnly Set-Cookie: S=account-recovery=dCnLcXcO7g8; Domain=.google.com; Path=/; Secure; HttpOnly X-Content-Type-Options: nosniff X-Frame-Options: SAMEORIGIN X-XSS-Protection: 1; mode=block | clean |
https://www.google.com/accounts/recoveraccount?hl=en&ard=ahwgkrknoff2a7lx5_bwx1r6c4l0dbx0ygmrc-df6hgjx5rjhbdq9s8bgg6qsvtkybr9estkzjqm20ttflhpjnqqideoiwbcgwyzt03knqqds_7myzprcosolucs8sobxf8q-dkaayhjnfuxxum8u0ksgbmax47hrg&arr=ahwgkrmebfm5gj9iheklai6_89z3tojcd1kax7fi5jo1x4daw1lmgpl0lluaqrkwoilcxi4frtwoq1a3yscpswrfjgv8vc_dsorkq3htmpdiqwwd5m4_lo-0v_iwbtjnvzfnet2plbea | HTTP/1.1 302 Moved Temporarily Cache-Control: private, max-age=0 Connection: close Date: Fri, 08 Aug 2014 15:18:27 GMT Location: https://accounts.google.com/recoveraccount?hl=en&ard=ahwgkrknoff2a7lx5_bwx1r6c4l0dbx0ygmrc-df6hgjx5rjhbdq9s8bgg6qsvtkybr9estkzjqm20ttflhpjnqqideoiwbcgwyzt03knqqds_7myzprcosolucs8sobxf8q-dkaayhjnfuxxum8u0ksgbmax47hrg&arr=ahwgkrmebfm5gj9iheklai6_89z3tojcd1kax7fi5jo1x4daw1lmgpl0lluaqrkwoilcxi4frtwoq1a3yscpswrfjgv8vc_dsorkq3htmpdiqwwd5m4_lo-0v_iwbtjnvzfnet2plbea Server: GSE Content-Length: 550 Content-Type: text/html; charset=UTF-8 Expires: Fri, 08 Aug 2014 15:18:27 GMT Set-Cookie: GoogleAccountsLocale_session=en; Path=/; Secure; HttpOnly X-Content-Type-Options: nosniff X-XSS-Protection: 1; mode=block | clean |
https://accounts.google.com/recoveraccount?hl=en&ard=ahwgkrknoff2a7lx5_bwx1r6c4l0dbx0ygmrc-df6hgjx5rjhbdq9s8bgg6qsvtkybr9estkzjqm20ttflhpjnqqideoiwbcgwyzt03knqqds_7myzprcosolucs8sobxf8q-dkaayhjnfuxxum8u0ksgbmax47hrg&arr=ahwgkrmebfm5gj9iheklai6_89z3tojcd1kax7fi5jo1x4daw1lmgpl0lluaqrkwoilcxi4frtwoq1a3yscpswrfjgv8vc_dsorkq3htmpdiqwwd5m4_lo-0v_iwbtjnvzfnet2plbea | 400 Bad Request Content-Length: 145 Content-Type: text/html | clean |
https://accounts.google.com/SignUp?continue=https%3A%2F%2Faccounts.google.com%2Fmanageaccount | 200 OK Content-Length: 300352 Content-Type: text/html | clean |
https://accounts.google.com/ServiceLogin?continue=https%3A%2F%2Faccounts.google.com%2Fmanageaccount&dsh=-1063423178536651024 | 200 OK Content-Length: 66815 Content-Type: text/html | clean |