Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=sportsone.ru
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: sportsone.ru
Result:
HTTP/1.1 302 Moved Temporarily
Connection: close
Date: Sat, 13 Sep 2014 01:48:22 GMT
Location: http://d18dhsdkjsd2.ru/books?charset=utf-8&keyword=%D0%9F%D0%BB%D0%B0%D0%BD%D1%88%D0%B5%D1%82+%D0%B0%D1%81%D1%83%D1%81+%D0%BA%D0%B0%D0%BA+%D0%BD%D0%B0%D1%81%D1%82%D1%80%D0%BE%D0%B8%D1%82%D1%8C+%D0%B8%D0%BD%D1%82%D0%B5%D1%80%D0%BD%D0%B5%D1%82+-+%D0%A3%D0%BD%D0%B8%D0%BA%D0%B0%D0%BB%D1%8C%D0%BD%D1%8B%D0%B9+%D1%81%D0%B5%D1%80%D0%B2%D0%B8%D1%81+%D0%B4%D0%BE%D1%81%D1%82%D1%83%D0%BF%D0%B0+%D0%BA+%D1%84%D0%B0%D0%B9%D0%BB%D0%B0%D0%BC+sportsone.ru&v=3&host=sportsone.ru
Server: nginx/1.4.3
Content-Type: text/html
X-Powered-By: PHP/5.4.21-1~dotdeb.1
GET / HTTP/1.1
Host: sportsone.ru
Result:
HTTP/1.1 302 Moved Temporarily
Connection: close
Date: Sat, 13 Sep 2014 01:48:22 GMT
Location: http://d18dhsdkjsd2.ru/books?charset=utf-8&keyword=%D0%9F%D0%BB%D0%B0%D0%BD%D1%88%D0%B5%D1%82+%D0%B0%D1%81%D1%83%D1%81+%D0%BA%D0%B0%D0%BA+%D0%BD%D0%B0%D1%81%D1%82%D1%80%D0%BE%D0%B8%D1%82%D1%8C+%D0%B8%D0%BD%D1%82%D0%B5%D1%80%D0%BD%D0%B5%D1%82+-+%D0%A3%D0%BD%D0%B8%D0%BA%D0%B0%D0%BB%D1%8C%D0%BD%D1%8B%D0%B9+%D1%81%D0%B5%D1%80%D0%B2%D0%B8%D1%81+%D0%B4%D0%BE%D1%81%D1%82%D1%83%D0%BF%D0%B0+%D0%BA+%D1%84%D0%B0%D0%B9%D0%BB%D0%B0%D0%BC+sportsone.ru&v=3&host=sportsone.ru
Server: nginx/1.4.3
Content-Type: text/html
X-Powered-By: PHP/5.4.21-1~dotdeb.1
Second query (visit from search engine):
GET / HTTP/1.1
Host: sportsone.ru
Referer: http://www.google.com/search?q=sportsone.ru
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: sportsone.ru
Referer: http://www.google.com/search?q=sportsone.ru
Result:
The result is similar to the first query. There are no suspicious redirects found.
Scanned pages/files
Request | Server response | Status |
http://sportsone.ru/ | HTTP/1.1 302 Moved Temporarily Connection: close Date: Sat, 13 Sep 2014 01:48:22 GMT Location: http://d18dhsdkjsd2.ru/books?charset=utf-8&keyword=%D0%9F%D0%BB%D0%B0%D0%BD%D1%88%D0%B5%D1%82+%D0%B0%D1%81%D1%83%D1%81+%D0%BA%D0%B0%D0%BA+%D0%BD%D0%B0%D1%81%D1%82%D1%80%D0%BE%D0%B8%D1%82%D1%8C+%D0%B8%D0%BD%D1%82%D0%B5%D1%80%D0%BD%D0%B5%D1%82+-+%D0%A3%D0%BD%D0%B8%D0%BA%D0%B0%D0%BB%D1%8C%D0%BD%D1%8B%D0%B9+%D1%81%D0%B5%D1%80%D0%B2%D0%B8%D1%81+%D0%B4%D0%BE%D1%81%D1%82%D1%83%D0%BF%D0%B0+%D0%BA+%D1%84%D0%B0%D0%B9%D0%BB%D0%B0%D0%BC+sportsone.ru&v=3&host=sportsone.ru Server: nginx/1.4.3 Content-Type: text/html X-Powered-By: PHP/5.4.21-1~dotdeb.1 | clean |
http://d18dhsdkjsd2.ru/books?charset=utf-8&keyword=%d0%9f%d0%bb%d0%b0%d0%bd%d1%88%d0%b5%d1%82+%d0%b0%d1%81%d1%83%d1%81+%d0%ba%d0%b0%d0%ba+%d0%bd%d0%b0%d1%81%d1%82%d1%80%d0%be%d0%b8%d1%82%d1%8c+%d0%b8%d0%bd%d1%82%d0%b5%d1%80%d0%bd%d0%b5%d1%82+-+%d0%a3%d0%bd%d0%b8%d0%ba%d0%b0%d0%bb%d1%8c%d0%bd%d1%8b%d0%b9+%d1%81%d0%b5%d1%80%d0%b2%d0%b8%d1%81+%d0%b4%d0%be%d1%81%d1%82%d1%83%d0%bf%d0%b0+%d0%ba+%d1%84%d <span>...63 symbols skipped</span> | HTTP/1.1 302 Moved Temporarily Cache-Control: max-age=0 Connection: close Date: Sat, 13 Sep 2014 01:48:23 GMT Pragma: no-cache Location: http://d18dhsdkjsd9.ru/?aburj Server: nginx/1.4.3 Content-Type: text/html; charset=utf-8 Expires: Thu, 21 Jul 1977 07:30:00 GMT Last-Modified: Sat, 13 Sep 2014 01:48:22 GMT X-Powered-By: PHP/5.4.21-1~dotdeb.1 | clean |
http://d18dhsdkjsd9.ru/?aburj | HTTP/1.1 302 Moved Temporarily Cache-Control: max-age=0 Connection: close Date: Sat, 13 Sep 2014 01:48:23 GMT Pragma: no-cache Location: http://stoptraff/?670d455d4b609f962c5ba287b49b5e94= Server: nginx/1.4.3 Content-Type: text/html; charset=utf-8 Expires: Thu, 21 Jul 1977 07:30:00 GMT Last-Modified: Sat, 13 Sep 2014 01:48:23 GMT X-Powered-By: PHP/5.4.21-1~dotdeb.1 | clean |
http://stoptraff/?670d455d4b609f962c5ba287b49b5e94= | 500 Can't connect to stoptraff:80 (Bad hostname) Content-Length: 150 Content-Type: text/plain | clean |
http://stoptraff/test404page.js | 500 Can't connect to stoptraff:80 (Bad hostname) Content-Length: 150 Content-Type: text/plain | clean |