Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=tsqvod.com
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: sportekspres.com
Result:
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Fri, 30 Jan 2015 05:33:39 GMT
Pragma: no-cache
Server: Apache/2.2.29 (Unix) mod_ssl/2.2.29 OpenSSL/1.0.1e-fips mod_bwlimited/1.4
Vary: User-Agent,Accept-Encoding
Content-Type: text/html; charset=UTF-8
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Link: <http://sportekspres.com/>; rel=shortlink
Set-Cookie: PHPSESSID=36e59f0d0d97033109090bdfdfaff2b8; path=/
X-Pingback: http://sportekspres.com/xmlrpc.php
X-Powered-By: PHP/5.4.35
GET / HTTP/1.1
Host: sportekspres.com
Result:
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Fri, 30 Jan 2015 05:33:39 GMT
Pragma: no-cache
Server: Apache/2.2.29 (Unix) mod_ssl/2.2.29 OpenSSL/1.0.1e-fips mod_bwlimited/1.4
Vary: User-Agent,Accept-Encoding
Content-Type: text/html; charset=UTF-8
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Link: <http://sportekspres.com/>; rel=shortlink
Set-Cookie: PHPSESSID=36e59f0d0d97033109090bdfdfaff2b8; path=/
X-Pingback: http://sportekspres.com/xmlrpc.php
X-Powered-By: PHP/5.4.35
Second query (visit from search engine):
GET / HTTP/1.1
Host: sportekspres.com
Referer: http://www.google.com/search?q=sportekspres.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: sportekspres.com
Referer: http://www.google.com/search?q=sportekspres.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Scanned pages/files
Request | Server response | Status |
http://tsqvod.com/ | HTTP/1.1 301 Moved Permanently Date: Fri, 05 Sep 2014 19:36:20 GMT Location: http://ilogou.com Server: Microsoft-IIS/6.0 Content-Length: 140 Content-Type: text/html X-Powered-By: ASP.NET | malicious |
http://ilogou.com/ | HTTP/1.1 200 OK Date: Fri, 05 Sep 2014 19:36:20 GMT Accept-Ranges: bytes ETag: "be715256ccc0cf1:e94" Server: Microsoft-IIS/6.0 Content-Length: 13913 Content-Location: http://ilogou.com/index.html Content-Type: text/html Last-Modified: Tue, 26 Aug 2014 01:23:27 GMT X-Powered-By: ASP.NET | clean |
http://ilogou.com/index.html | HTTP/1.1 200 OK Date: Fri, 05 Sep 2014 19:36:21 GMT Accept-Ranges: bytes ETag: "be715256ccc0cf1:e94" Server: Microsoft-IIS/6.0 Content-Length: 13913 Content-Location: http://ilogou.com/index.html Content-Type: text/html Last-Modified: Tue, 26 Aug 2014 01:23:27 GMT X-Powered-By: ASP.NET | clean |
http://ilogou.com/test404page.js | HTTP/1.1 404 Not Found Date: Fri, 05 Sep 2014 19:36:22 GMT Server: Microsoft-IIS/6.0 Content-Length: 1052 Content-Type: text/html X-Powered-By: ASP.NET | clean |