Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=webmail.speak4me-nigeria.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://webmail.speak4me-nigeria.com/
Result: The website is marked by Yandex as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Yandex as suspicious. - visiting this web site may harm your computer.
Details are available here.
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: webmail.speak4me-nigeria.com
Result:
HTTP/1.1 401 Access Denied
Connection: close
Date: Wed, 20 Aug 2014 09:01:21 GMT
Server: nginx/0.8.54
Content-Length: 17830
Content-Type: text/html; charset="utf-8"
Set-Cookie: webmailrelogin=no; HttpOnly; path=/; port=8080
Set-Cookie: webmailsession=%3avnFuuRb3XNlyd2XJO00ZBAtbEh9gFYNgkIuP60fCPbyiUCnzI8eU8ezxQExM1Bi4%2cdc0943a01a8688fdb8e984b4a8c3e41e110de4101498d9645e39244bb34d6561; HttpOnly; path=/; port=8080
...17830 bytes of data.
GET / HTTP/1.1
Host: webmail.speak4me-nigeria.com
Result:
HTTP/1.1 401 Access Denied
Connection: close
Date: Wed, 20 Aug 2014 09:01:21 GMT
Server: nginx/0.8.54
Content-Length: 17830
Content-Type: text/html; charset="utf-8"
Set-Cookie: webmailrelogin=no; HttpOnly; path=/; port=8080
Set-Cookie: webmailsession=%3avnFuuRb3XNlyd2XJO00ZBAtbEh9gFYNgkIuP60fCPbyiUCnzI8eU8ezxQExM1Bi4%2cdc0943a01a8688fdb8e984b4a8c3e41e110de4101498d9645e39244bb34d6561; HttpOnly; path=/; port=8080
...17830 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: webmail.speak4me-nigeria.com
Referer: http://www.google.com/search?q=webmail.speak4me-nigeria.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: webmail.speak4me-nigeria.com
Referer: http://www.google.com/search?q=webmail.speak4me-nigeria.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Scanned pages/files
| Request | Server response | Status |
http://webmail.speak4me-nigeria.com/ | 401 Access Denied Content-Length: 17830 Content-Type: text/html | clean |
http://webmail.speak4me-nigeria.com/?locale=ar | 401 Access Denied Content-Length: 18432 Content-Type: text/html | clean |
http://webmail.speak4me-nigeria.com/?locale=de | 401 Access Denied Content-Length: 17964 Content-Type: text/html | clean |
http://webmail.speak4me-nigeria.com/?locale=en | 401 Access Denied Content-Length: 17692 Content-Type: text/html | clean |
http://webmail.speak4me-nigeria.com/?locale=es | 401 Access Denied Content-Length: 17990 Content-Type: text/html | clean |
http://webmail.speak4me-nigeria.com/?locale=es_419 | 401 Access Denied Content-Length: 17929 Content-Type: text/html | clean |
http://webmail.speak4me-nigeria.com/?locale=es_es | 401 Access Denied Content-Length: 17941 Content-Type: text/html | clean |
http://webmail.speak4me-nigeria.com/?locale=fr | 401 Access Denied Content-Length: 18037 Content-Type: text/html | clean |
http://webmail.speak4me-nigeria.com/?locale=hi | 401 Access Denied Content-Length: 19470 Content-Type: text/html | clean |
http://webmail.speak4me-nigeria.com/?locale=nl | 401 Access Denied Content-Length: 17735 Content-Type: text/html | clean |
http://webmail.speak4me-nigeria.com/?locale=pl | 401 Access Denied Content-Length: 17881 Content-Type: text/html | clean |
http://webmail.speak4me-nigeria.com/?locale=pt | 401 Access Denied Content-Length: 17807 Content-Type: text/html | clean |
http://webmail.speak4me-nigeria.com/?locale=pt_br | 401 Access Denied Content-Length: 17784 Content-Type: text/html | clean |
http://webmail.speak4me-nigeria.com/?locale=ro | 401 Access Denied Content-Length: 18018 Content-Type: text/html | clean |
http://webmail.speak4me-nigeria.com/?locale=ru | 401 Access Denied Content-Length: 18785 Content-Type: text/html | clean |