Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: windows-keitai.com:80
Result:
HTTP/1.1 200 OK
Cache-Control: no-cache
Connection: close
Date: Thu, 12 Jun 2014 20:40:55 GMT
Pragma: no-cache
ETag: f7570da2cb7380f4d6c16e48a938132f
Server: Apache/2.2.25
Vary: Negotiate,Cookie,Accept-Language
Content-Type: text/html; charset=UTF-8
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Last-Modified: Sun, 04 Sep 2011 18:12:44 GMT
Set-Cookie: lang=ja_JP; path=/
Set-Cookie: pukiwiki=48b35424cc5ff3f8092c5f2b3cca7136; path=/
GET / HTTP/1.1
Host: windows-keitai.com:80
Result:
HTTP/1.1 200 OK
Cache-Control: no-cache
Connection: close
Date: Thu, 12 Jun 2014 20:40:55 GMT
Pragma: no-cache
ETag: f7570da2cb7380f4d6c16e48a938132f
Server: Apache/2.2.25
Vary: Negotiate,Cookie,Accept-Language
Content-Type: text/html; charset=UTF-8
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Last-Modified: Sun, 04 Sep 2011 18:12:44 GMT
Set-Cookie: lang=ja_JP; path=/
Set-Cookie: pukiwiki=48b35424cc5ff3f8092c5f2b3cca7136; path=/
Second query (visit from search engine):
GET / HTTP/1.1
Host: windows-keitai.com:80
Referer: http://www.google.com/search?q=windows-keitai.com:80
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: windows-keitai.com:80
Referer: http://www.google.com/search?q=windows-keitai.com:80
Result:
The result is similar to the first query. There are no suspicious redirects found.
Scanned pages/files
| Request | Server response | Status |
http://windows-keitai.com:80/ | 200 OK Content-Length: 65117 Content-Type: text/html | clean |
http://windows-keitai.com:80/skin/lang/ja_JP.js | 200 OK Content-Length: 2597 Content-Type: application/javascript | clean |
http://soft.wince.ne.jp/image.windows-keitai.jp/skin/default.js | 200 OK Content-Length: 6257 Content-Type: application/javascript | clean |
http://windows-keitai.com:80/skin/kanzaki.js | 200 OK Content-Length: 16546 Content-Type: application/javascript | clean |
http://windows-keitai.com:80/skin/ajax/textloader.js | 200 OK Content-Length: 2862 Content-Type: application/javascript | clean |
http://windows-keitai.com:80/skin/ajax/glossary.js | 200 OK Content-Length: 2091 Content-Type: application/javascript | clean |
http://windows-keitai.com:80/skin/tzCalculation_LocalTimeZone.js | 200 OK Content-Length: 2648 Content-Type: application/javascript | clean |
http://soft.wince.ne.jp/image.windows-keitai.jp/skin/header.js | 200 OK Content-Length: 7847 Content-Type: application/javascript | clean |
http://partner.googleadservices.com/gampad/google_service.js | 200 OK Content-Length: 3878 Content-Type: text/javascript | clean |
http://www.google.com/coop/cse/brand?form=cse-search-box&lang=ja | 200 OK Content-Length: 2512 Content-Type: text/javascript | clean |
http://button.topsy.com/widget/retweet-big?nick=windowsphonejp | 500 Can't connect to button.topsy.com:80 (Bad hostname) Content-Length: 164 Content-Type: text/plain | clean |
http://button.topsy.com/test404page.js | 500 Can't connect to button.topsy.com:80 (Bad hostname) Content-Length: 164 Content-Type: text/plain | clean |
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=windows-keitai.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://windows-keitai.com/
Result: windows-keitai.com:80 is not infected or malware details are not published yet.
Result: windows-keitai.com:80 is not infected or malware details are not published yet.