Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=worldtravel-nt.ru
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: colorfulaccessory.com
Result:
HTTP/1.1 404 Not Found
Connection: Close
Content-Length: 1249
Content-Type: text/html; charset=gb2312
Cache-Contro: no-cache
...1249 bytes of data.
GET / HTTP/1.1
Host: colorfulaccessory.com
Result:
HTTP/1.1 404 Not Found
Connection: Close
Content-Length: 1249
Content-Type: text/html; charset=gb2312
Cache-Contro: no-cache
...1249 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: colorfulaccessory.com
Referer: http://www.google.com/search?q=colorfulaccessory.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: colorfulaccessory.com
Referer: http://www.google.com/search?q=colorfulaccessory.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Scanned pages/files
Request | Server response | Status |
http://worldtravel-nt.ru/ | HTTP/1.1 302 Moved Temporarily Connection: close Date: Sat, 06 Sep 2014 19:39:22 GMT Location: http://compton-rp.ru/neww_clo/tds/master.php?i=1&q=alleng+ru+%D0%BD%D0%BE%D0%B2%D0%B0%D1%8F+%D0%B8%D1%81%D1%82%D0%BE%D1%80%D0%B8%D1%8F+7+%D0%BA%D0%BB%D0%B0%D1%81%D1%81+%D1%83%D1%80%D0%BE%D0%BA+10&v=3&host=worldtravel-nt.ru Server: nginx/1.4.3 Content-Type: text/html X-Powered-By: PHP/5.4.21-1~dotdeb.1 | malicious |
http://compton-rp.ru/neww_clo/tds/master.php?i=1&q=alleng+ru+%d0%bd%d0%be%d0%b2%d0%b0%d1%8f+%d0%b8%d1%81%d1%82%d0%be%d1%80%d0%b8%d1%8f+7+%d0%ba%d0%bb%d0%b0%d1%81%d1%81+%d1%83%d1%80%d0%be%d0%ba+10&v=3&host=worldtravel-nt.ru | HTTP/1.1 301 Moved Permanently Connection: close Date: Sat, 06 Sep 2014 19:39:22 GMT Location: http://poisk-gdz.ru/?q=alleng ru Ð½Ð¾Ð²Ð°Ñ Ð¸ÑÑоÑÐ¸Ñ 7 клаÑÑ ÑÑок 10&i=1 Server: nginx/1.2.1 Vary: Accept-Encoding Content-Length: 0 Content-Type: text/html; charset=UTF-8 X-Powered-By: PHP/5.4.25-1~dotdeb.1 | clean |
http://poisk-gdz.ru/?q=alleng ru Ð½Ð¾Ð²Ð°Ñ Ð¸ÑÑоÑÐ¸Ñ 7 клаÑÑ ÑÑок 10&i=1 | HTTP/1.1 200 OK Connection: close Date: Sat, 06 Sep 2014 19:39:23 GMT Server: nginx/1.0.15 Content-Type: text/html; charset=UTF-8 X-Powered-By: PHP/5.4.29 | clean |
http://poisk-gdz.ru/url.php?url=alleng | HTTP/1.1 200 OK Connection: close Date: Sat, 06 Sep 2014 19:39:23 GMT Server: nginx/1.0.15 Content-Length: 1118 Content-Type: text/html; charset=UTF-8 X-Powered-By: PHP/5.4.29 | clean |
http://poisk-gdz.ru/
notice: | 404 Not Found Content-Length: 284 Content-Type: text/html | clean |
http://poisk-gdz.ru/test404page.js | 404 Not Found Content-Length: 290 Content-Type: text/html | clean |