Malicious/Suspicious Redirects
| Request | Server response | Status |
URL: http://android-devices.com.ua/ (imitation of visitor from search engine) GET / HTTP/1.1 Host: android-devices.com.ua Referer: http://www.google.com/search?q=redirect+check1 | HTTP/1.1 302 Found Connection: close Date: Sat, 30 Aug 2014 21:34:34 GMT Location: http://bitly.com/STTMlN Server: nginx/1.4.2 Content-Length: 295 Content-Type: text/html; charset=iso-8859-1 | malicious |
URL: http://bitly.com/STTMlN (imitation of visitor from search engine) GET /STTMlN HTTP/1.1 Host: bitly.com Referer: http://www.google.com/search?q=redirect+check2 | HTTP/1.1 301 Moved Permanently Cache-Control: private; max-age=90 Connection: close Date: Sat, 30 Aug 2014 21:34:34 GMT Location: http://goo.gl/0rXySb Server: nginx Content-Length: 112 Content-Type: text/html; charset=utf-8 Mime-Version: 1.0 Set-Cookie: _bit=5402436a-00242-07e29-2a1cf10a;domain=.bitly.com;expires=Thu Feb 26 21:34:34 2015;path=/; HttpOnly | malicious |
URL: http://goo.gl/0rXySb (imitation of visitor from search engine) GET /0rXySb HTTP/1.1 Host: goo.gl Referer: http://www.google.com/search?q=redirect+check3 | HTTP/1.1 301 Moved Permanently Cache-Control: no-cache, no-store, max-age=0, must-revalidate Connection: close Date: Sat, 30 Aug 2014 21:34:34 GMT Pragma: no-cache Location: http://sh.oowoo.ru/redsh.php Server: GSE Content-Type: text/html; charset=UTF-8 Expires: Fri, 01 Jan 1990 00:00:00 GMT Alternate-Protocol: 80:quic X-Content-Type-Options: nosniff X-Frame-Options: SAMEORIGIN X-XSS-Protection: 1; mode=block | malicious |
URL: http://sh.oowoo.ru/redsh.php (imitation of visitor from search engine) GET /redsh.php HTTP/1.1 Host: sh.oowoo.ru Referer: http://www.google.com/search?q=redirect+check4 | HTTP/1.1 302 Found Connection: close Date: Sat, 30 Aug 2014 21:33:26 GMT Location: http://hotzone2nn.com/sexgospital/?sid=269188418 Server: nginx/1.0.15 Content-Length: 0 Content-Type: text/html; charset=CP1251 X-Powered-By: PHP/5.2.17 | suspicious |
URL: http://hotzone2nn.com/sexgospital/?sid=269188418 (imitation of visitor from search engine) GET /sexgospital/?sid=269188418 HTTP/1.1 Host: hotzone2nn.com Referer: http://www.google.com/search?q=redirect+check5 | HTTP/1.1 302 Found Cache-Control: max-age=259200 Connection: close Date: Sat, 30 Aug 2014 21:34:34 GMT Pragma: no-cache Location: http://hotzonepqnn.info/sexgospital?sid=269188418 Server: nginx/1.0.14 Content-Length: 0 Content-Type: text/html; charset=utf-8 Expires: Tue, 02 Sep 2014 21:34:34 GMT Set-Cookie: PHPSESSID=fp3g3ddpf4984rbkqlirudmbg1; path=/ X-Powered-By: PHP/5.3.10 | suspicious |
Scanned pages/files
| Request | Server response | Status |
http://android-devices.com.ua/ | 500 Internal Server Error Content-Length: 1 Content-Type: text/html | clean |
http://android-devices.com.ua/test404page.js | 404 Not Found Content-Length: 1 Content-Type: text/html | clean |
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=android-devices.com.ua
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://android-devices.com.ua/
Result: android-devices.com.ua is not infected or malware details are not published yet.
Result: android-devices.com.ua is not infected or malware details are not published yet.