Malicious/Suspicious Redirects
Request | Server response | Status |
URL: http://www.bestpointandshootcamerasonline.com/ (imitation of visitor from search engine) GET / HTTP/1.1 Host: www.bestpointandshootcamerasonline.com Referer: http://www.google.com/search?q=redirect+check1 | HTTP/1.1 301 Moved Permanently Connection: close Date: Sat, 03 Oct 2015 08:50:39 GMT Location: http://medicoikju.ru/ Server: nginx/1.8.0 Content-Length: 317 Content-Type: text/html; charset=iso-8859-1 | malicious |
Scanned pages/files
Request | Server response | Status |
http://www.bestpointandshootcamerasonline.com/ | 200 OK Content-Length: 2160 Content-Type: text/html | suspicious |
Deface/Content modification. The following signature was found: Hacked By ...[736 bytes skipped]... 1b0870d&p=1"></script></head> <body style="background-color: White;"> <div align="center"> <br><br><br> <center><img src="http://i.hizliresim.com/2g3V40.jpg"_f"> <br><br> <br> <p><font style="color: rgb(0, 0, 0); text-shadow: rgb(0, 0, 0) 0px 1px 7px;" color="black" face="Share Tech Mono" size="6">Hacked By <font color="7CFC00" face="Share Tech Mono" size="6">TuRaL</font> <br> <br> <font color="black" face="Share Tech Mono" size="5">T?kc? TENGRI Biz M?n?n </font><br><br><br> <font color="black" face="Share Tech Mono" size="5">Tanri Turku Korusun V? Yuc?ltsin </font><br><br><br> <font style="color: rgb(0, 0, 0); text-shadow: rgb(0, 0, 0) 0px 1px 7px;" face="Geo" size="4" ...[1116 bytes skipped]... | ||
https://engowe.com/ad.php?u=28ca6b0cad4eefd47b7b9cb541b0870d&p=1 | 200 OK Content-Length: 12249 Content-Type: application/javascript | clean |
http://www.bestpointandshootcamerasonline.com/test404page.js | HTTP/1.1 302 Found Connection: close Date: Sat, 03 Oct 2015 08:50:40 GMT Location: http://medicoikju.ru/ Server: nginx/1.8.0 Content-Length: 293 Content-Type: text/html; charset=iso-8859-1 | clean |
http://medicoikju.ru/ | 200 OK Content-Length: 6229 Content-Type: text/html | clean |
http://medicoikju.ru/modernizr.js | 200 OK Content-Length: 6298 Content-Type: application/javascript | clean |
http://www.bestpointandshootcamerasonline.com/script.js | HTTP/1.1 302 Found Connection: close Date: Sat, 03 Oct 2015 08:50:41 GMT Location: http://medicoikju.ru/ Server: nginx/1.8.0 Content-Length: 293 Content-Type: text/html; charset=iso-8859-1 | clean |
http://medicoikju.ru/test404page.js | 404 Not Found Content-Length: 6229 Content-Type: text/html | clean |
http://medicoikju.ru/script.js | 200 OK Content-Length: 100527 Content-Type: application/javascript | clean |
http://parking.reg.ru/script/get_domain_data?domain_name=medicoikju.ru&callback=callback | HTTP/1.1 301 Moved Permanently Connection: close Date: Sat, 03 Oct 2015 08:50:42 GMT Location: https://parking.reg.ru/script/get_domain_data?domain_name=medicoikju.ru&callback=callback Server: nginx Content-Length: 178 Content-Type: text/html | clean |
https://parking.reg.ru/script/get_domain_data?domain_name=medicoikju.ru&callback=callback | 502 Bad Gateway Content-Length: 568 Content-Type: text/html | clean |
http://parking.reg.ru/test404page.js | HTTP/1.1 301 Moved Permanently Connection: close Date: Sat, 03 Oct 2015 08:50:42 GMT Location: https://parking.reg.ru/test404page.js Server: nginx Content-Length: 178 Content-Type: text/html | clean |
https://parking.reg.ru/test404page.js | 404 Not Found Content-Length: 564 Content-Type: text/html | clean |
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=bestpointandshootcamerasonline.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://bestpointandshootcamerasonline.com/
Result: bestpointandshootcamerasonline.com is not infected or malware details are not published yet.
Result: bestpointandshootcamerasonline.com is not infected or malware details are not published yet.