Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: chat6.ps
Result:
HTTP/1.1 301 Moved Permanently
Connection: close
Date: Thu, 18 Dec 2014 00:42:30 GMT
Location: http://www.chat6.ps/
Server: nginx admin
Content-Length: 393
Content-Type: text/html; charset=iso-8859-1
X-Cache: HIT from Backend
...393 bytes of data.
GET / HTTP/1.1
Host: chat6.ps
Result:
HTTP/1.1 301 Moved Permanently
Connection: close
Date: Thu, 18 Dec 2014 00:42:30 GMT
Location: http://www.chat6.ps/
Server: nginx admin
Content-Length: 393
Content-Type: text/html; charset=iso-8859-1
X-Cache: HIT from Backend
...393 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: chat6.ps
Referer: http://www.google.com/search?q=chat6.ps
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: chat6.ps
Referer: http://www.google.com/search?q=chat6.ps
Result:
The result is similar to the first query. There are no suspicious redirects found.
Scanned pages/files
| Request | Server response | Status |
http://chat6.ps/ | HTTP/1.1 301 Moved Permanently Connection: close Date: Thu, 18 Dec 2014 00:42:30 GMT Location: http://www.chat6.ps/ Server: nginx admin Content-Length: 393 Content-Type: text/html; charset=iso-8859-1 X-Cache: HIT from Backend | clean |
http://www.chat6.ps/ | 200 OK Content-Length: 109942 Content-Type: text/html | clean |
http://www.chat6.ps/js/jquery-1.7.1.min.js | 200 OK Content-Length: 93868 Content-Type: application/javascript | clean |
http://chat6.ps/javascript.js | HTTP/1.1 301 Moved Permanently Connection: close Date: Thu, 18 Dec 2014 00:42:33 GMT Location: http://www.chat6.ps/javascript.js Server: nginx admin Content-Length: 406 Content-Type: text/html; charset=iso-8859-1 | clean |
http://www.chat6.ps/javascript.js | 200 OK Content-Length: 5427 Content-Type: application/x-javascript | clean |
http://chat6.ps/styles/silver/slides.min.jquery.js | 200 OK Content-Length: 18433 Content-Type: application/javascript | clean |
http://chat6.ps/js/scrollup.js | 200 OK Content-Length: 2452 Content-Type: application/javascript | clean |
http://chat6.ps/js/tooltip.js | 200 OK Content-Length: 864 Content-Type: application/javascript | clean |
http://67.228.165.200/DigiChat/jsf/mltak.js | 200 OK Content-Length: 271 Content-Type: application/x-javascript | clean |
http://67.228.167.75/DigiChat/jsf/la7en3.js | 200 OK Content-Length: 274 Content-Type: application/x-javascript | clean |
http://174.37.30.23/DigiChat/jsf/Default.js | 200 OK Content-Length: 269 Content-Type: application/x-javascript | clean |
http://chat6.ps/cat1-%D8%BA%D8%B1%D8%A7%D8%A6%D8%A8-%D9%88%D8%B9%D8%AC%D8%A7%D8%A6%D8%A8 | HTTP/1.1 301 Moved Permanently Connection: close Date: Thu, 18 Dec 2014 00:42:36 GMT Location: http://www.chat6.ps/cat1-%d8%ba%d8%b1%d8%a7%d8%a6%d8%a8-%d9%88%d8%b9%d8%ac%d8%a7%d8%a6%d8%a8 Server: nginx admin Content-Length: 465 Content-Type: text/html; charset=iso-8859-1 X-Cache: HIT from Backend | clean |
http://www.chat6.ps/cat1-%d8%ba%d8%b1%d8%a7%d8%a6%d8%a8-%d9%88%d8%b9%d8%ac%d8%a7%d8%a6%d8%a8 | 200 OK Content-Length: 85946 Content-Type: text/html | clean |
http://www.chat6.ps/styles/silver/slides.min.jquery.js | 200 OK Content-Length: 18433 Content-Type: application/javascript | clean |
http://chat6.ps/cat2-%D9%82%D8%B3%D9%85-%D8%A7%D9%84%D8%A7%D8%BA%D8%A7%D9%86%D9%8A-%D9%88%D8%A7%D9%84%D9%81%D9%8A%D8%AF%D9%8A%D9%88-youtube | HTTP/1.1 301 Moved Permanently Connection: close Date: Thu, 18 Dec 2014 00:42:38 GMT Location: http://www.chat6.ps/cat2-%d9%82%d8%b3%d9%85-%d8%a7%d9%84%d8%a7%d8%ba%d8%a7%d9%86%d9%8a-%d9%88%d8%a7%d9%84%d9%81%d9%8a%d8%af%d9%8a%d9%88-youtube Server: nginx admin Content-Length: 516 Content-Type: text/html; charset=iso-8859-1 X-Cache: HIT from Backend | clean |
http://www.chat6.ps/cat2-%d9%82%d8%b3%d9%85-%d8%a7%d9%84%d8%a7%d8%ba%d8%a7%d9%86%d9%8a-%d9%88%d8%a7%d9%84%d9%81%d9%8a%d8%af%d9%8a%d9%88-youtube | 200 OK Content-Length: 83253 Content-Type: text/html | clean |
http://www.chat6.ps/js/scrollup.js | 200 OK Content-Length: 2452 Content-Type: application/javascript | clean |
http://chat6.ps/cat3-%D9%82%D9%84%D9%88%D8%A8-%D8%AD%D8%A7%D8%A6%D8%B1%D8%A9 | HTTP/1.1 301 Moved Permanently Connection: close Date: Thu, 18 Dec 2014 00:42:40 GMT Location: http://www.chat6.ps/cat3-%d9%82%d9%84%d9%88%d8%a8-%d8%ad%d8%a7%d8%a6%d8%b1%d8%a9 Server: nginx admin Content-Length: 453 Content-Type: text/html; charset=iso-8859-1 X-Cache: HIT from Backend | clean |
http://www.chat6.ps/cat3-%d9%82%d9%84%d9%88%d8%a8-%d8%ad%d8%a7%d8%a6%d8%b1%d8%a9 | 200 OK Content-Length: 78718 Content-Type: text/html | clean |
http://www.chat6.ps/js/tooltip.js | 200 OK Content-Length: 864 Content-Type: application/javascript | clean |
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=chat6.ps
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://chat6.ps/
Result: chat6.ps is not infected or malware details are not published yet.
Result: chat6.ps is not infected or malware details are not published yet.