Malicious/Suspicious Redirects
Request | Server response | Status |
URL: http://crew-connexion.com/ (imitation of visitor from search engine) GET / HTTP/1.1 Host: crew-connexion.com Referer: http://www.google.com/search?q=redirect+check1 | HTTP/1.1 301 Moved Permanently Connection: close Date: Thu, 28 Aug 2014 20:43:18 GMT Location: http://46.161.41.152/sds/go.php?sid=1 Server: Apache/2.2.27 (Unix) mod_ssl/2.2.27 OpenSSL/1.0.1e-fips mod_bwlimited/1.4 Content-Length: 380 Content-Type: text/html; charset=iso-8859-1 | malicious |
URL: http://46.161.41.152/sds/go.php?sid=1 (imitation of visitor from search engine) GET /sds/go.php?sid=1 HTTP/1.1 Host: 46.161.41.152 Referer: http://www.google.com/search?q=redirect+check2 | HTTP/1.1 302 Found Connection: close Date: Thu, 28 Aug 2014 20:43:25 GMT Referer: http://www.google.com/url?sa=t&rct=j&q=crew-connexion.com&source=web&cd=1&ved=0CDEQFjAG&url=http:%2F%2Fcrew-connexion.com%2F&ei=wC7yT5qCJbCCkQKtnwE&usg=AFQjCNGEeYp3D7uuNLAJxMIVliLyQ9O_Pg Location: http://doctorsro.com/ Server: Apache/2.2.22 (Debian) Vary: Accept-Encoding Content-Length: 0 Content-Type: text/html Set-Cookie: schema1=true; expires=Thu, 04-Sep-2014 20:43:25 GMT Set-Cookie: visited1=1; expires=Thu, 04-Sep-2014 20:43:25 GMT X-Powered-By: PHP/5.4.4-14+deb7u14 | suspicious |
Scanned pages/files
Request | Server response | Status |
http://crew-connexion.com/ | 200 OK Content-Length: 29770 Content-Type: text/html | clean |
http://crew-connexion.com/media/system/js/mootools-core.js | 200 OK Content-Length: 96362 Content-Type: application/javascript | clean |
http://crew-connexion.com/media/system/js/core.js | 200 OK Content-Length: 4784 Content-Type: application/javascript | clean |
http://crew-connexion.com/media/system/js/caption.js | 200 OK Content-Length: 729 Content-Type: application/javascript | clean |
http://crew-connexion.com/media/mod_pwebfblikebox/js/mootools.likebox.js | 200 OK Content-Length: 2313 Content-Type: application/javascript | clean |
http://crew-connexion.com/media/system/js/modal.js | 200 OK Content-Length: 9732 Content-Type: application/javascript | clean |
http://crew-connexion.com/media/system/js/mootools-more.js | 200 OK Content-Length: 238331 Content-Type: application/javascript | clean |
http://crew-connexion.com/plugins/system/jatypo/jatypo/assets/script.js | 200 OK Content-Length: 5110 Content-Type: application/javascript | clean |
http://crew-connexion.com/plugins/system/jcemediabox/js/jcemediabox.js?version=112 | 200 OK Content-Length: 53121 Content-Type: application/javascript | clean |
http://crew-connexion.com/media/modalizer/modals/jquery.min.js | 200 OK Content-Length: 93095 Content-Type: application/javascript | clean |
http://crew-connexion.com/media/modalizer/modals/colorbox/jquery.colorbox-min.js | 200 OK Content-Length: 9984 Content-Type: application/javascript | clean |
http://crew-connexion.com/modules/mod_djimageslider/assets/slider.js | 200 OK Content-Length: 11915 Content-Type: application/javascript | clean |
http://crew-connexion.com/templates/medivisa/scripts/templatejs.js | 200 OK Content-Length: 1044 Content-Type: application/javascript | clean |
http://crew-connexion.com/about-us | HTTP/1.1 302 Found Connection: close Date: Thu, 28 Aug 2014 20:43:30 GMT Location: http://46.161.41.152/sds/go.php?sid=1 Server: Apache/2.2.27 (Unix) mod_ssl/2.2.27 OpenSSL/1.0.1e-fips mod_bwlimited/1.4 Content-Length: 356 Content-Type: text/html; charset=iso-8859-1 | clean |
http://46.161.41.152/sds/go.php?sid=1 | HTTP/1.1 302 Found Connection: close Date: Thu, 28 Aug 2014 20:43:37 GMT Referer: Location: http://doctorsro.com/ Server: Apache/2.2.22 (Debian) Vary: Accept-Encoding Content-Length: 0 Content-Type: text/html Set-Cookie: schema1=true; expires=Thu, 04-Sep-2014 20:43:37 GMT Set-Cookie: visited1=1; expires=Thu, 04-Sep-2014 20:43:37 GMT X-Powered-By: PHP/5.4.4-14+deb7u14 | clean |
http://doctorsro.com/ | 500 Server closed connection without sending any data back Content-Length: 105 Content-Type: text/plain | clean |
http://doctorsro.com/test404page.js | 500 Server closed connection without sending any data back Content-Length: 105 Content-Type: text/plain | clean |
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=crew-connexion.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://crew-connexion.com/
Result: crew-connexion.com is not infected or malware details are not published yet.
Result: crew-connexion.com is not infected or malware details are not published yet.