Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: dctire.com
Result:
HTTP/1.1 200 OK
Cache-Control: pre-check=0, post-check=0, max-age=0
Connection: close
Date: Wed, 10 Dec 2014 13:48:13 GMT
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Expires: 0
Last-Modified: Wed, 10 Dec 2014 13:48:13 GMT
P3P: CP="ALL CURa ADMa DEVa TAIa OUR BUS IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC OTC"
Set-Cookie: PHPSESSID=65eda06566d5e422aa85d0e11bd1364b; path=/; domain=.dctire.com
Set-Cookie: 2a0d2363701f23f8a75028924a3af643=NzguMTU4LjExLjIyNg%3D%3D; expires=Thu, 11-Dec-2014 13:48:13 GMT; path=/; domain=.dctire.com
X-Powered-By: PHP/5.2.9p2
GET / HTTP/1.1
Host: dctire.com
Result:
HTTP/1.1 200 OK
Cache-Control: pre-check=0, post-check=0, max-age=0
Connection: close
Date: Wed, 10 Dec 2014 13:48:13 GMT
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Expires: 0
Last-Modified: Wed, 10 Dec 2014 13:48:13 GMT
P3P: CP="ALL CURa ADMa DEVa TAIa OUR BUS IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC OTC"
Set-Cookie: PHPSESSID=65eda06566d5e422aa85d0e11bd1364b; path=/; domain=.dctire.com
Set-Cookie: 2a0d2363701f23f8a75028924a3af643=NzguMTU4LjExLjIyNg%3D%3D; expires=Thu, 11-Dec-2014 13:48:13 GMT; path=/; domain=.dctire.com
X-Powered-By: PHP/5.2.9p2
Second query (visit from search engine):
GET / HTTP/1.1
Host: dctire.com
Referer: http://www.google.com/search?q=dctire.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: dctire.com
Referer: http://www.google.com/search?q=dctire.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Scanned pages/files
Request | Server response | Status |
http://dctire.com/ | 200 OK Content-Length: 43965 Content-Type: text/html | clean |
http://dctire.com/js/jquery-1.8.3.min.js | 200 OK Content-Length: 44552 Content-Type: application/javascript | clean |
http://dctire.com/js/jquery.menu.js | 200 OK Content-Length: 2930 Content-Type: application/javascript | clean |
http://dctire.com/js/common.js | 200 OK Content-Length: 13782 Content-Type: application/javascript | clean |
http://dctire.com/js/wrest.js | 200 OK Content-Length: 11096 Content-Type: application/javascript | clean |
http://dctire.com/js/scroll_oldie.js | 200 OK Content-Length: 1239 Content-Type: application/javascript | clean |
http://dctire.com/plugin/webspeech/webspeech.js | 200 OK Content-Length: 6708 Content-Type: application/javascript | clean |
http://dctire.com/plugin/main-slider/ui.js | 200 OK Content-Length: 5419 Content-Type: application/javascript | clean |
http://dctire.com/js/tab.js | 200 OK Content-Length: 1368 Content-Type: application/javascript | clean |
http://wcs.naver.net/wcslog.js | 200 OK Content-Length: 16780 Content-Type: application/javascript | clean |
http://dctire.com/shop/list.php?ca_id=100b | 200 OK Content-Length: 44529 Content-Type: text/html | clean |
http://dctire.com/js/jquery.shop_top.menu.js | 200 OK Content-Length: 3633 Content-Type: application/javascript | clean |
http://dctire.com/js/jquery.shop.menu.js | 200 OK Content-Length: 2219 Content-Type: application/javascript | clean |
http://dctire.com/js/kakao.link.js | 200 OK Content-Length: 3164 Content-Type: application/javascript | clean |
http://dctire.com/js/shop.list.js | 200 OK Content-Length: 2799 Content-Type: application/javascript | clean |
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=dctire.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://dctire.com/
Result: dctire.com is not infected or malware details are not published yet.
Result: dctire.com is not infected or malware details are not published yet.