Malicious/Suspicious Redirects
Request | Server response | Status |
URL: http://www.dm-ural.ru/ (imitation of visitor from search engine) GET / HTTP/1.1 Host: www.dm-ural.ru Referer: http://www.google.com/search?q=redirect+check1 | HTTP/1.1 302 Found Connection: close Date: Sun, 31 Aug 2014 08:37:48 GMT Location: http://bitly.com/STTMlN Server: Apache/2.2.8 (ASPLinux) Content-Length: 284 Content-Type: text/html; charset=iso-8859-1 | malicious |
URL: http://bitly.com/STTMlN (imitation of visitor from search engine) GET /STTMlN HTTP/1.1 Host: bitly.com Referer: http://www.google.com/search?q=redirect+check2 | HTTP/1.1 301 Moved Permanently Cache-Control: private; max-age=90 Connection: close Date: Sun, 31 Aug 2014 09:27:20 GMT Location: http://goo.gl/0rXySb Server: nginx Content-Length: 112 Content-Type: text/html; charset=utf-8 Mime-Version: 1.0 Set-Cookie: _bit=5402ea78-00194-04109-2f1cf10a;domain=.bitly.com;expires=Fri Feb 27 09:27:20 2015;path=/; HttpOnly | malicious |
URL: http://goo.gl/0rXySb (imitation of visitor from search engine) GET /0rXySb HTTP/1.1 Host: goo.gl Referer: http://www.google.com/search?q=redirect+check3 | HTTP/1.1 301 Moved Permanently Cache-Control: no-cache, no-store, max-age=0, must-revalidate Connection: close Date: Sun, 31 Aug 2014 09:27:20 GMT Pragma: no-cache Location: http://sh.oowoo.ru/redsh.php Server: GSE Content-Type: text/html; charset=UTF-8 Expires: Fri, 01 Jan 1990 00:00:00 GMT Alternate-Protocol: 80:quic X-Content-Type-Options: nosniff X-Frame-Options: SAMEORIGIN X-XSS-Protection: 1; mode=block | malicious |
URL: http://sh.oowoo.ru/redsh.php (imitation of visitor from search engine) GET /redsh.php HTTP/1.1 Host: sh.oowoo.ru Referer: http://www.google.com/search?q=redirect+check4 | HTTP/1.1 302 Found Connection: close Date: Sun, 31 Aug 2014 09:26:11 GMT Location: http://hotzone2nn.com/sexgospital/?sid=269188418 Server: nginx/1.0.15 Content-Length: 0 Content-Type: text/html; charset=CP1251 X-Powered-By: PHP/5.2.17 | suspicious |
URL: http://hotzone2nn.com/sexgospital/?sid=269188418 (imitation of visitor from search engine) GET /sexgospital/?sid=269188418 HTTP/1.1 Host: hotzone2nn.com Referer: http://www.google.com/search?q=redirect+check5 | HTTP/1.1 302 Found Cache-Control: max-age=259200 Connection: close Date: Sun, 31 Aug 2014 09:27:21 GMT Pragma: no-cache Location: http://hotzonepqnn.info/sexgospital?sid=269188418 Server: nginx/1.0.14 Content-Length: 0 Content-Type: text/html; charset=utf-8 Expires: Wed, 03 Sep 2014 09:27:21 GMT Set-Cookie: PHPSESSID=ku9afcd4tabhk5r3ur8tfe7816; path=/ X-Powered-By: PHP/5.3.10 | suspicious |
Scanned pages/files
Request | Server response | Status |
http://www.dm-ural.ru/ | 500 Internal Server Error Content-Length: 14295 Content-Type: text/html | clean |
http://ajax.googleapis.com/ajax/libs/jquery/1.4/jquery.min.js | 200 OK Content-Length: 78601 Content-Type: text/javascript | clean |
http://www.dm-ural.ru/fancy/jquery.mousewheel-3.0.4.pack.js | 200 OK Content-Length: 1279 Content-Type: application/x-javascript | clean |
http://www.dm-ural.ru/fancy/jquery.fancybox-1.3.4.pack.js | 200 OK Content-Length: 15624 Content-Type: application/x-javascript | clean |
http://www.dm-ural.ru//mc.yandex.ru/metrika/watch.js/ | 200 OK Content-Length: 0 Content-Type: text/html | clean |
http://www.dm-ural.ru/test404page.js | 200 OK Content-Length: 0 Content-Type: text/html | clean |
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=dm-ural.ru
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://dm-ural.ru/
Result: dm-ural.ru is not infected or malware details are not published yet.
Result: dm-ural.ru is not infected or malware details are not published yet.