Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: entertainmentfunfactory.aircus.com
Result:
HTTP/1.1 200 OK
Content-Length: 37542
Content-Type: text/html
...37542 bytes of data.
GET / HTTP/1.1
Host: entertainmentfunfactory.aircus.com
Result:
HTTP/1.1 200 OK
Content-Length: 37542
Content-Type: text/html
...37542 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: entertainmentfunfactory.aircus.com
Referer: http://www.google.com/search?q=entertainmentfunfactory.aircus.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: entertainmentfunfactory.aircus.com
Referer: http://www.google.com/search?q=entertainmentfunfactory.aircus.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Scanned pages/files
| Request | Server response | Status |
http://entertainmentfunfactory.aircus.com/ | 200 OK Content-Length: 37542 Content-Type: text/html | clean |
http://adspserving.com/ads.js | 200 OK Content-Length: 158 Content-Type: application/x-javascript | clean |
http://widget.supercounters.com/map.js | 200 OK Content-Length: 4178 Content-Type: application/javascript | clean |
http://widget.supercounters.com/hit.js | 200 OK Content-Length: 3785 Content-Type: application/javascript | clean |
http://www.freshcontent.net/music_news_feed.php | 500 timeout Content-Length: 30 Content-Type: text/plain | clean |
http://www.freshcontent.net/test404page.js | 500 timeout Content-Length: 30 Content-Type: text/plain | clean |
http://www.reddit.com/r/Music/hot/.embed?limit=10&t=day&bordercolor=FF0000 | 200 OK Content-Length: 17420 Content-Type: text/javascript | clean |
http://www.secretplaceministries.us/hosting/mp3player/contemporarylarge/swfobject.js | 200 OK Content-Length: 6880 Content-Type: application/javascript | clean |
http://www.freshcontent.net/entertainment_news_feed.php | 500 timeout Content-Length: 30 Content-Type: text/plain | clean |
http://ChristianAnswers.Net/spotlight/1kidmovies.js | 200 OK Content-Length: 2466 Content-Type: application/javascript | clean |
http://cdn.widgetserver.com/syndication/subscriber/InsertWidget.js | 500 Can't connect to cdn.widgetserver.com:80 Content-Length: 195 Content-Type: text/plain | clean |
http://www.solidhits.com/cgi-bin/smartsearch/include.cgi?keywords=MP3 downloads, free mp3 downloads, free movies, songs, movies, entertainment news, celebrities, musicians, free video games, video games, games, movie trailers, movie reviews, music reviews, free stuff, royalty-free music, free stuff offers&username=techcoder&desc=1&url=1&cost=1&java=1 | 200 OK Content-Length: 4195 Content-Type: text/html | clean |
http://www.solidhits.com/cgi-bin/smartsearch/go.cgi?u=sssaaxszsmamaasx&k=sxscsfacacsshksksmaoakakzhashszshzzazyssadsdspszhospsxaismznskzhhizvsosaahzhzvaasoahayadhvspaxsxhashsmsxsvsfadsiasamhosnsdayasayzfskzdzoadahavaxsszfsismaaaxsdhnzvszzxhxhkaxsoahsfzhassnazapsyhvhzsdashnzmhdzazyacaxaysisphoapsxsnsksizfskzdhhamsoszzhsxassysmaahhsmspssaasfsvzasssoscahadszacsxhnhvayspadshhzzsznadapsfahzhzkanaxspazh <span>...244 symbols skipped</span> | 500 timeout Content-Length: 30 Content-Type: text/plain | clean |
http://www.solidhits.com/cgi-bin/smartsearch/go.cgi?u=azadahsmaxszayapavaosi&k=sxscsfacacsshksksmaoakakzhashszshzzazyssadsdspszhospsxaismznskzhhizvsosaahzhzvaasoahayadhvspaxsxhashsmsxsvsfadsiasamhosnsdayasayzfskzdzoadahavaxsszfsismaaaxsdhnzvszzxhxhkaxsoahsfzhassnazapsyhvhzsdashnzmhdzazyacaxaysisphoapsxsnsksizfskzdhhamsoszzhsxassysmaahhsmspssaasfsvzasssoscahadszacsxhnhvayspadshhzzsznadapsfahzhzkana <span>...262 symbols skipped</span> | HTTP/1.1 302 Found Connection: close Date: Sun, 14 Dec 2014 04:48:15 GMT Location: http://www.huntnsearch.com Server: Apache/2.2.29 (Unix) mod_ssl/2.2.29 OpenSSL/0.9.8i DAV/2 mod_qos/11.5 mod_bwlimited/1.4 Content-Length: 358 Content-Type: text/html; charset=iso-8859-1 | clean |
http://www.huntnsearch.com/ | 200 OK Content-Length: 17724 Content-Type: text/html | clean |
http://www.HuntNSearch.com/adr/index.php?section=serve&action=5 | 500 Internal Server Error Content-Length: 1263 Content-Type: text/html | clean |
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=entertainmentfunfactory.aircus.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://entertainmentfunfactory.aircus.com/
Result: entertainmentfunfactory.aircus.com is not infected or malware details are not published yet.
Result: entertainmentfunfactory.aircus.com is not infected or malware details are not published yet.