Malicious/Suspicious Redirects
Request | Server response | Status |
URL: http://era-vodoleya.info/ (imitation of visitor from search engine) GET / HTTP/1.1 Host: era-vodoleya.info Referer: http://www.google.com/search?q=redirect+check1 | HTTP/1.1 301 Moved Permanently Connection: close Date: Mon, 14 Apr 2014 00:17:08 GMT Location: http://mywifeishappy.com/ Server: nginx/1.2.9 Vary: Accept-Encoding Content-Length: 322 Content-Type: text/html; charset=iso-8859-1 | malicious |
URL: http://mywifeishappy.com/ (imitation of visitor from search engine) GET / HTTP/1.1 Host: mywifeishappy.com Referer: http://www.google.com/search?q=redirect+check2 | HTTP/1.1 302 Found Connection: close Date: Mon, 14 Apr 2014 00:17:08 GMT Location: http://medicalwki.com Server: nginx Vary: Accept-Encoding,User-Agent Content-Length: 0 Content-Type: text/html; charset=UTF-8 X-Powered-By: PHP/5.3.28 | suspicious |
Scanned pages/files
Request | Server response | Status |
http://era-vodoleya.info/ | 200 OK Content-Length: 73187 Content-Type: text/html | suspicious |
Suspicious code. Script contains iFrame. (function(){ var D=new Date(),d=document,b='body',ce='createElement',ac='appendChild',st='style',ds='display',n='none',gi='getElementById'; var i=d[ce]('iframe');i[st][ds]=n;d[gi]("MarketGidScriptRootC562032")[ac](i);try{var iw=i.contentWindow.document;iw.open();iw.writeln("<ht"+"ml><bo"+"dy></bo"+"dy></ht"+"ml>");iw.close();var c=iw[b];} catch(e){var iw=d;var c=d[gi]("MarketGidScriptRootC562032");}var dv=iw[ce]('div');dv.id="MG_ID";dv[st][ds]=n;dv.innerHTML=562032;c[ac](dv); var s=iw[ce]('script');s.async='async';s.defer='defer';s.charset='utf-8';s.src="//jsc.marketgid.com/e/r/era-vodoleya.info.562032.js?t="+D.getYear()+D.getMonth()+D.getDate()+D.getHours();c[ac](s);})(); | ||
http://era-vodoleya.info/plugins/system/cdscriptegrator/libraries/highslide/js/highslide-full.min.js | 200 OK Content-Length: 70775 Content-Type: application/x-javascript | clean |
http://era-vodoleya.info/plugins/system/cdscriptegrator/libraries/jquery/js/jquery-1.4.2.min.js | 200 OK Content-Length: 72328 Content-Type: application/x-javascript | clean |
http://era-vodoleya.info/plugins/system/cdscriptegrator/libraries/jquery/js/jquery-noconflict.js | 200 OK Content-Length: 20 Content-Type: application/x-javascript | clean |
http://era-vodoleya.info/plugins/system/cdscriptegrator/libraries/jquery/js/ui/jquery-ui-1.8.4.custom.min.js | 200 OK Content-Length: 202965 Content-Type: application/x-javascript | clean |
http://era-vodoleya.info/modules/mod_hxdmoomenu/assets/js/hxdmoomenu.js | 200 OK Content-Length: 1891 Content-Type: application/x-javascript | clean |
http://era-vodoleya.info/modules/mod_hxdmoomenu/assets/js/mootools.bgiframe.js | 200 OK Content-Length: 964 Content-Type: application/x-javascript | clean |
http://era-vodoleya.info/templates/mediaplate/js/s5_effects.js | 200 OK Content-Length: 268 Content-Type: application/x-javascript | clean |
http://era-vodoleya.info/templates/mediaplate/js/lytebox.js | 200 OK Content-Length: 39098 Content-Type: application/x-javascript | clean |
http://userapi.com/js/api/openapi.js?49 | 200 OK Content-Length: 63942 Content-Type: application/x-javascript | clean |
http://era-vodoleya.info//pagead2.googlesyndication.com/pagead/js/adsbygoogle.js/ | HTTP/1.1 302 Found Connection: close Date: Mon, 14 Apr 2014 00:17:14 GMT Location: http://mywifeishappy.com/ Server: nginx/1.2.9 Vary: Accept-Encoding Content-Length: 298 Content-Type: text/html; charset=iso-8859-1 | clean |
http://mywifeishappy.com/ | HTTP/1.1 302 Found Connection: close Date: Mon, 14 Apr 2014 00:17:14 GMT Location: http://medicalwki.com Server: nginx Vary: Accept-Encoding,User-Agent Content-Length: 0 Content-Type: text/html; charset=UTF-8 X-Powered-By: PHP/5.3.28 | clean |
http://medicalwki.com/ | 500 timeout Content-Length: 30 Content-Type: text/plain | clean |
http://medicalwki.com/test404page.js | 500 timeout Content-Length: 30 Content-Type: text/plain | clean |
http://counter.rambler.ru/top100.jcn?2934966 | 200 OK Content-Length: 6853 Content-Type: application/x-javascript | clean |
http://era-vodoleya.info//yandex.st/share/share.js/ | HTTP/1.1 302 Found Connection: close Date: Mon, 14 Apr 2014 00:17:25 GMT Location: http://mywifeishappy.com/ Server: nginx/1.2.9 Vary: Accept-Encoding Content-Length: 298 Content-Type: text/html; charset=iso-8859-1 | clean |
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=era-vodoleya.info
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://era-vodoleya.info/
Result: era-vodoleya.info is not infected or malware details are not published yet.
Result: era-vodoleya.info is not infected or malware details are not published yet.