Malicious/Suspicious Redirects
Request | Server response | Status |
URL: http://hehehehehe.com/ (imitation of visitor from search engine) GET / HTTP/1.1 Host: hehehehehe.com Referer: http://www.google.com/search?q=redirect+check1 | HTTP/1.1 302 Found Cache-Control: private Date: Thu, 05 Jun 2014 03:01:22 GMT Location: http://searchresultsguide.com/?dn=hehehehehe.com&pid=9PO7995CQ Server: Microsoft-IIS/7.5 Content-Length: 183 Content-Type: text/html; charset=utf-8 P3P: CP="CURa ADMa DEVa PSAo PSDo IVAo IVDo OUR BUS DSP NON COR" Set-Cookie: OptVals=FEED=1&DEST=11&ABOPT=0&TEMPL=765; path=/ Set-Cookie: clid=dom07b50104a46a994fdef70ccd8ba1a; expires=Sun, 02-Jun-2024 03:01:23 GMT; path=/ Set-Cookie: keyword=hehehehehe.com; path=/ Set-Cookie: isp=uab consil; expires=Thu, 19-Jun-2014 03:01:23 GMT; path=/ Set-Cookie: sid=481c6153-c228-4183-beb8-bdaaec7ee7d9; path=/ Set-Cookie: dsp=0; path=/ X-AspNet-Version: 4.0.30319 X-Powered-By: ASP.NET | malicious |
Scanned pages/files
Request | Server response | Status |
http://hehehehehe.com/ | 200 OK Content-Length: 22816 Content-Type: text/html | clean |
http://hehehehehe.com/?tmp=domain_inquiry_form | HTTP/1.1 302 Found Cache-Control: private Date: Thu, 05 Jun 2014 03:01:24 GMT Location: http://searchresultsguide.com/?dn=hehehehehe.com&pid=9PO7995CQ Server: Microsoft-IIS/7.5 Content-Length: 183 Content-Type: text/html; charset=utf-8 P3P: CP="CURa ADMa DEVa PSAo PSDo IVAo IVDo OUR BUS DSP NON COR" Set-Cookie: OptVals=FEED=6&DEST=11&ABOPT=0&TEMPL=1141; path=/ Set-Cookie: clid=dom4a434da2d468ebd794d615ab2f651; expires=Sun, 02-Jun-2024 03:01:24 GMT; path=/ Set-Cookie: keyword=hehehehehe.com; path=/ Set-Cookie: isp=uab consil; expires=Thu, 19-Jun-2014 03:01:24 GMT; path=/ Set-Cookie: sid=43a9f649-6017-4a6d-a701-5dc36cddc941; path=/ Set-Cookie: dsp=0; path=/ X-AspNet-Version: 4.0.30319 X-Powered-By: ASP.NET | clean |
http://searchresultsguide.com/?dn=hehehehehe.com&pid=9po7995cq | 200 OK Content-Length: 2457 Content-Type: text/html | clean |
http://searchresultsguide.com/?dn=hehehehehe.com&fp=FZTObcHvz%2FAoqTpOJkaViDWBPGV2PqGNAS359%2BbdNjRfLDkUgWS%2BesByAUmVVzDpX%2BN6IAdd4TEQGPGE3EVS1w%3D%3D&prvtof=GH%2Fd%2BPeQ3VsYaK%2BxpanNbJJ%2FiG35tm93%2FziAnO0uzK4%3D&poru=lJv1m39n%2FuNs29pIvqmuH4MD8utq67zYGBBeNcBTq4FxbqjkdZjN%2BUXqV4oviPj7Pelu7RToxlDpspHn5TaHTQm87Vh%2FjJp3IU74fnkPwJ0%3D& | 200 OK Content-Length: 271 Content-Type: text/html | clean |
http://searchresultsguide.com/test404page.js | 200 OK Content-Length: 271 Content-Type: text/html | clean |
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=hehehehehe.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://hehehehehe.com/
Result: hehehehehe.com is not infected or malware details are not published yet.
Result: hehehehehe.com is not infected or malware details are not published yet.