Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=hmrq.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://hmrq.com/
Result: The website is marked by Yandex as SMS-fraud resource. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Yandex as SMS-fraud resource. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://hmrq.com/ | HTTP/1.1 302 Moved Temporarily Connection: close Date: Sat, 13 Dec 2014 16:16:06 GMT Location: http://hmrq.com?password-protected=login&redirect_to=http%3A%2F%2Fhmrq.com%2F Server: Apache Content-Length: 0 Content-Type: text/html; charset=UTF-8 X-Powered-By: PHP/5.4.35 | clean |
http://hmrq.com?password-protected=login&redirect_to=http%3a%2f%2fhmrq.com%2f/ | 200 OK Content-Length: 2863 Content-Type: text/html | suspicious |
Page code contains blacklisted domain: hmrq.com ...[121 bytes skipped]... t;meta http-equiv="Content-Type" content="text/html; charset=UTF-8" /> <title>Kappa Sigma Brothers - Demo</title> <link rel='stylesheet' id='open-sans-css' href='//fonts.googleapis.com/css?family=Open+Sans%3A300italic%2C400italic%2C600italic%2C300%2C400%2C600&subset=latin%2Clatin-ext&ver=3.8.3' type='text/css' media='all' /> <link rel='stylesheet' id='dashicons-css' href='http://hmrq.com/wp-includes/css/dashicons.min.css?ver=3.8.3' type='text/css' media='all' /> <link rel='stylesheet' id='wp-admin-css' href='http://hmrq.com/wp-admin/css/wp-admin.min.css?ver=3.8.3' type='text/css' media='all' /> <link rel='stylesheet' id='buttons-css' href='http://hmrq.com/wp-includes/css/buttons.min.css?ver=3.8.3' type='text/css' media='all' /> <link rel='stylesheet' id='colors-fresh-css' href='http://hmrq.com/wp-admin/css/colors.min.css?ver=3.8.3' ty ...[2331 bytes skipped]... | ||
http://hmrq.com?password-protected=login&redirect_to=http%3a%2f%2fhmrq.com%2f/test404page.js | 200 OK Content-Length: 2877 Content-Type: text/html | suspicious |
Page code contains blacklisted domain: hmrq.com ...[121 bytes skipped]... t;meta http-equiv="Content-Type" content="text/html; charset=UTF-8" /> <title>Kappa Sigma Brothers - Demo</title> <link rel='stylesheet' id='open-sans-css' href='//fonts.googleapis.com/css?family=Open+Sans%3A300italic%2C400italic%2C600italic%2C300%2C400%2C600&subset=latin%2Clatin-ext&ver=3.8.3' type='text/css' media='all' /> <link rel='stylesheet' id='dashicons-css' href='http://hmrq.com/wp-includes/css/dashicons.min.css?ver=3.8.3' type='text/css' media='all' /> <link rel='stylesheet' id='wp-admin-css' href='http://hmrq.com/wp-admin/css/wp-admin.min.css?ver=3.8.3' type='text/css' media='all' /> <link rel='stylesheet' id='buttons-css' href='http://hmrq.com/wp-includes/css/buttons.min.css?ver=3.8.3' type='text/css' media='all' /> <link rel='stylesheet' id='colors-fresh-css' href='http://hmrq.com/wp-admin/css/colors.min.css?ver=3.8.3' ty ...[2345 bytes skipped]... |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: hmrq.com
Result:
HTTP/1.1 302 Moved Temporarily
Connection: close
Date: Sat, 13 Dec 2014 16:16:06 GMT
Location: http://hmrq.com?password-protected=login&redirect_to=http%3A%2F%2Fhmrq.com%2F
Server: Apache
Content-Length: 0
Content-Type: text/html; charset=UTF-8
X-Powered-By: PHP/5.4.35
...0 bytes of data.
GET / HTTP/1.1
Host: hmrq.com
Result:
HTTP/1.1 302 Moved Temporarily
Connection: close
Date: Sat, 13 Dec 2014 16:16:06 GMT
Location: http://hmrq.com?password-protected=login&redirect_to=http%3A%2F%2Fhmrq.com%2F
Server: Apache
Content-Length: 0
Content-Type: text/html; charset=UTF-8
X-Powered-By: PHP/5.4.35
...0 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: hmrq.com
Referer: http://www.google.com/search?q=hmrq.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: hmrq.com
Referer: http://www.google.com/search?q=hmrq.com
Result:
The result is similar to the first query. There are no suspicious redirects found.