Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: hotvsnot.info
Result:
GET / HTTP/1.1
Host: hotvsnot.info
Result:
Second query (visit from search engine):
GET / HTTP/1.1
Host: hotvsnot.info
Referer: http://www.google.com/search?q=hotvsnot.info
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: hotvsnot.info
Referer: http://www.google.com/search?q=hotvsnot.info
Result:
The result is similar to the first query. There are no suspicious redirects found.
Scanned pages/files
| Request | Server response | Status |
http://www.hotvsnot.info/ | 200 OK Content-Length: 69295 Content-Type: text/html | clean |
http://www.hotvsnot.info/wp-content/themes/hotvsnot3/jquery.js?ver=3.9.2 | 200 OK Content-Length: 92792 Content-Type: text/javascript | clean |
http://www.hotvsnot.info/wp-content/themes/hotvsnot3/script.js?ver=3.9.2 | 200 OK Content-Length: 40997 Content-Type: text/javascript | clean |
http://www.hotvsnot.info/wp-content/themes/hotvsnot3/script.responsive.js?ver=3.9.2 | 200 OK Content-Length: 16097 Content-Type: text/javascript | clean |
http://ads.juicyads.com/jsclients/jam_min.js | 200 OK Content-Length: 21397 Content-Type: application/x-javascript | clean |
http://ads.juicyads.com/jsclients/jac.js | 200 OK Content-Length: 91344 Content-Type: application/x-javascript | clean |
http://adserver.juicyads.com/js/jfc.js | 200 OK Content-Length: 1197 Content-Type: application/x-javascript | clean |
http://adspaces.ero-advertising.com/adspace/256754.js | 200 OK Content-Length: 2068 Content-Type: application/javascript | clean |
http://ads.adxpansion.com/public/js/showads.php?zone_id=80802&ver=1&type=imbox&style=blue01 | 200 OK Content-Length: 7584 Content-Type: text/javascript | clean |
http://adspaces.ero-advertising.com/adspace/256751.js | 200 OK Content-Length: 1822 Content-Type: application/javascript | clean |
http://www.hotvsnot.info//assets.pinterest.com/js/pinit.js/ | HTTP/1.1 302 Moved Temporarily Cache-Control: no-cache, must-revalidate, max-age=0 Connection: close Date: Mon, 15 Sep 2014 04:04:30 GMT Pragma: no-cache Location: http://connexionsecure.com/go/gQ0i_bztSX/DEFAULT Server: Apache/2.2.15 (CentOS) Vary: Cookie Content-Length: 0 Content-Type: text/html; charset=UTF-8 Expires: Wed, 11 Jan 1984 05:00:00 GMT X-Powered-By: PHP/5.4.32 | clean |
http://connexionsecure.com/go/gq0i_bztsx/default | HTTP/1.1 301 Moved Permanently Cache-Control: no-cache Connection: close Date: Mon, 15 Sep 2014 04:05:32 GMT Location: http://connexionsecure.com/go/gq0i_bztsx/default/ Server: nginx Content-Type: text/html; charset=UTF-8 Set-Cookie: SERVERID=cm-web-lp1; path=/ X-Powered-By: PHP/5.4.28 | clean |
http://connexionsecure.com/go/gq0i_bztsx/default/ | HTTP/1.1 302 Found Cache-Control: must-revalidate, no-cache, no-store, post-check=0, pre-check=0, private Connection: close Date: Mon, 15 Sep 2014 04:05:32 GMT Location: /back?token=L_bqvyk&tracker=default Server: nginx Content-Type: text/html; charset=UTF-8 Set-Cookie: SERVERID=cm-web-ext02; path=/ X-Powered-By: PHP/5.4.32 | clean |
http://connexionsecure.com/back?token=l_bqvyk&tracker=default | HTTP/1.1 302 Found Cache-Control: no-cache Connection: close Date: Mon, 15 Sep 2014 04:05:33 GMT Location: http://asiafind.com/go/p301686.sub1.223.LT.5141.default?lang=chinese&show_lang=chinese&token=dvB1_cHK41&tracker=default Server: nginx Content-Type: text/html; charset=UTF-8 Set-Cookie: cr_UID=78.158.11.2266b7f13b6bb4f5d90f906c38689913e88; expires=Sun, 04-Sep-2016 04:05:32 GMT Set-Cookie: PHPSESSID=bdmd33nv54glcp131a57j0l3n5; path=/ Set-Cookie: SERVERID=cm-web-lp2; path=/ X-Powered-By: PHP/5.4.28 | clean |
http://asiafind.com/go/p301686.sub1.223.lt.5141.default?lang=chinese&show_lang=chinese&token=dvb1_chk41&tracker=default | 200 OK Content-Length: 47939 Content-Type: text/html | clean |
http://graphics2.asiafind.com/images/common/js/jquery/jquery-1.5.1.min.js | 200 OK Content-Length: 85260 Content-Type: application/x-javascript | clean |
http://www.hotvsnot.info/images/common/js/chinese_statedropdown_utf8.js | HTTP/1.1 302 Moved Temporarily Cache-Control: no-cache, must-revalidate, max-age=0 Connection: close Date: Mon, 15 Sep 2014 04:04:35 GMT Pragma: no-cache Location: http://connexionsecure.com/go/gQ0i_bztSX/DEFAULT Server: Apache/2.2.15 (CentOS) Vary: Cookie Content-Length: 0 Content-Type: text/html; charset=UTF-8 Expires: Wed, 11 Jan 1984 05:00:00 GMT X-Powered-By: PHP/5.4.32 | clean |
http://connexionsecure.com/test404page.js | 404 Not Found Content-Length: 2321 Content-Type: text/html | clean |
http://www.hotvsnot.info/wp-content/plugins/shutter-reloaded//shutter-reloaded.js?ver=2.5 | HTTP/1.1 302 Moved Temporarily Cache-Control: no-cache, must-revalidate, max-age=0 Connection: close Date: Mon, 15 Sep 2014 04:04:36 GMT Pragma: no-cache Location: http://connexionsecure.com/go/gQ0i_bztSX/DEFAULT Server: Apache/2.2.15 (CentOS) Vary: Cookie Content-Length: 0 Content-Type: text/html; charset=UTF-8 Expires: Wed, 11 Jan 1984 05:00:00 GMT X-Powered-By: PHP/5.4.32 | clean |
http://ads.adxpansion.com/public/js/showads.php?zone_id=112746&ver=1&type=margin&position=left&site_alignment=center&site_width=1030 | 200 OK Content-Length: 14838 Content-Type: text/javascript | clean |
http://cdn.popcash.net/pop.js | 200 OK Content-Length: 2863 Content-Type: application/x-javascript | clean |
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=hotvsnot.info
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://hotvsnot.info/
Result: hotvsnot.info is not infected or malware details are not published yet.
Result: hotvsnot.info is not infected or malware details are not published yet.