Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: ir-dl.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Sat, 30 Aug 2014 11:41:47 GMT
Server: LiteSpeed
Content-Type: text/html; charset=UTF-8
X-LiteSpeed-Cache: hit
X-Pingback: http://ir-dl.com/xmlrpc.php
GET / HTTP/1.1
Host: ir-dl.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Sat, 30 Aug 2014 11:41:47 GMT
Server: LiteSpeed
Content-Type: text/html; charset=UTF-8
X-LiteSpeed-Cache: hit
X-Pingback: http://ir-dl.com/xmlrpc.php
Second query (visit from search engine):
GET / HTTP/1.1
Host: ir-dl.com
Referer: http://www.google.com/search?q=ir-dl.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: ir-dl.com
Referer: http://www.google.com/search?q=ir-dl.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Scanned pages/files
| Request | Server response | Status |
http://ir-dl.com/ | 200 OK Content-Length: 214512 Content-Type: text/html | clean |
http://ir-dl.com/wp-content/themes/ir-dl-zabetedit/files/scripts/jquery.js | 200 OK Content-Length: 72174 Content-Type: application/javascript | clean |
http://ir-dl.com/wp-content/themes/ir-dl-zabetedit/files/scripts/java.js | 200 OK Content-Length: 1115 Content-Type: application/javascript | clean |
http://ir-dl.com/wp-content/themes/ir-dl-zabetedit/files/scripts/tooltipsy.min.js | 200 OK Content-Length: 3479 Content-Type: application/javascript | clean |
http://ir-dl.com/wp-content/themes/ir-dl-zabetedit/files/scripts/jquery-nivo-slider.js | 200 OK Content-Length: 12210 Content-Type: application/javascript | clean |
http://ir-dl.com/wp-includes/js/jquery/jquery.js?ver=1.10.2 | 200 OK Content-Length: 93085 Content-Type: application/javascript | clean |
http://ir-dl.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.2.1 | 200 OK Content-Length: 7200 Content-Type: application/javascript | clean |
http://ir-dl.com/wp-content/plugins/quotes-collection/quotes-collection.js?ver=3.6.1 | 200 OK Content-Length: 2309 Content-Type: application/javascript | clean |
http://ir-dl.com/wp-content/plugins/tadbirpars_slider/root_files/scripts/jquery-nivo-slider.js?ver=3.6.1 | 200 OK Content-Length: 12379 Content-Type: application/javascript | clean |
http://ir-dl.com/wp-content/themes/ir-dl-zabetedit/files/scripts/jcarousel.js | 200 OK Content-Length: 15650 Content-Type: application/javascript | clean |
http://ir-dl.com/category/anti-viroos-update/ | 200 OK Content-Length: 220682 Content-Type: text/html | clean |
http://ir-dl.com/category/anti-viroos-update/offline-update/ | 200 OK Content-Length: 216086 Content-Type: text/html | clean |
http://ir-dl.com/category/anti-viroos-update/offline-update/avast/ | 200 OK Content-Length: 161869 Content-Type: text/html | clean |
http://ir-dl.com/category/anti-viroos-update/offline-update/avg-offlinr/ | 200 OK Content-Length: 161969 Content-Type: text/html | clean |
http://ir-dl.com/category/anti-viroos-update/offline-update/avira-offline/ | 200 OK Content-Length: 166882 Content-Type: text/html | clean |
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=ir-dl.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://ir-dl.com/
Result: ir-dl.com is not infected or malware details are not published yet.
Result: ir-dl.com is not infected or malware details are not published yet.