Malicious/Suspicious Redirects
Request | Server response | Status |
URL: http://jclimat.ru/ (imitation of visitor from search engine) GET / HTTP/1.1 Host: jclimat.ru Referer: http://www.google.com/search?q=redirect+check1 | HTTP/1.1 302 Found Connection: close Date: Tue, 27 May 2014 22:41:06 GMT Location: http://alfsystem.com.my/includes/domit/1.php Server: nginx/1.2.1 Vary: Accept-Encoding Content-Length: 0 Content-Type: text/html X-Powered-By: PHP/5.2.17-0.dotdeb.0 | malicious |
URL: http://alfsystem.com.my/includes/domit/1.php (imitation of visitor from search engine) GET /includes/domit/1.php HTTP/1.1 Host: alfsystem.com.my Referer: http://www.google.com/search?q=redirect+check2 | HTTP/1.1 302 Moved Temporarily Connection: close Date: Tue, 27 May 2014 22:41:06 GMT Location: http://www.csra.de/includes/domit/1.php Server: Apache Content-Length: 0 Content-Type: text/html X-Powered-By: PHP/5.3.23 | malicious |
URL: http://www.csra.de/includes/domit/1.php (imitation of visitor from search engine) GET /includes/domit/1.php HTTP/1.1 Host: www.csra.de Referer: http://www.google.com/search?q=redirect+check3 | HTTP/1.1 302 Moved Temporarily Connection: close Date: Tue, 27 May 2014 22:41:07 GMT Location: http://jbtconsultinggroup.com/components/com_user/views/login/tmpl/1/all3.php Server: Apache Content-Length: 0 Content-Type: text/html X-Powered-By: PHP/5.4.28 | malicious |
URL: http://jbtconsultinggroup.com/components/com_user/views/login/tmpl/1/all3.php (imitation of visitor from search engine) GET /components/com_user/views/login/tmpl/1/all3.php HTTP/1.1 Host: jbtconsultinggroup.com Referer: http://www.google.com/search?q=redirect+check4 | HTTP/1.1 302 Moved Temporarily Connection: close Date: Tue, 27 May 2014 22:41:07 GMT Location: http://clickadvert.pw/ir/43/1405/bb6f9350070c37cfe3cd57051b912473/ Server: Apache Vary: Accept-Encoding Content-Length: 0 Content-Type: text/html | suspicious |
Scanned pages/files
Request | Server response | Status |
http://jclimat.ru/ | 200 OK Content-Length: 16269 Content-Type: text/html | clean |
http://jclimat.ru/plugins/system/cdscriptegrator/libraries/jquery/js/jquery-1.4.4.min.js | 200 OK Content-Length: 78601 Content-Type: application/javascript | clean |
http://jclimat.ru/plugins/system/cdscriptegrator/libraries/jquery/js/jquery-noconflict.js | 200 OK Content-Length: 20 Content-Type: application/javascript | clean |
http://jclimat.ru/media/system/js/caption.js | 200 OK Content-Length: 1721 Content-Type: application/javascript | clean |
http://counter.rambler.ru/top100.jcn?2915608 | 200 OK Content-Length: 6853 Content-Type: application/x-javascript | clean |
http://jclimat.ru/vhod_na_sait.html | 200 OK Content-Length: 10981 Content-Type: text/html | clean |
http://jclimat.ru/create-customer-account.html | 200 OK Content-Length: 263092 Content-Type: text/html | clean |
http://jclimat.ru/components/com_virtuemart/fetchscript.php?gzip=0&subdir[0]=/themes/default&file[0]=theme.js&subdir[1]=/js&file[1]=sleight.js&subdir[2]=/js/mootools&file[2]=mootools-release-1.11.js&subdir[3]=/js/mootools&file[3]=mooPrompt.js | 200 OK Content-Length: 56350 Content-Type: text/javascript | clean |
http://jclimat.ru/includes/js/mambojavascript.js | 200 OK Content-Length: 14629 Content-Type: application/javascript | clean |
http://jclimat.ru/index.php | HTTP/1.1 301 Moved Permanently Connection: close Date: Tue, 27 May 2014 22:41:09 GMT Location: http://jclimat.ru/ Server: nginx/1.2.1 Vary: Accept-Encoding Content-Length: 0 Content-Type: text/html P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM" Set-Cookie: cf73125f2ad3224e216b9f6935f9f02c=b92b1d189abf0a79e9a92b233cd6eb84; expires=Thu, 26-Jun-2014 22:41:09 GMT; path=/ X-Powered-By: PHP/5.2.17-0.dotdeb.0 | clean |
http://jclimat.ru/test404page.js | 404 Not Found Content-Length: 212 Content-Type: text/html | clean |
http://jclimat.ru/katalog.html | 200 OK Content-Length: 239795 Content-Type: text/html | clean |
http://jclimat.ru/dostavka.html | 200 OK Content-Length: 12209 Content-Type: text/html | clean |
http://jclimat.ru/montaj.html | 200 OK Content-Length: 16946 Content-Type: text/html | clean |
http://jclimat.ru/o-nas/nasha-kompaniya.html | 200 OK Content-Length: 13179 Content-Type: text/html | clean |
http://jclimat.ru/component/option,com_chronoforms/chronoform,ask_service/ | 200 OK Content-Length: 13741 Content-Type: text/html | clean |
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=jclimat.ru
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://jclimat.ru/
Result: jclimat.ru is not infected or malware details are not published yet.
Result: jclimat.ru is not infected or malware details are not published yet.