Malicious/Suspicious Redirects
Request | Server response | Status |
URL: http://lavazza-opt.ru/ (imitation of visitor from search engine) GET / HTTP/1.1 Host: lavazza-opt.ru Referer: http://www.google.com/search?q=redirect+check1 | HTTP/1.1 302 Found Connection: close Date: Sun, 22 Jun 2014 20:10:11 GMT Location: http://bitly.com/STTMlN Server: Apache Content-Length: 207 Content-Type: text/html; charset=iso-8859-1 | malicious |
URL: http://bitly.com/STTMlN (imitation of visitor from search engine) GET /STTMlN HTTP/1.1 Host: bitly.com Referer: http://www.google.com/search?q=redirect+check2 | HTTP/1.1 301 Moved Permanently Cache-Control: private; max-age=90 Connection: close Date: Sun, 22 Jun 2014 20:10:15 GMT Location: http://goo.gl/0rXySb Server: nginx Content-Length: 112 Content-Type: text/html; charset=utf-8 Mime-Version: 1.0 Set-Cookie: _bit=53a73827-00197-018cd-251cf10a;domain=.bitly.com;expires=Fri Dec 19 20:10:15 2014;path=/; HttpOnly | malicious |
URL: http://goo.gl/0rXySb (imitation of visitor from search engine) GET /0rXySb HTTP/1.1 Host: goo.gl Referer: http://www.google.com/search?q=redirect+check3 | HTTP/1.1 301 Moved Permanently Cache-Control: no-cache, no-store, max-age=0, must-revalidate Connection: close Date: Sun, 22 Jun 2014 20:10:15 GMT Pragma: no-cache Location: http://sh.oowoo.ru/redsh.php Server: GSE Content-Type: text/html; charset=UTF-8 Expires: Fri, 01 Jan 1990 00:00:00 GMT Alternate-Protocol: 80:quic X-Content-Type-Options: nosniff X-Frame-Options: SAMEORIGIN X-XSS-Protection: 1; mode=block | malicious |
URL: http://sh.oowoo.ru/redsh.php (imitation of visitor from search engine) GET /redsh.php HTTP/1.1 Host: sh.oowoo.ru Referer: http://www.google.com/search?q=redirect+check4 | HTTP/1.1 302 Found Connection: close Date: Sun, 22 Jun 2014 20:04:50 GMT Location: http://bitly.com/1kNQqvM Server: nginx/1.1.10 Content-Length: 0 Content-Type: text/html; charset=cp1251 X-Powered-By: PHP/5.2.17 | malicious |
URL: http://bitly.com/1kNQqvM (imitation of visitor from search engine) GET /1kNQqvM HTTP/1.1 Host: bitly.com Referer: http://www.google.com/search?q=redirect+check5 | HTTP/1.1 301 Moved Permanently Cache-Control: private; max-age=90 Connection: close Date: Sun, 22 Jun 2014 20:10:17 GMT Location: http://bongacams.com/track?c=18000 Server: nginx Content-Length: 126 Content-Type: text/html; charset=utf-8 Mime-Version: 1.0 Set-Cookie: _bit=53a73829-0033a-018cd-251cf10a;domain=.bitly.com;expires=Fri Dec 19 20:10:17 2014;path=/; HttpOnly | suspicious |
URL: http://bongacams.com/track?c=18000 (imitation of visitor from search engine) GET /track?c=18000 HTTP/1.1 Host: bongacams.com Referer: http://www.google.com/search?q=redirect+check6 | HTTP/1.1 302 Found Cache-Control: no-cache Connection: close Date: Sun, 22 Jun 2014 20:10:14 GMT Location: http://bongacash.com/tools/hit.php?c=18000 Server: nginx/1.6.0 Content-Length: 226 Content-Type: text/html; charset=iso-8859-1 Expires: Sun, 22 Jun 2014 20:10:13 GMT | suspicious |
Scanned pages/files
Request | Server response | Status |
http://lavazza-opt.ru/ | 200 OK Content-Length: 20 Content-Type: text/html | clean |
http://lavazza-opt.ru/test404page.js | HTTP/1.1 302 Found Connection: close Date: Sun, 22 Jun 2014 20:10:12 GMT Location: http://bitly.com/STTMlN Server: Apache Content-Length: 207 Content-Type: text/html; charset=iso-8859-1 | clean |
http://bitly.com/sttmln | 404 Not Found Content-Length: 9227 Content-Type: text/html | clean |
http://bitly.com/ | HTTP/1.1 302 Found Connection: close Date: Sun, 22 Jun 2014 20:10:16 GMT Location: https://bitly.com/ Server: nginx Content-Length: 0 Content-Type: text/html; charset=UTF-8 | clean |
https://bitly.com/ | 200 OK Content-Length: 12149 Content-Type: text/html | clean |
https://bitly.com//ajax.googleapis.com/ajax/libs/jquery/1.6.4/jquery.min.js/ | 404 Not Found Content-Length: 9227 Content-Type: text/html | clean |
http://bitly.com/test404page.js | HTTP/1.1 302 Found Connection: close Date: Sun, 22 Jun 2014 20:10:18 GMT Location: https://bitly.com/test404page.js Server: nginx Content-Length: 0 Content-Type: text/html; charset=UTF-8 | clean |
https://bitly.com/test404page.js | 404 Not Found Content-Length: 9227 Content-Type: text/html | clean |
http://bitly.com//d3h5jhobc20ump.cloudfront.net/f85dc948f620c661e54d9a77081899c7.js/ | HTTP/1.1 302 Found Connection: close Date: Sun, 22 Jun 2014 20:10:19 GMT Location: https://bitly.com//d3h5jhobc20ump.cloudfront.net/f85dc948f620c661e54d9a77081899c7.js/ Server: nginx Content-Length: 0 Content-Type: text/html; charset=UTF-8 | clean |
https://bitly.com//d3h5jhobc20ump.cloudfront.net/f85dc948f620c661e54d9a77081899c7.js/ | 404 Not Found Content-Length: 9227 Content-Type: text/html | clean |
http://bitly.com//dl6fh5ptkejqa.cloudfront.net/dccb7a49d1fad39fc5596bdb43937d91.js/ | HTTP/1.1 302 Found Connection: close Date: Sun, 22 Jun 2014 20:10:20 GMT Location: https://bitly.com//dl6fh5ptkejqa.cloudfront.net/dccb7a49d1fad39fc5596bdb43937d91.js/ Server: nginx Content-Length: 0 Content-Type: text/html; charset=UTF-8 | clean |
https://bitly.com//dl6fh5ptkejqa.cloudfront.net/dccb7a49d1fad39fc5596bdb43937d91.js/ | 404 Not Found Content-Length: 9227 Content-Type: text/html | clean |
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=lavazza-opt.ru
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://lavazza-opt.ru/
Result: lavazza-opt.ru is not infected or malware details are not published yet.
Result: lavazza-opt.ru is not infected or malware details are not published yet.