Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: moneyandstamps.com
Result:
GET / HTTP/1.1
Host: moneyandstamps.com
Result:
Second query (visit from search engine):
GET / HTTP/1.1
Host: moneyandstamps.com
Referer: http://www.google.com/search?q=moneyandstamps.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: moneyandstamps.com
Referer: http://www.google.com/search?q=moneyandstamps.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Scanned pages/files
Request | Server response | Status |
http://www.moneyandstamps.com/ | 200 OK Content-Length: 102623 Content-Type: text/html | clean |
http://kkbt.net/pop.js | HTTP/1.1 200 OK Connection: close Date: Tue, 17 Jun 2014 17:06:19 GMT Accept-Ranges: bytes Server: nginx/1.0.15 Content-Length: 528 Content-Type: application/x-javascript Last-Modified: Mon, 16 Dec 2013 12:35:55 GMT Thanks: Welcome to our website! | clean |
http://www.99hphp.com/ | HTTP/1.1 200 OK Cache-Control: max-age=86400 Connection: close Date: Tue, 17 Jun 2014 17:06:20 GMT Accept-Ranges: bytes ETag: "be25aa3e4289cf1:fea" Server: nginx/1.0.15 Content-Length: 8484 Content-Location: http://www.99hphp.com/index.html Content-Type: text/html Last-Modified: Mon, 16 Jun 2014 09:06:22 GMT Thanks: Welcome to our website! | clean |
http://www.99hphp.com/index.html | 200 OK Content-Length: 8484 Content-Type: text/html | clean |
http://ajax.googleapis.com/ajax/libs/jquery/1.7.0/jquery.min.js | 200 OK Content-Length: 94020 Content-Type: text/javascript | clean |
http://kkbt.net/js/jquery.lazyload.js | 200 OK Content-Length: 7629 Content-Type: application/x-javascript | clean |
http://kkbt.net/js/logo.js | 200 OK Content-Length: 2616 Content-Type: application/x-javascript | clean |
http://kkbt.net/js/count.js | 200 OK Content-Length: 492 Content-Type: application/x-javascript | clean |
http://kkbt.net/ | HTTP/1.1 200 OK Cache-Control: max-age=86400 Connection: close Date: Tue, 17 Jun 2014 17:06:22 GMT Accept-Ranges: bytes ETag: "34f5c4384289cf1:fea" Server: nginx/1.0.15 Content-Length: 15098 Content-Location: http://kkbt.net/index.html Content-Type: text/html Last-Modified: Mon, 16 Jun 2014 09:06:13 GMT Thanks: Welcome to our website! | clean |
http://kkbt.net/index.html | 200 OK Content-Length: 15098 Content-Type: text/html | clean |
http://kkbt.net/list/1.html | 200 OK Content-Length: 11763 Content-Type: text/html | clean |
http://kkbt.net/js/config.js | 200 OK Content-Length: 7627 Content-Type: application/x-javascript | clean |
http://kkbt.net/js/layout.js | 200 OK Content-Length: 10496 Content-Type: application/x-javascript | clean |
http://kkbt.net/list/6.html | 200 OK Content-Length: 11604 Content-Type: text/html | clean |
http://kkbt.net/list/7.html | 200 OK Content-Length: 11706 Content-Type: text/html | clean |
http://kkbt.net/list/8.html | 200 OK Content-Length: 11692 Content-Type: text/html | clean |
http://kkbt.net/list/2.html | 200 OK Content-Length: 11236 Content-Type: text/html | clean |
http://kkbt.net/list/3.html | 200 OK Content-Length: 11386 Content-Type: text/html | clean |
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=moneyandstamps.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://moneyandstamps.com/
Result: moneyandstamps.com is not infected or malware details are not published yet.
Result: moneyandstamps.com is not infected or malware details are not published yet.