Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=moremale.com
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://moremale.com/ | 200 OK Content-Length: 56785 Content-Type: text/html | clean |
http://www.moremale.com/wp-content/plugins/tubepress/tubepress.js | 200 OK Content-Length: 1049 Content-Type: application/javascript | clean |
http://moremale.com/test404page.js | HTTP/1.1 302 Found Connection: close Date: Thu, 04 Sep 2014 22:15:24 GMT Location: http://reltime2012.ru/frunleh?9 Server: Apache Content-Length: 277 Content-Type: text/html; charset=iso-8859-1 | clean |
http://reltime2012.ru/frunleh?9 | HTTP/1.1 301 Moved Permanently Connection: close Date: Thu, 04 Sep 2014 22:15:27 GMT Location: http://www.reltime2012.ru/frunleh?9 Server: nginx/1.4.1 Content-Length: 323 Content-Type: text/html; charset=iso-8859-1 | clean |
http://www.reltime2012.ru/frunleh?9 | 404 Not Found Content-Length: 1333 Content-Type: text/html | clean |
http://www.reltime2012.ru/ | 200 OK Content-Length: 175143 Content-Type: text/html | clean |
http://www.reltime2012.ru/kredityi.html | 200 OK Content-Length: 108130 Content-Type: text/html | clean |
http://www.reltime2012.ru/kreditnyie-kartyi.html | 200 OK Content-Length: 114530 Content-Type: text/html | clean |
http://www.reltime2012.ru/bizneskredit.html | 200 OK Content-Length: 97099 Content-Type: text/html | clean |
http://www.reltime2012.ru/ipoteka.html | 200 OK Content-Length: 96382 Content-Type: text/html | clean |
http://www.reltime2012.ru/avtokredityi.html | 200 OK Content-Length: 93195 Content-Type: text/html | clean |
http://www.reltime2012.ru/mikrokredityi.html | 200 OK Content-Length: 113027 Content-Type: text/html | clean |
http://www.reltime2012.ru/send/turbozaim_m | HTTP/1.1 301 Moved Permanently Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Connection: close Date: Thu, 04 Sep 2014 22:15:31 GMT Pragma: no-cache Location: http://pxl.leads.su/aff_c?offer_id=381&aff_id=988&pltfm_id=1080783&aff_sub=SU37_www&aff_sub2=%2Fsend%2Fturbozaim_m&aff_sub4=83899&aff_sub5=x&aff_sub3=x Server: nginx/1.4.1 Content-Length: 0 Content-Type: text/html; charset=UTF-8 Expires: Thu, 19 Nov 1981 08:52:00 GMT Set-Cookie: PHPSESSID=69pclt4v5tg978vtu8teaf6t45; path=/ X-Powered-By: PHP/5.3.3 | clean |
http://pxl.leads.su/aff_c?offer_id=381&aff_id=988&pltfm_id=1080783&aff_sub=su37_www&aff_sub2=%2fsend%2fturbozaim_m&aff_sub4=83899&aff_sub5=x&aff_sub3=x | HTTP/1.1 302 OK Cache-Control: no-cache, no-store, must-revalidate Connection: close Date: Thu, 04 Sep 2014 22:15:31 GMT Pragma: no-cache Location: http://turbozaim.ru/form4/?transaction_id=c5952af0d0b3d0d4d9b55ab1841c11a2&utm_source=leads.su&affiliate_id=988&aff_sub=su37_www&aff_sub2=%2Fsend%2Fturbozaim_m&aff_sub4=83899&aff_sub5=x&aff_sub3=x Server: nginx Content-Type: text/html; charset=utf-8 P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT" Set-Cookie: session-click-381=W0KSv55vAEJsqWJzXScPU3VokboQccojJVZmfyLHgQdrLlvDJOE6bEb3qm4OUavi1l6LZGJkEZHJMmVassv5gXKFBBTFPddwK%2BWPuKcln3q5ITydGskWSCcveaKwjkgR%2FMH6s7p9%2F%2F52YZzCCn7ko2TWZYOi3VDTkxa2Oy0y7dAed2GktghV2S%2BXSZsFoT3cPpV44G86IBc8RjX1qZ3tR1GaMR73CwViavVF1bKreu863ewkaA1kL2i4o1q1FtdmEwXWd4lK9dbJiBrJJDf5qg%3D%3D; expires=Sat, 04-Oct-2014 22:15:31 GMT; path=/; httponly | clean |
http://turbozaim.ru/form4/?transaction_id=c5952af0d0b3d0d4d9b55ab1841c11a2&utm_source=leads.su&affiliate_id=988&aff_sub=su37_www&aff_sub2=%2fsend%2fturbozaim_m&aff_sub4=83899&aff_sub5=x&aff_sub3=x | 200 OK Content-Length: 31931 Content-Type: text/html | suspicious |
Suspicious code found <!-- RedHelper --> <script id="rhlpscrtg" type="text/javascript" charset="utf-8" async="async" src="https://web.redhelper.ru/service/main.js?c=turbozaim"> </script> <!--/Redhelper --> <!-- Yandex.Metrika counter --> <script type="text/javascript"> (function (d, w, c) { (w[c] = w[c] || []).push(function() { try { w.yaCounter23392042 = new Ya.Metrika({id:23392042, webviso if (w.opera == "[object Opera]") { d.addEventListener("DOMContentLoaded", f, false); } else { f(); } })(document, window, "yandex_metrika_callbacks"); </script> <noscript> <div><img src="//mc.yandex.ru/watch/23392042" style="position:absolute; left:-9999px;" /></div> </noscript> <!-- /Yandex.Metrika counter --> | ||
http://turbozaim.ru/bitrix/cache/js/s1/turbo_lp3/kernel/kernel.js?1398671219 | 200 OK Content-Length: 300827 Content-Type: application/x-javascript | clean |
http://www.reltime2012.ru/bitrix/templates/turbo/js/jquery.min.js | 404 Not Found Content-Length: 1333 Content-Type: text/html | clean |
http://www.reltime2012.ru/test404page.js | 404 Not Found Content-Length: 1333 Content-Type: text/html | clean |
https://ajax.googleapis.com/ajax/libs/jqueryui/1.9.2/jquery-ui.min.js | 200 OK Content-Length: 237734 Content-Type: text/javascript | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: moremale.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Thu, 04 Sep 2014 22:15:18 GMT
Server: Apache
Content-Type: text/html; charset=UTF-8
X-Died: timeout at scan.pm line 1546.
X-Pingback: http://www.moremale.com/xmlrpc.php
X-Powered-By: PHP/5.2.17
GET / HTTP/1.1
Host: moremale.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Thu, 04 Sep 2014 22:15:18 GMT
Server: Apache
Content-Type: text/html; charset=UTF-8
X-Died: timeout at scan.pm line 1546.
X-Pingback: http://www.moremale.com/xmlrpc.php
X-Powered-By: PHP/5.2.17
Second query (visit from search engine):
GET / HTTP/1.1
Host: moremale.com
Referer: http://www.google.com/search?q=moremale.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: moremale.com
Referer: http://www.google.com/search?q=moremale.com
Result:
The result is similar to the first query. There are no suspicious redirects found.