Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=mp3.ulunix.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://mp3.ulunix.com/
Result: The website is marked by Yandex as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Yandex as suspicious. - visiting this web site may harm your computer.
Details are available here.
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: mp3.ulunix.com
Result:
HTTP/1.1 200 OK
Date: Fri, 03 Oct 2014 05:24:58 GMT
Accept-Ranges: bytes
ETag: "948cc9fcfd8cf1:1c1e"
Server: Microsoft-IIS/6.0
Content-Length: 156573
Content-Location: http://mp3.ulunix.com/index.htm
Content-Type: text/html
Last-Modified: Thu, 25 Sep 2014 14:47:26 GMT
...156573 bytes of data.
GET / HTTP/1.1
Host: mp3.ulunix.com
Result:
HTTP/1.1 200 OK
Date: Fri, 03 Oct 2014 05:24:58 GMT
Accept-Ranges: bytes
ETag: "948cc9fcfd8cf1:1c1e"
Server: Microsoft-IIS/6.0
Content-Length: 156573
Content-Location: http://mp3.ulunix.com/index.htm
Content-Type: text/html
Last-Modified: Thu, 25 Sep 2014 14:47:26 GMT
...156573 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: mp3.ulunix.com
Referer: http://www.google.com/search?q=mp3.ulunix.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: mp3.ulunix.com
Referer: http://www.google.com/search?q=mp3.ulunix.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Scanned pages/files
Request | Server response | Status |
http://mp3.ulunix.com/ | HTTP/1.1 200 OK Date: Fri, 03 Oct 2014 05:24:58 GMT Accept-Ranges: bytes ETag: "948cc9fcfd8cf1:1c1e" Server: Microsoft-IIS/6.0 Content-Length: 156573 Content-Location: http://mp3.ulunix.com/index.htm Content-Type: text/html Last-Modified: Thu, 25 Sep 2014 14:47:26 GMT | clean |
http://mp3.ulunix.com/index.htm | 200 OK Content-Length: 156573 Content-Type: text/html | clean |
http://www.haofbi.com/js/w.js | HTTP/1.1 302 Found Connection: close Date: Fri, 03 Oct 2014 05:23:19 GMT Location: http://sameid.net/limit.html Server: Apache/2.4.6 (Ubuntu) Content-Length: 212 Content-Type: text/html; charset=iso-8859-1 Set-Cookie: uri=%2Fjs%2Fw%2Ejs;Path=/;Max-Age=31536000 Set-Cookie: ref=direct;Path=/;Max-Age=31536000 | clean |
http://sameid.net/limit.html | 200 OK Content-Length: 5359 Content-Type: text/html | clean |
http://s7.addthis.com/js/250/addthis_widget.js | 200 OK Content-Length: 6875 Content-Type: text/javascript | clean |
http://www.haofbi.com/ | 200 OK Content-Length: 3889 Content-Type: text/html | clean |
http://www.haofbi.com/terms.html | 200 OK Content-Length: 12796 Content-Type: text/html | clean |
http://www.haofbi.com/privacy.html | 200 OK Content-Length: 13346 Content-Type: text/html | clean |
http://www.haofbi.com/test404page.js | HTTP/1.1 302 Found Connection: close Date: Fri, 03 Oct 2014 05:23:22 GMT Location: http://sameid.net/limit.html Server: Apache/2.4.6 (Ubuntu) Content-Length: 212 Content-Type: text/html; charset=iso-8859-1 Set-Cookie: uri=%2Ftest404page%2Ejs;Path=/;Max-Age=31536000 Set-Cookie: ref=direct;Path=/;Max-Age=31536000 | clean |
http://sameid.net/test404page.js | 404 Not Found Content-Length: 3296 Content-Type: text/html | clean |
http://sameid.net/ | 200 OK Content-Length: 3889 Content-Type: text/html | clean |
http://sameid.net/terms.html | 200 OK Content-Length: 12796 Content-Type: text/html | clean |
http://sameid.net/privacy.html | 200 OK Content-Length: 13346 Content-Type: text/html | clean |
http://www.haofbi.com/order?plan=pp-premium | HTTP/1.1 302 Found Connection: close Date: Fri, 03 Oct 2014 05:23:26 GMT Location: https://www.paypal.com/cgi-bin/webscr?cmd=_xclick-subscriptions&business=iiveras.lt%40gmail.com&a3=29.99&p3=1&t3=M&src=1&no_note=1&custom=-300-yes-32-e3ac152c&no_shipping=1&return=http%3A%2F%2Fsameid.net%2Fthankyou&rm=2&item_name=SameID%20Premium%20-%20300%20requests%2Fday Server: Apache/2.4.6 (Ubuntu) Content-Length: 501 Content-Type: text/html; charset=iso-8859-1 | clean |
https://www.paypal.com/cgi-bin/webscr?cmd=_xclick-subscriptions&business=iiveras.lt%40gmail.com&a3=29.99&p3=1&t3=m&src=1&no_note=1&custom=-300-yes-32-e3ac152c&no_shipping=1&return=http%3a%2f%2fsameid.net%2fthankyou&rm=2&item_name=sameid%20premium%20-%20300%20requests%2fday | HTTP/1.1 302 Moved Temporarily Connection: close Connection: Transfer-Encoding Date: Fri, 03 Oct 2014 05:23:51 GMT Location: https://www.paypal.com/lt/cgi-bin/webscr?cmd=_flow&SESSION=fbyumVINJ9fw8PbLlzKJHQL_TCdMxYBLXTopFN6CBr8PBNGQbZ_QRYN6ADS&dispatch=5885d80a13c0db1f8e263663d3faee8dbd0a2170b502f343d92a90377a9956d7 Server: Apache Content-Encoding: gzip Content-Type: text/html DC: slc-b-origin-www-2.paypal.com Set-Cookie: cwrClyrK4LoCV1fydGbAxiNL6iG=fp3TTeQHWOQnkyRuxEKP0sw1xyN6xvyhsknsjgECEdb65FCL-3NijgiLO-QdE4McgcDds1oSsV9j7wILhl7V2SqCdFtlSkCl2ghmKInQ92dBGMSQEmOAFsx6zBuZGW6jroF94FExMm1SRBRHvo3Y_aUHx5SDxX96Bc6HA27UN3GV-AnDXxi0YjPiVFIv3laHcJElf8Pflq5w25t7un6JlfCqI_5yLi2xnsb0X20bcmutpzhsoHWZRFoa8skzQvyLzmd55U4KzF4oShyNVwyv5D_djO4kJplEETBKkMOxGwdUJh9GH8XjmZsVfbxZGXaOuJmMW5zVcs4XS1Vx8_hnNGrpkcjPTY7kEQ3jFk8AWRjYUTm2ewQk3z6t5rKPG2cAITGfgbmEraql0soCCuWfBbiC_RfShkm5EAVDOZYOKWHdjJ62a09g3ihEutu; domain=.paypal.com; path=/; Secure; HttpOnly Set-Cookie: KHcl0EuY7AKSMgfvHl7J5E7hPtK=SnecXjstd1bS8TydbWAs-GUlAjnfALLi1xnlo5HVlVMY_GQ4cQE8FKGd7Sy4JUBuZGr_cBdGRoJ6aVrC; expires=Thu, 28-Sep-2034 05:23:51 GMT; domain=.paypal.com; path=/; Secure; HttpOnly Set-Cookie: cookie_check=yes; expires=Mon, 30-Sep-2024 05:23:51 GMT; domain=.paypal.com; path=/; Secure; HttpOnly Set-Cookie: navcmd=_xclick-subscriptions; domain=.paypal.com; path=/; Secure; HttpOnly Set-Cookie: pNTcMTtQfrJuaJiwEnWXQ6yNxfq=umBYbcwaBdlgv_49RMsxJYuWoGQpm-V_Tmd6s8Wd0XVsvEjbdkAtCfFX15_o6UmaT-xICuVITmpQieNGuPfhc9j-AEfAXpTHlTrGhIxlXB4AqZJkZCjVgltFUY3cp_EQ7j43zAO7ZCfg19Ayp3Wwd9E1lHAZ6TLC8XXvs5miqF3yPfz6xjIvqwuHTSgIVHKDd6ja-4aw73mD9JpzpQyr35Xb_hS1n_I0zLOReNY7g6Jaudw6FjqeCNv7ZVl16Ot0z0_MdIp551IGUeuTf4huinCwbA7D9hB-b12iFqdviqk3TAjox-1OaCNp0Bq7yq6J_JYEa-mnIQGUpS5pTr4WlAoX86yw5PrjYZacZWHQ0ONc9gah; domain=.paypal.com; path=/; Secure; HttpOnly Set-Cookie: navlns=0.0; expires=Sun, 02-Oct-2016 05:23:51 GMT; domain=.paypal.com; path=/; Secure; HttpOnly Set-Cookie: Apache=10.74.8.137.1412313830528133; path=/; expires=Sun, 25-Sep-44 05:23:50 GMT Set-Cookie: X-PP-SILOVER=name%3DLIVE6.WEB.1%26silo_version%3D880%26app%3Dslingshot%26TIME%3D3862048340; domain=.paypal.com; path=/; Secure; HttpOnly Set-Cookie: X-PP-SILOVER=; Expires=Thu, 01 Jan 1970 00:00:01 GMT Set-Cookie: Apache=10.74.8.65.1412313830518613; path=/; expires=Sun, 25-Sep-44 05:23:50 GMT Set-Cookie: AKDC=slc-b-origin-www-2.paypal.com; expires=Fri, 03-Oct-2014 05:53:51 GMT; path=/; secure Strict-Transport-Security: max-age=63072000 X-Frame-Options: SAMEORIGIN | clean |
https://www.paypal.com/lt/cgi-bin/webscr?cmd=_flow&session=fbyumvinj9fw8pbllzkjhql_tcdmxyblxtopfn6cbr8pbngqbz_qryn6ads&dispatch=5885d80a13c0db1f8e263663d3faee8dbd0a2170b502f343d92a90377a9956d7 | 200 OK Content-Length: 54 Content-Type: text/html | clean |
http://www.haofbi.com/order?plan=pp-business | HTTP/1.1 302 Found Connection: close Date: Fri, 03 Oct 2014 05:23:28 GMT Location: https://www.paypal.com/cgi-bin/webscr?cmd=_xclick-subscriptions&business=iiveras.lt%40gmail.com&a3=59.99&p3=1&t3=M&src=1&no_note=1&custom=-3000-yes-32-31faf08b&no_shipping=1&return=http%3A%2F%2Fsameid.net%2Fthankyou&rm=2&item_name=SameID%20Business%20-%203000%20requests%2Fday Server: Apache/2.4.6 (Ubuntu) Content-Length: 504 Content-Type: text/html; charset=iso-8859-1 | clean |
https://www.paypal.com/cgi-bin/webscr?cmd=_xclick-subscriptions&business=iiveras.lt%40gmail.com&a3=59.99&p3=1&t3=m&src=1&no_note=1&custom=-3000-yes-32-31faf08b&no_shipping=1&return=http%3a%2f%2fsameid.net%2fthankyou&rm=2&item_name=sameid%20business%20-%203000%20requests%2fday | HTTP/1.1 302 Moved Temporarily Connection: close Connection: Transfer-Encoding Date: Fri, 03 Oct 2014 05:23:52 GMT Location: https://www.paypal.com/lt/cgi-bin/webscr?cmd=_flow&SESSION=o39WxzqMESS5BqrSw3RdlTPdJA1ke1fh9BegPrZpDUeiNmI6PPsT5t4i_tm&dispatch=5885d80a13c0db1f8e263663d3faee8dbd0a2170b502f343d92a90377a9956d7 Server: Apache Content-Encoding: gzip Content-Type: text/html DC: slc-b-origin-www-2.paypal.com Set-Cookie: cwrClyrK4LoCV1fydGbAxiNL6iG=z1E2doRkG5fkADFy8BVHqVypKRWdUmoH_VB-P_W6tThxK7x4RQlQ_RetMIkKio3eipHL5kS3LCMqJq2uZD31bDn9KVvcrrKkkd-VEE43tjywq0wuKza6_uMwF7lIGfQba7q5ep8ScNBplffBcJpIRRgSfnE5wLkw_rWu6ZOP58k9Rz2I-BadYj6Kl6mDaGYsKkTz6RUxr50RM8EffG6YuH65nOZwFrPe91jLUfrZI5-St4EdKhbLUqsb_PscpeeZ44-78LTgB4TTf0G6skf1orbBttLeoZs1Z88RT1Gk58ZXNQ3bDEIW-o1l5eqxnBgSsAspEol5jNo3mLGwdP6FlGWgmSBa7a3ce5HghTHnQ8vW9Ohz8E1rr_zklt5Oc5x8zV0ryfQlgjRtVix1OoOQGHwwFtqFVVwkk9kSOfgglOHy207zPcojL8ySp_K; domain=.paypal.com; path=/; Secure; HttpOnly Set-Cookie: KHcl0EuY7AKSMgfvHl7J5E7hPtK=8EUpeFqd_3Sk8ON41hoyBi5XnnWdPnadHJdffhRC5gv-dgdCLZFNvFTazfICQ0pu2dzq0zGPxs44jlE8; expires=Thu, 28-Sep-2034 05:23:52 GMT; domain=.paypal.com; path=/; Secure; HttpOnly Set-Cookie: cookie_check=yes; expires=Mon, 30-Sep-2024 05:23:52 GMT; domain=.paypal.com; path=/; Secure; HttpOnly Set-Cookie: navcmd=_xclick-subscriptions; domain=.paypal.com; path=/; Secure; HttpOnly Set-Cookie: pNTcMTtQfrJuaJiwEnWXQ6yNxfq=mMQDrO4zlGITOnqD15l8aHxDMXDqiwmX0QXZz_Xww_2Fw022X6DqixkDTYoqg498qpNgpB8jeoOSpnBEnwHRDzYLnBj1a1llgwbVu0iT1hr9C7m6NG_h3beLF20WAVR92lCxSvYhj6g7VXAK2s7Ascv5dYpFQCXB9DRJ7xpVC3RywXuZuiU5NQ3Rw7XD-6yPcm0oFCD1XUfpfR-mQHHfaidVCpwAa-2_oAs90pE8O8WjMjoT-qqcvVlT6YlaVq7UFAdzTTLbPnMPUYw8ElD2o1VwVcYm55yMQTAdZM9B4G2bGqWPGEksno8z_829MzpetUmtuR2lNIzHpeHnLTxB3dUOd89O0yeGH1QA1G; domain=.paypal.com; path=/; Secure; HttpOnly Set-Cookie: navlns=0.0; expires=Sun, 02-Oct-2016 05:23:52 GMT; domain=.paypal.com; path=/; Secure; HttpOnly Set-Cookie: Apache=10.74.8.134.1412313832324279; path=/; expires=Sun, 25-Sep-44 05:23:52 GMT Set-Cookie: X-PP-SILOVER=name%3DLIVE6.WEB.1%26silo_version%3D880%26app%3Dslingshot%26TIME%3D3895602772; domain=.paypal.com; path=/; Secure; HttpOnly Set-Cookie: X-PP-SILOVER=; Expires=Thu, 01 Jan 1970 00:00:01 GMT Set-Cookie: Apache=10.74.8.71.1412313832312462; path=/; expires=Sun, 25-Sep-44 05:23:52 GMT Set-Cookie: AKDC=slc-b-origin-www-2.paypal.com; expires=Fri, 03-Oct-2014 05:53:52 GMT; path=/; secure Strict-Transport-Security: max-age=63072000 X-Frame-Options: SAMEORIGIN | clean |
https://www.paypal.com/lt/cgi-bin/webscr?cmd=_flow&session=o39wxzqmess5bqrsw3rdltpdja1ke1fh9begprzpdueinmi6ppst5t4i_tm&dispatch=5885d80a13c0db1f8e263663d3faee8dbd0a2170b502f343d92a90377a9956d7 | 200 OK Content-Length: 54 Content-Type: text/html | clean |
http://www.haofbi.com/contacts.html | 200 OK Content-Length: 4349 Content-Type: text/html | clean |
http://mp3.ulunix.com/js/common.js | 200 OK Content-Length: 2520 Content-Type: application/x-javascript | clean |
http://mp3.ulunix.com/Js/all_play.js | 200 OK Content-Length: 459 Content-Type: application/x-javascript | clean |