Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: mserailroad.com
Result:
HTTP/1.1 301 Moved Permanently
Connection: close
Date: Thu, 24 Jul 2014 10:31:12 GMT
Location: http://mserr.com/
Server: Apache
Content-Length: 225
Content-Type: text/html; charset=iso-8859-1
...225 bytes of data.
GET / HTTP/1.1
Host: mserailroad.com
Result:
HTTP/1.1 301 Moved Permanently
Connection: close
Date: Thu, 24 Jul 2014 10:31:12 GMT
Location: http://mserr.com/
Server: Apache
Content-Length: 225
Content-Type: text/html; charset=iso-8859-1
...225 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: mserailroad.com
Referer: http://www.google.com/search?q=mserailroad.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: mserailroad.com
Referer: http://www.google.com/search?q=mserailroad.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Scanned pages/files
| Request | Server response | Status |
http://mserailroad.com/ | HTTP/1.1 301 Moved Permanently Connection: close Date: Thu, 24 Jul 2014 10:31:12 GMT Location: http://mserr.com/ Server: Apache Content-Length: 225 Content-Type: text/html; charset=iso-8859-1 | clean |
http://mserr.com/ | 200 OK Content-Length: 13780 Content-Type: text/html | clean |
http://www.mserailroad.com/wp-content/themes/mserailroad/js/scripts.js | 200 OK Content-Length: 345 Content-Type: application/javascript | clean |
http://www.mserailroad.com/wp-content/themes/mserailroad/js/AC_RunActiveContent.js | 200 OK Content-Length: 8321 Content-Type: application/javascript | clean |
http://mserailroad.com/?page_id=126 | HTTP/1.1 301 Moved Permanently Connection: close Date: Thu, 24 Jul 2014 10:31:16 GMT Location: http://mserr.com/?page_id=126 Server: Apache Content-Length: 237 Content-Type: text/html; charset=iso-8859-1 | clean |
http://mserr.com/?page_id=126 | 200 OK Content-Length: 13060 Content-Type: text/html | clean |
http://mserr.com/?page_id=129 | 200 OK Content-Length: 10398 Content-Type: text/html | clean |
http://mserr.com/?page_id=132 | 200 OK Content-Length: 8794 Content-Type: text/html | clean |
http://mserr.com/?page_id=135 | 200 OK Content-Length: 10538 Content-Type: text/html | clean |
http://mserr.com/?page_id=138 | 200 OK Content-Length: 11284 Content-Type: text/html | clean |
http://mserr.com/?page_id=141 | 200 OK Content-Length: 8590 Content-Type: text/html | clean |
http://mserr.com/?page_id=144 | 200 OK Content-Length: 10631 Content-Type: text/html | clean |
http://mserr.com/?page_id=148 | 200 OK Content-Length: 8247 Content-Type: text/html | clean |
http://mserr.com/?page_id=39 | 200 OK Content-Length: 9902 Content-Type: text/html | clean |
http://mserr.com/?page_id=40 | 200 OK Content-Length: 14743 Content-Type: text/html | clean |
http://mserr.com/?page_id=49 | 200 OK Content-Length: 11641 Content-Type: text/html | clean |
http://mserr.com/?page_id=53 | 200 OK Content-Length: 7642 Content-Type: text/html | clean |
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=mserailroad.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://mserailroad.com/
Result: mserailroad.com is not infected or malware details are not published yet.
Result: mserailroad.com is not infected or malware details are not published yet.