Malicious/Suspicious Redirects
Request | Server response | Status |
URL: http://offersforourreaders.com/ (imitation of visitor from search engine) GET / HTTP/1.1 Host: offersforourreaders.com Referer: http://www.google.com/search?q=redirect+check1 | HTTP/1.1 302 Moved Temporarily Connection: close Date: Thu, 11 Sep 2014 22:19:21 GMT Location: http://ibontu.25u.com/ Server: nginx admin Content-Length: 0 Content-Type: text/html X-Cache: HIT from Backend X-Powered-By: PHP/5.4.29 | malicious |
Scanned pages/files
Request | Server response | Status |
http://offersforourreaders.com/ | 200 OK Content-Length: 8127 Content-Type: text/html | clean |
http://offersforourreaders.com/wp-includes/js/jquery/jquery.js?ver=1.11.0 | 200 OK Content-Length: 96402 Content-Type: application/x-javascript | clean |
http://offersforourreaders.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.2.1 | 200 OK Content-Length: 7200 Content-Type: application/x-javascript | clean |
http://offersforourreaders.com/wp-content/plugins/wp-sonic-defender/view/css/mskr_frontend.js?ver=3.9.2 | 200 OK Content-Length: 1511 Content-Type: application/x-javascript | clean |
http://offersforourreaders.com/?page_id=22 | 200 OK Content-Length: 7675 Content-Type: text/html | clean |
http://offersforourreaders.com/wp-includes/js/comment-reply.min.js?ver=3.9.2 | 200 OK Content-Length: 757 Content-Type: application/x-javascript | clean |
http://offersforourreaders.com/?page_id=2 | 200 OK Content-Length: 8589 Content-Type: text/html | clean |
http://offersforourreaders.com/wp-admin/ | HTTP/1.1 302 Moved Temporarily Cache-Control: no-cache, must-revalidate, max-age=0 Connection: close Date: Thu, 11 Sep 2014 22:19:25 GMT Pragma: no-cache Location: http://offersforourreaders.com/wp-login.php?redirect_to=http%3A%2F%2Foffersforourreaders.com%2Fwp-admin%2F&reauth=1 Server: nginx admin Content-Length: 0 Content-Type: text/html Expires: Wed, 11 Jan 1984 05:00:00 GMT Set-Cookie: PHPSESSID=a0c9c5458743a4405c885c6e663561c3; path=/ X-Cache: HIT from Backend X-Powered-By: PHP/5.4.29 | clean |
http://offersforourreaders.com/wp-login.php?redirect_to=http%3a%2f%2foffersforourreaders.com%2fwp-admin%2f&reauth=1 | HTTP/1.1 302 Moved Temporarily Cache-Control: no-cache, must-revalidate, max-age=0 Connection: close Date: Thu, 11 Sep 2014 22:19:26 GMT Pragma: no-cache Location: http://textchx.undergr.cpa.clicksure.com Server: nginx admin Content-Type: text/html; charset=UTF-8 Expires: Wed, 11 Jan 1984 05:00:00 GMT Set-Cookie: PHPSESSID=53f6c27d3f2d23d68ed83d76511869a2; path=/ Set-Cookie: wordpress_test_cookie=WP+Cookie+check; path=/ Set-Cookie: wordpress_59f8b4d01bbce10bb71887da7fa3d56d=+; expires=Wed, 11-Sep-2013 22:19:26 GMT; path=/wp-admin Set-Cookie: wordpress_sec_59f8b4d01bbce10bb71887da7fa3d56d=+; expires=Wed, 11-Sep-2013 22:19:26 GMT; path=/wp-admin Set-Cookie: wordpress_59f8b4d01bbce10bb71887da7fa3d56d=+; expires=Wed, 11-Sep-2013 22:19:26 GMT; path=/wp-content/plugins Set-Cookie: wordpress_sec_59f8b4d01bbce10bb71887da7fa3d56d=+; expires=Wed, 11-Sep-2013 22:19:26 GMT; path=/wp-content/plugins Set-Cookie: wordpress_logged_in_59f8b4d01bbce10bb71887da7fa3d56d=+; expires=Wed, 11-Sep-2013 22:19:26 GMT; path=/ Set-Cookie: wordpress_logged_in_59f8b4d01bbce10bb71887da7fa3d56d=+; expires=Wed, 11-Sep-2013 22:19:26 GMT; path=/ Set-Cookie: wordpress_59f8b4d01bbce10bb71887da7fa3d56d=+; expires=Wed, 11-Sep-2013 22:19:26 GMT; path=/ Set-Cookie: wordpress_59f8b4d01bbce10bb71887da7fa3d56d=+; expires=Wed, 11-Sep-2013 22:19:26 GMT; path=/ Set-Cookie: wordpress_sec_59f8b4d01bbce10bb71887da7fa3d56d=+; expires=Wed, 11-Sep-2013 22:19:26 GMT; path=/ Set-Cookie: wordpress_sec_59f8b4d01bbce10bb71887da7fa3d56d=+; expires=Wed, 11-Sep-2013 22:19:26 GMT; path=/ Set-Cookie: wordpressuser_59f8b4d01bbce10bb71887da7fa3d56d=+; expires=Wed, 11-Sep-2013 22:19:26 GMT; path=/ Set-Cookie: wordpresspass_59f8b4d01bbce10bb71887da7fa3d56d=+; expires=Wed, 11-Sep-2013 22:19:26 GMT; path=/ Set-Cookie: wordpressuser_59f8b4d01bbce10bb71887da7fa3d56d=+; expires=Wed, 11-Sep-2013 22:19:26 GMT; path=/ Set-Cookie: wordpresspass_59f8b4d01bbce10bb71887da7fa3d56d=+; expires=Wed, 11-Sep-2013 22:19:26 GMT; path=/ X-Frame-Options: SAMEORIGIN X-Powered-By: PHP/5.4.29 | clean |
http://textchx.undergr.cpa.clicksure.com/ | HTTP/1.1 302 Found Cache-Control: no-cache Connection: close Date: Thu, 11 Sep 2014 22:19:28 GMT Via: WebCelerate Accept-Ranges: bytes Age: 0 Location: http://clicksurecpa.com/recookie/h6AMo7Mog2nrNclJ2hnhyRGM0WL9e63X Server: nginx/1.6.1 Content-Length: 2278 Content-Type: text/html; charset=UTF-8 P3P: policyref="http://cpa.clicksure.com/w3c/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OUR SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Set-Cookie: laravel_session=04d4a4b63f3e6e9cc82780d78a3c6f191261cf72; expires=Fri, 12-Sep-2014 00:17:14 GMT; Max-Age=7200; path=/; domain=cpa.clicksure.com; httponly Set-Cookie: campaign_lp_aff_4314683=14f23576819d8894dd103218698e76a3d2ec593d%2B2014-09-12; expires=Fri, 12-Sep-2014 22:17:14 GMT; Max-Age=86400; path=/; domain=cpa.clicksure.com; httponly Set-Cookie: campaign_142583=cd405051976cf9f09f9e9bf3e30b94f95d6bface%2B%7B%22click%22%3A3343638523%2C%22tracked%22%3A%5B%5D%2C%22tracked_time%22%3A1410473834%7D; expires=Sat, 11-Oct-2014 22:17:14 GMT; Max-Age=2592000; path=/; domain=cpa.clicksure.com; httponly X-Cache: MISS X-Cacheable: NO:Not Cacheable X-Powered-By: PHP/5.5.16 | clean |
http://clicksurecpa.com/recookie/h6amo7mog2nrnclj2hnhyrgm0wl9e63x | 200 OK Content-Length: 15 Content-Type: text/html | clean |
http://clicksurecpa.com/test404page.js | 404 Not Found Content-Length: 3462 Content-Type: text/html | clean |
http://clicksurecpa.com//use.typekit.net/ywd3zho.js/ | 404 Not Found Content-Length: 3462 Content-Type: text/html | clean |
http://clicksurecpa.com/ | HTTP/1.1 302 Found Cache-Control: no-cache Connection: close Date: Thu, 11 Sep 2014 22:19:29 GMT Via: WebCelerate Accept-Ranges: bytes Age: 0 Location: http://www.clicksure.com Server: nginx/1.6.1 Content-Length: 2113 Content-Type: text/html; charset=UTF-8 Set-Cookie: laravel_session=50a156ae9bbbe64747c2a98248c0b6dad3bae047; expires=Fri, 12-Sep-2014 00:17:15 GMT; Max-Age=7200; path=/; domain=clicksurecpa.com; httponly X-Cache: MISS X-Cacheable: NO:Not Cacheable X-Powered-By: PHP/5.5.16 | clean |
http://www.clicksure.com/ | 200 OK Content-Length: 19228 Content-Type: text/html | clean |
http://www.clicksure.com/website/js/libs/html5shiv.js | 200 OK Content-Length: 9417 Content-Type: text/javascript | clean |
http://www.clicksure.com/website/js/libs/html5shiv-printshiv.js | 200 OK Content-Length: 15370 Content-Type: text/javascript | clean |
http://www.clicksure.com/website/js/libs/jquery-1.7.1.min.js | 200 OK Content-Length: 93867 Content-Type: text/javascript | clean |
http://www.clicksure.com/website/js/libs/jquery.stellar.min.js | 200 OK Content-Length: 12636 Content-Type: text/javascript | clean |
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=offersforourreaders.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://offersforourreaders.com/
Result: offersforourreaders.com is not infected or malware details are not published yet.
Result: offersforourreaders.com is not infected or malware details are not published yet.