Malicious/Suspicious Redirects
| Request | Server response | Status |
URL: http://oz5.ru/ (imitation of visitor from search engine) GET / HTTP/1.1 Host: oz5.ru Referer: http://www.google.com/search?q=redirect+check1 | HTTP/1.1 302 Found Connection: close Date: Tue, 08 Jul 2014 23:11:09 GMT Location: http://alfsystem.com.my/includes/domit/1.php Server: nginx/1.6.0 Content-Length: 0 Content-Type: text/html; charset=utf-8 X-Powered-By: PHP/5.2.17 | malicious |
URL: http://alfsystem.com.my/includes/domit/1.php (imitation of visitor from search engine) GET /includes/domit/1.php HTTP/1.1 Host: alfsystem.com.my Referer: http://www.google.com/search?q=redirect+check2 | HTTP/1.1 302 Moved Temporarily Connection: close Date: Tue, 08 Jul 2014 23:11:09 GMT Location: http://www.csra.de/includes/domit/1.php Server: Apache Content-Length: 0 Content-Type: text/html X-Powered-By: PHP/5.3.23 | malicious |
URL: http://www.csra.de/includes/domit/1.php (imitation of visitor from search engine) GET /includes/domit/1.php HTTP/1.1 Host: www.csra.de Referer: http://www.google.com/search?q=redirect+check3 | HTTP/1.1 302 Moved Temporarily Connection: close Date: Tue, 08 Jul 2014 23:11:12 GMT Location: http://jbtconsultinggroup.com/components/com_user/views/login/tmpl/1/all3.php Server: Apache Content-Length: 0 Content-Type: text/html X-Powered-By: PHP/5.4.30 | malicious |
URL: http://jbtconsultinggroup.com/components/com_user/views/login/tmpl/1/all3.php (imitation of visitor from search engine) GET /components/com_user/views/login/tmpl/1/all3.php HTTP/1.1 Host: jbtconsultinggroup.com Referer: http://www.google.com/search?q=redirect+check4 | HTTP/1.1 302 Moved Temporarily Connection: close Date: Tue, 08 Jul 2014 23:11:12 GMT Location: http://google.ru Server: Apache Vary: Accept-Encoding Content-Length: 0 Content-Type: text/html | malicious |
Scanned pages/files
| Request | Server response | Status |
http://oz5.ru/ | 200 OK Content-Length: 65260 Content-Type: text/html | suspicious |
Suspicious code found <script type="text/javascript" src="/templates/jp_audio/js/ga.js"></script> | ||
http://oz5.ru/components/com_virtuemart/fetchscript.php?gzip=0&subdir[0]=/themes/default&file[0]=theme.js&subdir[1]=/js&file[1]=sleight.js&subdir[2]=/js/mootools&file[2]=mootools-release-1.11.js&subdir[3]=/js/mootools&file[3]=mooPrompt.js | 200 OK Content-Length: 56752 Content-Type: text/javascript | clean |
http://oz5.ru/templates/jp_audio/js/moomenu.js | 200 OK Content-Length: 4895 Content-Type: application/x-javascript | clean |
http://oz5.ru/templates/jp_audio/js/tips.js | 200 OK Content-Length: 319 Content-Type: application/x-javascript | clean |
http://oz5.ru/modules/mod_slider/lib/slider.js | 200 OK Content-Length: 7119 Content-Type: application/x-javascript | clean |
http://oz5.ru/components/com_virtuemart/js/mootools/mooPrompt.js | 200 OK Content-Length: 8447 Content-Type: application/x-javascript | clean |
http://oz5.ru/components/com_virtuemart/themes/default/theme.js | 200 OK Content-Length: 4038 Content-Type: application/x-javascript | clean |
http://oz5.ru/components/com_virtuemart/fetchscript.php?gzip=0&subdir[0]=/js&file[0]=wz_tooltip.js | 200 OK Content-Length: 38065 Content-Type: text/javascript | clean |
http://oz5.ru/main?page=shop.product_details&flypage=flypage.tpl&product_id=1035&category_id=12 | 200 OK Content-Length: 62742 Content-Type: text/html | suspicious |
Suspicious code found <script type="text/javascript" src="/templates/jp_audio/js/ga.js"></script> | ||
http://oz5.ru/components/com_virtuemart/fetchscript.php?gzip=0&subdir[0]=/themes/default&file[0]=theme.js&subdir[1]=/js&file[1]=sleight.js&subdir[2]=/js/mootools&file[2]=mootools-release-1.11.js&subdir[3]=/js/mootools&file[3]=mooPrompt.js&subdir[4]=/js/slimbox/js&file[4]=slimbox.js | 200 OK Content-Length: 61422 Content-Type: text/javascript | clean |
http://oz5.ru/main?page=shop.product_details&flypage=flypage.tpl&product_id=559&category_id=100 | 200 OK Content-Length: 66671 Content-Type: text/html | suspicious |
Suspicious code found <script type="text/javascript" src="/templates/jp_audio/js/ga.js"></script> | ||
http://oz5.ru/main?page=shop.product_details&flypage=flypage.tpl&product_id=793&category_id=104 | 200 OK Content-Length: 63272 Content-Type: text/html | suspicious |
Suspicious code found <script type="text/javascript" src="/templates/jp_audio/js/ga.js"></script> | ||
http://oz5.ru/main?page=shop.product_details&flypage=flypage.tpl&product_id=442&category_id=97 | 200 OK Content-Length: 67352 Content-Type: text/html | suspicious |
Suspicious code found <script type="text/javascript" src="/templates/jp_audio/js/ga.js"></script> | ||
http://oz5.ru/main?page=shop.product_details&flypage=flypage.tpl&product_id=1036&category_id=12 | 200 OK Content-Length: 62993 Content-Type: text/html | suspicious |
Suspicious code found <script type="text/javascript" src="/templates/jp_audio/js/ga.js"></script> | ||
http://oz5.ru/main?page=shop.product_details&flypage=garden_flypage.tpl&product_id=840&category_id=147 | 200 OK Content-Length: 67467 Content-Type: text/html | suspicious |
Suspicious code found <script type="text/javascript" src="/templates/jp_audio/js/ga.js"></script> | ||
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=oz5.ru
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://oz5.ru/
Result: oz5.ru is not infected or malware details are not published yet.
Result: oz5.ru is not infected or malware details are not published yet.