Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: promo-flyer.net
Result:
HTTP/1.1 302 Found
Connection: close
Date: Tue, 10 Jun 2014 22:36:35 GMT
Location: http://www.runiso.com
Server: Apache
Content-Length: 205
Content-Type: text/html; charset=iso-8859-1
Keep-Alive: timeout=15, max=96
Set-Cookie: X-Mapping-pfndjneh=B93706623998281C76955BF74B8FEC87; path=/
...205 bytes of data.
GET / HTTP/1.1
Host: promo-flyer.net
Result:
HTTP/1.1 302 Found
Connection: close
Date: Tue, 10 Jun 2014 22:36:35 GMT
Location: http://www.runiso.com
Server: Apache
Content-Length: 205
Content-Type: text/html; charset=iso-8859-1
Keep-Alive: timeout=15, max=96
Set-Cookie: X-Mapping-pfndjneh=B93706623998281C76955BF74B8FEC87; path=/
...205 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: promo-flyer.net
Referer: http://www.google.com/search?q=promo-flyer.net
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: promo-flyer.net
Referer: http://www.google.com/search?q=promo-flyer.net
Result:
The result is similar to the first query. There are no suspicious redirects found.
Scanned pages/files
| Request | Server response | Status |
http://promo-flyer.net/ | HTTP/1.1 302 Found Connection: close Date: Tue, 10 Jun 2014 22:36:35 GMT Location: http://www.runiso.com Server: Apache Content-Length: 205 Content-Type: text/html; charset=iso-8859-1 Keep-Alive: timeout=15, max=96 Set-Cookie: X-Mapping-pfndjneh=B93706623998281C76955BF74B8FEC87; path=/ | clean |
http://www.runiso.com/ | 200 OK Content-Length: 21709 Content-Type: text/html | clean |
http://www.runiso.com/js/jquery-1.5.js | 200 OK Content-Length: 227601 Content-Type: application/x-javascript | clean |
http://www.runiso.com/js/jquery-ui-1.8.2.custom.js | 200 OK Content-Length: 40288 Content-Type: application/x-javascript | clean |
http://www.runiso.com/js/jquery.ui.core.js | 200 OK Content-Length: 5916 Content-Type: application/x-javascript | clean |
http://www.runiso.com/js/jquery.ui.widget.js | 200 OK Content-Length: 6219 Content-Type: application/x-javascript | clean |
http://www.runiso.com/js/jquery.ui.dialog.js | 200 OK Content-Length: 21332 Content-Type: application/x-javascript | clean |
http://www.runiso.com/js/jquery.timers-1.1.2.js | 200 OK Content-Length: 3535 Content-Type: application/x-javascript | clean |
http://www.runiso.com/js/jquery.easing.1.3.js | 200 OK Content-Length: 8301 Content-Type: application/x-javascript | clean |
http://www.runiso.com/js/jquery.nivo.slider.js | 200 OK Content-Length: 25701 Content-Type: application/x-javascript | clean |
http://www.runiso.com/js/jquery.cookie.js | 200 OK Content-Length: 1988 Content-Type: application/x-javascript | clean |
http://www.runiso.com/ui_public/css/fancybox/jquery.fancybox-1.3.4.pack.js | 200 OK Content-Length: 15669 Content-Type: application/x-javascript | clean |
http://www.runiso.com/js/crawler.js | 200 OK Content-Length: 10091 Content-Type: application/x-javascript | clean |
http://www.runiso.com/js/fonctions.js | 200 OK Content-Length: 6610 Content-Type: application/x-javascript | clean |
http://www.runiso.com/js/roundies-min.js | 200 OK Content-Length: 8429 Content-Type: application/x-javascript | clean |
http://promo-flyer.net/indexAjax.php?a=home-popin | 500 Internal Server Error Content-Length: 538 Content-Type: text/html | clean |
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=promo-flyer.net
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://promo-flyer.net/
Result: promo-flyer.net is not infected or malware details are not published yet.
Result: promo-flyer.net is not infected or malware details are not published yet.