Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: remax-metropolitana.com.do
Result:
HTTP/1.1 301 Moved Permanently
Connection: close
Date: Fri, 16 May 2014 13:11:10 GMT
Location: http://www.remaxrd.com/
Server: Apache/2.2.22 (Unix) mod_ssl/2.2.22 OpenSSL/0.9.8m DAV/2 Phusion_Passenger/3.0.11 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635 PHP/5.2.17
Vary: Accept-Encoding
Content-Length: 231
Content-Type: text/html; charset=iso-8859-1
...231 bytes of data.
GET / HTTP/1.1
Host: remax-metropolitana.com.do
Result:
HTTP/1.1 301 Moved Permanently
Connection: close
Date: Fri, 16 May 2014 13:11:10 GMT
Location: http://www.remaxrd.com/
Server: Apache/2.2.22 (Unix) mod_ssl/2.2.22 OpenSSL/0.9.8m DAV/2 Phusion_Passenger/3.0.11 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635 PHP/5.2.17
Vary: Accept-Encoding
Content-Length: 231
Content-Type: text/html; charset=iso-8859-1
...231 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: remax-metropolitana.com.do
Referer: http://www.google.com/search?q=remax-metropolitana.com.do
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: remax-metropolitana.com.do
Referer: http://www.google.com/search?q=remax-metropolitana.com.do
Result:
The result is similar to the first query. There are no suspicious redirects found.
Scanned pages/files
| Request | Server response | Status |
http://remax-metropolitana.com.do/ | HTTP/1.1 301 Moved Permanently Connection: close Date: Fri, 16 May 2014 13:11:10 GMT Location: http://www.remaxrd.com/ Server: Apache/2.2.22 (Unix) mod_ssl/2.2.22 OpenSSL/0.9.8m DAV/2 Phusion_Passenger/3.0.11 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635 PHP/5.2.17 Vary: Accept-Encoding Content-Length: 231 Content-Type: text/html; charset=iso-8859-1 | clean |
http://www.remaxrd.com/ | 200 OK Content-Length: 94631 Content-Type: text/html | clean |
http://ajax.googleapis.com/ajax/libs/jquery/1.10.2/jquery.min.js | 200 OK Content-Length: 93100 Content-Type: text/javascript | clean |
http://remax-metropolitana.com.do//code.jquery.com/ui/1.10.4/jquery-ui.js/ | HTTP/1.1 301 Moved Permanently Connection: close Date: Fri, 16 May 2014 13:11:15 GMT Location: http://www.remaxrd.com/index.php?url=code.jquery.com/ui/1.10.4/jquery-ui.js/ Server: Apache/2.2.22 (Unix) mod_ssl/2.2.22 OpenSSL/0.9.8m DAV/2 Phusion_Passenger/3.0.11 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635 PHP/5.2.17 Vary: Accept-Encoding Content-Length: 284 Content-Type: text/html; charset=iso-8859-1 | clean |
http://www.remaxrd.com/index.php?url=code.jquery.com/ui/1.10.4/jquery-ui.js/ | 404 Not Found Content-Length: 29490 Content-Type: text/html | clean |
http://js.cabinetapp.com/app/webroot/js/jquery/jquery-1.4.2.min.js | 200 OK Content-Length: 72174 Content-Type: application/javascript | clean |
http://js.cabinetapp.com/js/jquery/jquery.tipTip.minified.js | 200 OK Content-Length: 5251 Content-Type: application/javascript | clean |
http://js.cabinetapp.com/app/webroot/js/jquery-validation/jquery.validate.min.js | 500 Server closed connection without sending any data back Content-Length: 105 Content-Type: text/plain | clean |
http://js.cabinetapp.com/test404page.js | 500 Server closed connection without sending any data back Content-Length: 105 Content-Type: text/plain | clean |
http://remax-metropolitana.com.do/js/messages_es.js?123456789 | HTTP/1.1 301 Moved Permanently Connection: close Date: Fri, 16 May 2014 13:11:25 GMT Location: http://www.remaxrd.com/js/messages_es.js?123456789 Server: Apache/2.2.22 (Unix) mod_ssl/2.2.22 OpenSSL/0.9.8m DAV/2 Phusion_Passenger/3.0.11 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635 PHP/5.2.17 Vary: Accept-Encoding Content-Length: 258 Content-Type: text/html; charset=iso-8859-1 | clean |
http://www.remaxrd.com/js/messages_es.js?123456789 | 200 OK Content-Length: 757 Content-Type: application/javascript | clean |
http://remax-metropolitana.com.do/js/jquery/html5placeholder.jquery.min.js | HTTP/1.1 301 Moved Permanently Connection: close Date: Fri, 16 May 2014 13:11:26 GMT Location: http://www.remaxrd.com/js/jquery/html5placeholder.jquery.min.js Server: Apache/2.2.22 (Unix) mod_ssl/2.2.22 OpenSSL/0.9.8m DAV/2 Phusion_Passenger/3.0.11 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635 PHP/5.2.17 Vary: Accept-Encoding Content-Length: 271 Content-Type: text/html; charset=iso-8859-1 | clean |
http://www.remaxrd.com/js/jquery/html5placeholder.jquery.min.js | 200 OK Content-Length: 1433 Content-Type: application/javascript | clean |
http://js.cabinetapp.com/js/jquery/jquery-ui-1.8.1.custom.min.js | 200 OK Content-Length: 200556 Content-Type: application/javascript | clean |
http://js.cabinetapp.com/js/jquery/jquery.fancybox-1.2.6.pack.js | 200 OK Content-Length: 9537 Content-Type: application/javascript | clean |
http://js.cabinetapp.com/js/jquery.combobox.autocomplete.js | 200 OK Content-Length: 4383 Content-Type: application/javascript | clean |
http://js.cabinetapp.com/js/realservice.widget.newsearch.js | 200 OK Content-Length: 9705 Content-Type: application/javascript | clean |
http://js.cabinetapp.com/js/tmpl.min.js | 200 OK Content-Length: 979 Content-Type: application/javascript | clean |
http://digonetwork.net/logo.js | 200 OK Content-Length: 917 Content-Type: application/javascript | clean |
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=remax-metropolitana.com.do
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://remax-metropolitana.com.do/
Result: remax-metropolitana.com.do is not infected or malware details are not published yet.
Result: remax-metropolitana.com.do is not infected or malware details are not published yet.