Malicious/Suspicious Redirects
Request | Server response | Status |
URL: http://www.renderit.mx/ (imitation of visitor from search engine) GET / HTTP/1.1 Host: www.renderit.mx Referer: http://www.google.com/search?q=redirect+check1 | HTTP/1.1 301 Moved Permanently Connection: close Date: Wed, 27 Aug 2014 18:35:31 GMT Location: http://46.161.41.152/sds/go.php?sid=1 Server: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/0.9.8e-fips-rhel5 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635 mod_fcgid/2.3.6 Content-Length: 445 Content-Type: text/html; charset=iso-8859-1 | malicious |
URL: http://46.161.41.152/sds/go.php?sid=1 (imitation of visitor from search engine) GET /sds/go.php?sid=1 HTTP/1.1 Host: 46.161.41.152 Referer: http://www.google.com/search?q=redirect+check2 | HTTP/1.1 302 Found Connection: close Date: Wed, 27 Aug 2014 18:35:40 GMT Referer: http://www.google.com/url?sa=t&rct=j&q=www.renderit.mx&source=web&cd=1&ved=0CDEQFjAG&url=http:%2F%2Fwww.renderit.mx%2F&ei=wC7yT5qCJbCCkQKtnwE&usg=AFQjCNGEeYp3D7uuNLAJxMIVliLyQ9O_Pg Location: http://elitemedclub.com/ Server: Apache/2.2.22 (Debian) Vary: Accept-Encoding Content-Length: 0 Content-Type: text/html Set-Cookie: schema1=true; expires=Wed, 03-Sep-2014 18:35:40 GMT Set-Cookie: visited1=2; expires=Wed, 03-Sep-2014 18:35:40 GMT X-Powered-By: PHP/5.4.4-14+deb7u14 | malicious |
Scanned pages/files
Request | Server response | Status |
http://www.renderit.mx/ | 200 OK Content-Length: 60341 Content-Type: text/html | clean |
http://www.renderit.mx/wp-includes/js/jquery/jquery.js?ver=1.11.0 | 200 OK Content-Length: 96402 Content-Type: application/x-javascript | clean |
http://www.renderit.mx/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.2.1 | 200 OK Content-Length: 7200 Content-Type: application/x-javascript | clean |
http://www.renderit.mx/wp-content/themes/salient/js/modernizr.js?ver=2.6.2 | 200 OK Content-Length: 14271 Content-Type: application/x-javascript | clean |
http://www.renderit.mx/wp-includes/js/jquery/ui/jquery.ui.core.min.js?ver=1.10.4 | 200 OK Content-Length: 4289 Content-Type: application/x-javascript | clean |
http://www.renderit.mx/wp-includes/js/jquery/ui/jquery.ui.widget.min.js?ver=1.10.4 | 200 OK Content-Length: 6521 Content-Type: application/x-javascript | clean |
http://www.renderit.mx/wp-includes/js/jquery/ui/jquery.ui.position.min.js?ver=1.10.4 | 200 OK Content-Length: 6360 Content-Type: application/x-javascript | clean |
http://www.renderit.mx/wp-includes/js/jquery/ui/jquery.ui.menu.min.js?ver=1.10.4 | 200 OK Content-Length: 9583 Content-Type: application/x-javascript | clean |
http://www.renderit.mx/wp-includes/js/jquery/ui/jquery.ui.autocomplete.min.js?ver=1.10.4 | 200 OK Content-Length: 7786 Content-Type: application/x-javascript | clean |
http://www.renderit.mx/wp-content/themes/salient/nectar/assets/functions/ajax-search/wpss-search-suggest.js | 200 OK Content-Length: 868 Content-Type: application/x-javascript | clean |
http://www.renderit.mx/wp-content/themes/salient/js/superfish.js?ver=1.4.8 | 200 OK Content-Length: 7676 Content-Type: application/x-javascript | clean |
http://www.renderit.mx/wp-content/themes/salient/js/easing.js?ver=1.3 | 200 OK Content-Length: 8305 Content-Type: application/x-javascript | clean |
http://www.renderit.mx/wp-content/themes/salient/js/respond.js?ver=1.1 | 200 OK Content-Length: 4870 Content-Type: application/x-javascript | clean |
http://www.renderit.mx/wp-content/themes/salient/js/swipe.min.js?ver=1.6 | 200 OK Content-Length: 9357 Content-Type: application/x-javascript | clean |
http://www.renderit.mx/wp-content/themes/salient/js/nicescroll.js?ver=3.5.4 | 200 OK Content-Length: 58097 Content-Type: application/x-javascript | clean |
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=renderit.mx
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://renderit.mx/
Result: renderit.mx is not infected or malware details are not published yet.
Result: renderit.mx is not infected or malware details are not published yet.