Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: searchfilemb.com
Result:
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Wed, 17 Dec 2014 13:25:24 GMT
Pragma: no-cache
Server: nginx/1.2.3
Vary: Accept-Encoding
Content-Type: text/html
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Set-Cookie: PHPSESSID=ybrVJJsLFCq3WPy1y9uUn0; expires=Wed, 17-Dec-2014 19:25:24 GMT; path=/
Set-Cookie: cook=ok; expires=Fri, 16-Jan-2015 13:25:24 GMT; path=/
Set-Cookie: country=LT; expires=Fri, 16-Jan-2015 13:25:24 GMT; path=/
Set-Cookie: _uniq=1418822724; expires=Wed, 17-Dec-2014 23:25:24 GMT; path=/
Set-Cookie: _ft=1418833524; expires=Fri, 16-Jan-2015 13:25:24 GMT; path=/
X-Powered-By: PHP/5.4.6
GET / HTTP/1.1
Host: searchfilemb.com
Result:
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Wed, 17 Dec 2014 13:25:24 GMT
Pragma: no-cache
Server: nginx/1.2.3
Vary: Accept-Encoding
Content-Type: text/html
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Set-Cookie: PHPSESSID=ybrVJJsLFCq3WPy1y9uUn0; expires=Wed, 17-Dec-2014 19:25:24 GMT; path=/
Set-Cookie: cook=ok; expires=Fri, 16-Jan-2015 13:25:24 GMT; path=/
Set-Cookie: country=LT; expires=Fri, 16-Jan-2015 13:25:24 GMT; path=/
Set-Cookie: _uniq=1418822724; expires=Wed, 17-Dec-2014 23:25:24 GMT; path=/
Set-Cookie: _ft=1418833524; expires=Fri, 16-Jan-2015 13:25:24 GMT; path=/
X-Powered-By: PHP/5.4.6
Second query (visit from search engine):
GET / HTTP/1.1
Host: searchfilemb.com
Referer: http://www.google.com/search?q=searchfilemb.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: searchfilemb.com
Referer: http://www.google.com/search?q=searchfilemb.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Scanned pages/files
Request | Server response | Status |
http://searchfilemb.com/ | 200 OK Content-Length: 8222 Content-Type: text/html | clean |
http://searchfilemb.com/js/jquery.min.js | 200 OK Content-Length: 93868 Content-Type: application/x-javascript | clean |
http://searchfilemb.com/js/default.js | 200 OK Content-Length: 1308 Content-Type: application/x-javascript | clean |
http://searchfilemb.com/js/ext.js | 200 OK Content-Length: 505 Content-Type: application/x-javascript | clean |
http://searchfilemb.com/data/script.js | 200 OK Content-Length: 3374 Content-Type: application/x-javascript | clean |
http://searchfilemb.com/?action=join&page=login | 200 OK Content-Length: 16484 Content-Type: text/html | clean |
http://searchfilemb.com/?action=join&page=unsubscribe | 200 OK Content-Length: 16881 Content-Type: text/html | clean |
http://searchfilemb.com/?action=join&page=unsubscribe&link=1 | HTTP/1.1 302 Found Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Connection: close Date: Wed, 17 Dec 2014 13:25:26 GMT Pragma: no-cache Location: / Server: nginx/1.2.3 Vary: Accept-Encoding Content-Type: text/html Expires: Thu, 19 Nov 1981 08:52:00 GMT Set-Cookie: PHPSESSID=1mJIz9Yw0QnRtHDyrKB0q0; expires=Wed, 17-Dec-2014 19:25:26 GMT; path=/ Set-Cookie: cook=ok; expires=Fri, 16-Jan-2015 13:25:26 GMT; path=/ Set-Cookie: country=LT; expires=Fri, 16-Jan-2015 13:25:26 GMT; path=/ Set-Cookie: _uniq=1418822726; expires=Wed, 17-Dec-2014 23:25:26 GMT; path=/ Set-Cookie: _ft=1418833526; expires=Fri, 16-Jan-2015 13:25:26 GMT; path=/ X-Powered-By: PHP/5.4.6 | clean |
http://searchfilemb.com/test404page.js | 404 Not Found Content-Length: 570 Content-Type: text/html | clean |
http://searchfilemb.com/?action=join&page=rules | 200 OK Content-Length: 41109 Content-Type: text/html | clean |
http://searchfilemb.com/?action=file&name=games%2Fclassic%2FAlien.Hallway.v1.12.full-THETA.zip | 200 OK Content-Length: 3447 Content-Type: text/html | clean |
http://searchfilemb.com/?action=download&name=games%2Fclassic%2FAlien.Hallway.v1.12.full-THETA.zip | HTTP/1.1 302 Found Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Connection: close Date: Wed, 17 Dec 2014 13:25:27 GMT Pragma: no-cache Location: /?action=join Server: nginx/1.2.3 Vary: Accept-Encoding Content-Length: 0 Content-Type: text/html Expires: Thu, 19 Nov 1981 08:52:00 GMT Set-Cookie: PHPSESSID=BbmOl-Tvvn7FEMJc6FFSX3; expires=Wed, 17-Dec-2014 19:25:27 GMT; path=/ Set-Cookie: cook=ok; expires=Fri, 16-Jan-2015 13:25:27 GMT; path=/ Set-Cookie: country=LT; expires=Fri, 16-Jan-2015 13:25:27 GMT; path=/ Set-Cookie: _uniq=1418822727; expires=Wed, 17-Dec-2014 23:25:27 GMT; path=/ Set-Cookie: _ft=1418833527; expires=Fri, 16-Jan-2015 13:25:27 GMT; path=/ X-Powered-By: PHP/5.4.6 | clean |
http://searchfilemb.com/?action=join | 200 OK Content-Length: 17123 Content-Type: text/html | clean |
http://searchfilemb.com/?action=file&name=music%2Frock%2Facdc_-_hells_bells.mp3.zip | 200 OK Content-Length: 3417 Content-Type: text/html | clean |
http://searchfilemb.com/?action=download&name=music%2Frock%2Facdc_-_hells_bells.mp3.zip | HTTP/1.1 302 Found Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Connection: close Date: Wed, 17 Dec 2014 13:25:28 GMT Pragma: no-cache Location: /?action=join Server: nginx/1.2.3 Vary: Accept-Encoding Content-Length: 0 Content-Type: text/html Expires: Thu, 19 Nov 1981 08:52:00 GMT Set-Cookie: PHPSESSID=hLdNaG9J2pjLljst2FthD2; expires=Wed, 17-Dec-2014 19:25:28 GMT; path=/ Set-Cookie: cook=ok; expires=Fri, 16-Jan-2015 13:25:28 GMT; path=/ Set-Cookie: country=LT; expires=Fri, 16-Jan-2015 13:25:28 GMT; path=/ Set-Cookie: _uniq=1418822728; expires=Wed, 17-Dec-2014 23:25:28 GMT; path=/ Set-Cookie: _ft=1418833528; expires=Fri, 16-Jan-2015 13:25:28 GMT; path=/ X-Powered-By: PHP/5.4.6 | clean |
http://searchfilemb.com/?action=file&name=music%2Frnb%2Fadina_howard_-_phone_sex_rnb.mp3.zip | 200 OK Content-Length: 3444 Content-Type: text/html | clean |
http://searchfilemb.com/?action=download&name=music%2Frnb%2Fadina_howard_-_phone_sex_rnb.mp3.zip | HTTP/1.1 302 Found Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Connection: close Date: Wed, 17 Dec 2014 13:25:29 GMT Pragma: no-cache Location: /?action=join Server: nginx/1.2.3 Vary: Accept-Encoding Content-Length: 0 Content-Type: text/html Expires: Thu, 19 Nov 1981 08:52:00 GMT Set-Cookie: PHPSESSID=wshDJ9TsoYRkr2iq2obRP0; expires=Wed, 17-Dec-2014 19:25:28 GMT; path=/ Set-Cookie: cook=ok; expires=Fri, 16-Jan-2015 13:25:28 GMT; path=/ Set-Cookie: country=LT; expires=Fri, 16-Jan-2015 13:25:28 GMT; path=/ Set-Cookie: _uniq=1418822728; expires=Wed, 17-Dec-2014 23:25:28 GMT; path=/ Set-Cookie: _ft=1418833528; expires=Fri, 16-Jan-2015 13:25:28 GMT; path=/ X-Powered-By: PHP/5.4.6 | clean |
http://searchfilemb.com/?action=file&name=games%2Fstrategy%2FAncientRomeRus.zip | 200 OK Content-Length: 3419 Content-Type: text/html | clean |
http://searchfilemb.com/?action=download&name=games%2Fstrategy%2FAncientRomeRus.zip | HTTP/1.1 302 Found Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Connection: close Date: Wed, 17 Dec 2014 13:25:29 GMT Pragma: no-cache Location: /?action=join Server: nginx/1.2.3 Vary: Accept-Encoding Content-Length: 0 Content-Type: text/html Expires: Thu, 19 Nov 1981 08:52:00 GMT Set-Cookie: PHPSESSID=GSYnCf5P%2COA5RUQyRx2Yv1; expires=Wed, 17-Dec-2014 19:25:29 GMT; path=/ Set-Cookie: cook=ok; expires=Fri, 16-Jan-2015 13:25:29 GMT; path=/ Set-Cookie: country=LT; expires=Fri, 16-Jan-2015 13:25:29 GMT; path=/ Set-Cookie: _uniq=1418822729; expires=Wed, 17-Dec-2014 23:25:29 GMT; path=/ Set-Cookie: _ft=1418833529; expires=Fri, 16-Jan-2015 13:25:29 GMT; path=/ X-Powered-By: PHP/5.4.6 | clean |
http://searchfilemb.com/?action=file&name=music%2Frnb%2Fdrago_-_rnb_all_eyes_on_me.mp3.zip | 200 OK Content-Length: 3439 Content-Type: text/html | clean |
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=searchfilemb.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://searchfilemb.com/
Result: searchfilemb.com is not infected or malware details are not published yet.
Result: searchfilemb.com is not infected or malware details are not published yet.