Malicious/Suspicious Redirects
| Request | Server response | Status |
URL: http://spiritslife.ru/ (imitation of visitor from search engine) GET / HTTP/1.1 Host: spiritslife.ru Referer: http://www.google.com/search?q=redirect+check1 | HTTP/1.1 302 Found Connection: close Date: Fri, 11 Jul 2014 12:12:16 GMT Location: http://goo.gl/0rXySb Server: nginx Content-Length: 284 Content-Type: text/html; charset=iso-8859-1 | malicious |
URL: http://goo.gl/0rXySb (imitation of visitor from search engine) GET /0rXySb HTTP/1.1 Host: goo.gl Referer: http://www.google.com/search?q=redirect+check2 | HTTP/1.1 301 Moved Permanently Cache-Control: no-cache, no-store, max-age=0, must-revalidate Connection: close Date: Fri, 11 Jul 2014 12:12:11 GMT Pragma: no-cache Location: http://sh.oowoo.ru/redsh.php Server: GSE Content-Type: text/html; charset=UTF-8 Expires: Fri, 01 Jan 1990 00:00:00 GMT Alternate-Protocol: 80:quic X-Content-Type-Options: nosniff X-Frame-Options: SAMEORIGIN X-XSS-Protection: 1; mode=block | malicious |
URL: http://sh.oowoo.ru/redsh.php (imitation of visitor from search engine) GET /redsh.php HTTP/1.1 Host: sh.oowoo.ru Referer: http://www.google.com/search?q=redirect+check3 | HTTP/1.1 302 Found Connection: close Date: Fri, 11 Jul 2014 12:11:59 GMT Location: http://bitly.com/1kNQqvM Server: nginx/1.0.15 Content-Length: 0 Content-Type: text/html; charset=CP1251 X-Powered-By: PHP/5.2.17 | malicious |
URL: http://bitly.com/1kNQqvM (imitation of visitor from search engine) GET /1kNQqvM HTTP/1.1 Host: bitly.com Referer: http://www.google.com/search?q=redirect+check4 | HTTP/1.1 301 Moved Permanently Cache-Control: private; max-age=90 Connection: close Date: Fri, 11 Jul 2014 12:12:12 GMT Location: http://bongacams.com/track?c=18000 Server: nginx Content-Length: 126 Content-Type: text/html; charset=utf-8 Mime-Version: 1.0 Set-Cookie: _bit=53bfd49c-00026-05d94-2a1cf10a;domain=.bitly.com;expires=Wed Jan 7 12:12:12 2015;path=/; HttpOnly | suspicious |
URL: http://bongacams.com/track?c=18000 (imitation of visitor from search engine) GET /track?c=18000 HTTP/1.1 Host: bongacams.com Referer: http://www.google.com/search?q=redirect+check5 | HTTP/1.1 302 Found Cache-Control: no-cache Connection: close Date: Fri, 11 Jul 2014 12:12:10 GMT Location: http://bongacash.com/tools/hit.php?c=18000 Server: nginx/1.6.0 Content-Length: 226 Content-Type: text/html; charset=iso-8859-1 Expires: Fri, 11 Jul 2014 12:12:09 GMT | suspicious |
URL: http://bongacash.com/tools/hit.php?c=18000 (imitation of visitor from search engine) GET /tools/hit.php?c=18000 HTTP/1.1 Host: bongacash.com Referer: http://www.google.com/search?q=redirect+check6 | HTTP/1.1 302 Found Cache-Control: no-cache Connection: close Date: Fri, 11 Jul 2014 12:12:12 GMT Location: http://bongacams.com?bcs=bGVnb2Y5ODA2ZTBlMDY3MzQ3YTA4ZjkwNzMyMjAyNmFkMDlkOjoxNzQxNTQ6Omh0dHA6Ly93d3cuZ29vZ2xlLmNvbS91cmw6Ojo6OjoxODAwMA~~ Server: nginx/1.4.1 Content-Length: 0 Content-Type: text/html Expires: Fri, 11 Jul 2014 12:12:11 GMT Set-Cookie: BCH_H=f9806e0e067347a08f907322026ad09d; expires=Sat, 28-Jun-2064 12:12:12 GMT; path=/; domain=.bongacash.com X-Powered-By: PHP/5.4.28 | suspicious |
Scanned pages/files
| Request | Server response | Status |
http://spiritslife.ru/ | 500 timeout Content-Length: 30 Content-Type: text/plain | clean |
http://spiritslife.ru/test404page.js | 404 Not Found Content-Length: 5 Content-Type: text/html | clean |
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=spiritslife.ru
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://spiritslife.ru/
Result: spiritslife.ru is not infected or malware details are not published yet.
Result: spiritslife.ru is not infected or malware details are not published yet.