Malicious/Suspicious Redirects
Request | Server response | Status |
URL: http://taxi9.com/ (imitation of visitor from search engine) GET / HTTP/1.1 Host: taxi9.com Referer: http://www.google.com/search?q=redirect+check1 | HTTP/1.1 302 Found Date: Thu, 03 Apr 2014 05:03:52 GMT Location: http://www.searchremagnified.com/?dn=taxi9.com&pid=9POMVZTAI Server: Apache/2.2.3 (Red Hat) Vary: Accept-Encoding,User-Agent Content-Length: 0 Content-Type: text/html; charset=UTF-8 Set-Cookie: gvc=905vr1440470325605677; expires=Tue, 02-Apr-2019 05:03:52 GMT; path=/; domain=taxi9.com; httponly X-Cnection: close X-Powered-By: PHP/5.3.21 | malicious |
URL: http://www.searchremagnified.com/?dn=taxi9.com&pid=9POMVZTAI (imitation of visitor from search engine) GET /?dn=taxi9.com&pid=9POMVZTAI HTTP/1.1 Host: www.searchremagnified.com Referer: http://www.google.com/search?q=redirect+check2 | HTTP/1.1 302 Found Date: Thu, 03 Apr 2014 05:03:53 GMT Location: http://freeresultsguide.com/?dn=taxi9.com&pid=9POMVZTAI Server: Apache/2.2.3 (CentOS) Vary: Accept-Encoding Content-Length: 333 Content-Type: text/html; charset=iso-8859-1 X-Cnection: close | suspicious |
Scanned pages/files
Request | Server response | Status |
http://taxi9.com/content/ | HTTP/1.1 302 Found Date: Thu, 03 Apr 2014 05:03:52 GMT Location: http://www.searchremagnified.com/?dn=taxi9.com&pid=9POMVZTAI Server: Apache/2.2.3 (Red Hat) Vary: Accept-Encoding,User-Agent Content-Length: 0 Content-Type: text/html; charset=UTF-8 Set-Cookie: gvc=908vr1440470327232570; expires=Tue, 02-Apr-2019 05:03:52 GMT; path=/; domain=taxi9.com; httponly X-Cnection: close X-Powered-By: PHP/5.3.21 | clean |
http://www.searchremagnified.com/?dn=taxi9.com&pid=9pomvztai | HTTP/1.1 302 Found Date: Thu, 03 Apr 2014 05:03:53 GMT Location: http://freeresultsguide.com/?dn=taxi9.com&pid=9pomvztai Server: Apache/2.2.3 (Red Hat) Vary: Accept-Encoding Content-Length: 334 Content-Type: text/html; charset=iso-8859-1 X-Cnection: close | clean |
http://freeresultsguide.com/?dn=taxi9.com&pid=9pomvztai | 200 OK Content-Length: 2455 Content-Type: text/html | clean |
http://freeresultsguide.com/?dn=taxi9.com&fp=5695uucsawnM%2FTNFp6XZpwSdkqnG%2BH%2FyZEXQU%2Fy6pomFtEGZ1QV0X7XKJbdF6ikVa9ka0vhkr8XKCALTPiZxtg%3D%3D&prvtof=JgiMkKhgK9fFL5sMXgsQsfVsQTXV%2F7aaUNv%2B0SF6JCc%3D&poru=K76U1mLAuegPA6X29jt%2BlKCbHjhvJr90wq0vUW%2BfoFr%2FdvzRSoQKxagxtsSewsZ1YlMWQZ0GSxS39QAmG2IvPpkCFASz0HFEr85lUNBFxog%3D& | 200 OK Content-Length: 272 Content-Type: text/html | clean |
http://freeresultsguide.com/test404page.js | HTTP/1.1 302 Found Date: Thu, 03 Apr 2014 05:03:54 GMT Location: http://pagesinxt.com/?dn=freeresultsguide.com&flrdr=yes&nxte=js Server: Apache/2.2.3 (Red Hat) Vary: Accept-Encoding,User-Agent Content-Length: 0 Content-Type: text/html; charset=UTF-8 X-Cnection: close X-Powered-By: PHP/5.3.21 | clean |
http://pagesinxt.com/?dn=freeresultsguide.com&flrdr=yes&nxte=js | HTTP/1.1 302 Found Date: Thu, 03 Apr 2014 05:03:54 GMT Location: http://mypageresults.com/?dn=freeresultsguide.com&flrdr=yes&nxte=js Server: Apache/2.2.3 (Red Hat) Vary: Accept-Encoding Content-Length: 338 Content-Type: text/html; charset=iso-8859-1 X-Cnection: close | clean |
http://mypageresults.com/?dn=freeresultsguide.com&flrdr=yes&nxte=js | 200 OK Content-Length: 2545 Content-Type: text/html | clean |
http://mypageresults.com/?dn=freeresultsguide.com&fp=iNE%2BQuh%2BBbX1regQV%2FsfgaClmocM5akekdxI6lgSeJqAp7%2BsgSvl7s0scmTkUCqxktmmOA1TfkBw1kbcG69AsQ%3D%3D&prvtof=cSmnddBbZZMk85Jk%2BMaKD6eYcjk8SI5gGrdQkKlFok0%3D&poru=yHcwSz59Rqad%2BORPzN4K%2BlQA8mCLeQNrp3x2jgACeQRJXT%2BYYw2vpOWdREE3oepr98xxA7WuNK8W7mRiiLq8fGNL6nAK%2BSe%2Bupxaon12%2Fb8%3D&flrdr=yes&nxte=js | 200 OK Content-Length: 271 Content-Type: text/html | clean |
http://mypageresults.com/test404page.js | HTTP/1.1 302 Found Date: Thu, 03 Apr 2014 05:03:55 GMT Location: http://pagesinxt.com/?dn=mypageresults.com&flrdr=yes&nxte=js Server: Apache/2.2.3 (Red Hat) Vary: Accept-Encoding,User-Agent Content-Length: 0 Content-Type: text/html; charset=UTF-8 X-Cnection: close X-Powered-By: PHP/5.3.21 | clean |
http://pagesinxt.com/?dn=mypageresults.com&flrdr=yes&nxte=js | HTTP/1.1 302 Found Date: Thu, 03 Apr 2014 05:03:56 GMT Location: http://mypageresults.com/?dn=mypageresults.com&flrdr=yes&nxte=js Server: Apache/2.2.3 (CentOS) Vary: Accept-Encoding Content-Length: 334 Content-Type: text/html; charset=iso-8859-1 X-Cnection: close | clean |
http://mypageresults.com/?dn=mypageresults.com&flrdr=yes&nxte=js | 200 OK Content-Length: 2515 Content-Type: text/html | clean |
http://mypageresults.com/?dn=mypageresults.com&fp=OiaK7dkuoawTTz8e6qQTQmvd5hp8hXR0wQn3wYO%2BqK443ZtQNkbBPQB%2Bnmw8Ij4owzuSLSEDkoeQLqzEOZVzjA%3D%3D&prvtof=dVu3rGCnfudKJyxFm0wKWH8ZMT5tJfG%2Bhi0GOw7jaPA%3D&poru=j%2Br2WKl8fBPOyBAnYfsfyEeXYlpHIXnIYDpX%2FhG0QBR2vJecu1TurX8gbm09P0MUjqFBj7uVlDsPHK%2FYoxLZWtB0aKBksTNQptBrW9Rug1U%3D&flrdr=yes&nxte=js | 200 OK Content-Length: 272 Content-Type: text/html | clean |
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=taxi9.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://taxi9.com/
Result: taxi9.com is not infected or malware details are not published yet.
Result: taxi9.com is not infected or malware details are not published yet.