Malicious/Suspicious Redirects
| Request | Server response | Status |
URL: http://www.tcs-zen.com/ (imitation of visitor from search engine) GET / HTTP/1.1 Host: www.tcs-zen.com Referer: http://www.google.com/search?q=redirect+check1 | HTTP/1.1 302 Found Connection: close Date: Mon, 14 Dec 2015 23:23:36 GMT Location: http://clcktrck.net/path/lp.php?trvid=10015&trvx=683ab9f0&search=www.tcs-zen.com&smid=Ycn2fOABR0c2hlYu36sxMXv3n&dom=tcs-zen.com Server: cloudflare-nginx Content-Type: text/html;charset=UTF-8 CF-RAY: 254da84d7e202af1-WAW Set-Cookie: __cfduid=d4ccec7e003b8b5ce7d4a3dafff8d45571450135415; expires=Tue, 13-Dec-16 23:23:35 GMT; path=/; domain=.tcs-zen.com; HttpOnly | malicious |
URL: http://clcktrck.net/path/302.php?d=aHR0cDovL2h1bmdyeWltLmJsdWVwcmludDEuY3BhLmNsaWNrc3VyZS5jb20/bHA9MjgmczE9MXU1NDMxMDAzaXFv_0 (imitation of visitor from search engine) GET /path/302.php?d=aHR0cDovL2h1bmdyeWltLmJsdWVwcmludDEuY3BhLmNsaWNrc3VyZS5jb20/bHA9MjgmczE9MXU1NDMxMDAzaXFv_0 HTTP/1.1 Host: clcktrck.net Referer: http://www.google.com/search?q=redirect+check2 | HTTP/1.1 302 Found Cache-Control: max-age=0 Connection: close Date: Mon, 14 Dec 2015 23:23:35 GMT Location: http://hungryim.blueprint1.cpa.clicksure.com?lp=28&s1=1u5431003iqo Server: Apache Content-Length: 0 Content-Type: text/html; charset=utf-8 Expires: Mon, 14 Dec 2015 23:23:35 GMT X-Powered-By: PHP/5.4.16 X-UA-Compatible: IE=Edge,chrome=1 | suspicious |
URL: http://hungryim.blueprint1.cpa.clicksure.com?lp=28&s1=1u5431003iqo (imitation of visitor from search engine) GET / HTTP/1.1 Host: hungryim.blueprint1.cpa.clicksure.com?lp=28&s1=1u5431003iqo Referer: http://www.google.com/search?q=redirect+check3 | HTTP/1.1 302 Found Cache-Control: no-cache Connection: close Date: Mon, 14 Dec 2015 23:23:37 GMT Via: WebCelerate Accept-Ranges: bytes Age: 0 Location: http://www.millionairesblueprint.co/promo-offer/?c=IL&aff_id=4926&clickID=3072363450&aff=&s1=1u5431003iqo&s2=&s3=&campaignid=32133 Server: nginx/1.6.2 Content-Length: 4596 Content-Type: text/html; charset=UTF-8 P3P: policyref="http://cpa.clicksure.com/w3c/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OUR SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Set-Cookie: laravel_session=d1265d10f96b5271db3cdb52a29ea0b0626b82ad; expires=Tue, 15-Dec-2015 01:23:37 GMT; Max-Age=7200; path=/; domain=cpa.clicksure.com; httponly Set-Cookie: campaign_lp_aff_7999943=b3d03f48f619a3fa310343302d7d3f73bec44129%2B2015-12-15; expires=Tue, 15-Dec-2015 23:23:37 GMT; Max-Age=86400; path=/; domain=cpa.clicksure.com; httponly Set-Cookie: campaign_216183=2121cfc38c34ac860bd84646927780b51c0b132e%2B%7B%22click%22%3A3072363450%2C%22tracked%22%3A%5B%5D%2C%22tracked_time%22%3A1450135417%7D; expires=Wed, 13-Jan-2016 23:23:37 GMT; Max-Age=2592000; path=/; domain=cpa.clicksure.com; httponly X-Cache: MISS X-Cacheable: NO:Not Cacheable X-Powered-By: PHP/5.5.21 | suspicious |
Scanned pages/files
| Request | Server response | Status |
http://www.tcs-zen.com/ | 404 Not Found Content-Length: 155 Content-Type: text/html | clean |
http://www.tcs-zen.com/test404page.js | 404 Not Found Content-Length: 155 Content-Type: text/html | clean |
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=tcs-zen.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://tcs-zen.com/
Result: tcs-zen.com is not infected or malware details are not published yet.
Result: tcs-zen.com is not infected or malware details are not published yet.