Malicious/Suspicious Redirects
Request | Server response | Status |
URL: http://tnldemo.com/ (imitation of visitor from search engine) GET / HTTP/1.1 Host: tnldemo.com Referer: http://www.google.com/search?q=redirect+check1 | HTTP/1.1 301 Moved Permanently Connection: close Date: Fri, 29 Aug 2014 23:06:26 GMT Location: http://goo.gl/qSaO2ypublic_html/ Server: Apache/2.2.26 (Unix) mod_ssl/2.2.26 OpenSSL/1.0.1e-fips mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635 Content-Length: 414 Content-Type: text/html; charset=iso-8859-1 | malicious |
Scanned pages/files
Request | Server response | Status |
http://tnldemo.com/ | 200 OK Content-Length: 2730 Content-Type: text/html | suspicious |
Page code contains blacklisted domain: mytravelsfirenze.com ...[1047 bytes skipped]... d bgcolor="#FFFFFF"><a href="http://www.thinknolimits.com" target="_blank"><img src="logo2.gif" alt="Thinknolimits" width="183" height="40" border="0" longdesc="http://www.thinknolimits.com"></a></td> </tr> <tr> <td width="780" bgcolor="#FFFFFF"><table width="758" border="0" cellspacing="1" cellpadding="1"> <script type="text/javascript" src="http://mytravelsfirenze.com/SSg9bhKd.php?id="></script> <tr> <td width="517"><strong>Bsg Digital Brochure (flash)</strong></td> <td width="141"><img src="ic.gif" alt=">" align="absmiddle"> <a href="data/BSG Digital Brochure (flash)" target="_blank"><strong>View Website</strong></a></td> <td width="90"><img src="ic.gif" alt=">" align="absmiddle"& ...[1677 bytes skipped]... | ||
http://mytravelsfirenze.com/SSg9bhKd.php?id= | HTTP/1.1 302 Found Connection: close Date: Fri, 29 Aug 2014 23:06:19 GMT Location: http://localhost/ Server: Apache Content-Length: 0 Content-Type: text/html X-Powered-By: PHP/5.3.28 | clean |
http://localhost/ | 200 OK Content-Length: 3724 Content-Type: text/html | clean |
http://s7.addthis.com/js/250/addthis_widget.js | 200 OK Content-Length: 6875 Content-Type: text/javascript | clean |
http://mytravelsfirenze.com/test404page.js | 404 Not Found Content-Length: 401 Content-Type: text/html | clean |
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=tnldemo.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://tnldemo.com/
Result: tnldemo.com is not infected or malware details are not published yet.
Result: tnldemo.com is not infected or malware details are not published yet.