Malicious/Suspicious Redirects
Request | Server response | Status |
URL: http://tukaev.com/ (imitation of visitor from search engine) GET / HTTP/1.1 Host: tukaev.com Referer: http://www.google.com/search?q=redirect+check1 | HTTP/1.1 302 Found Cache-Control: no-cache, no-store, must-revalidate, max-age=0 Connection: close Date: Wed, 03 Sep 2014 09:46:13 GMT Location: http://bitly.com/STTMlN Server: LiteSpeed Content-Length: 1148 Content-Type: text/html | malicious |
URL: http://bitly.com/STTMlN (imitation of visitor from search engine) GET /STTMlN HTTP/1.1 Host: bitly.com Referer: http://www.google.com/search?q=redirect+check2 | HTTP/1.1 301 Moved Permanently Cache-Control: private; max-age=90 Connection: close Date: Wed, 03 Sep 2014 09:46:13 GMT Location: http://goo.gl/0rXySb Server: nginx Content-Length: 112 Content-Type: text/html; charset=utf-8 Mime-Version: 1.0 Set-Cookie: _bit=5406e365-00176-020ba-401cf10a;domain=.bitly.com;expires=Mon Mar 2 09:46:13 2015;path=/; HttpOnly | malicious |
URL: http://goo.gl/0rXySb (imitation of visitor from search engine) GET /0rXySb HTTP/1.1 Host: goo.gl Referer: http://www.google.com/search?q=redirect+check3 | HTTP/1.1 301 Moved Permanently Cache-Control: no-cache, no-store, max-age=0, must-revalidate Connection: close Date: Wed, 03 Sep 2014 09:46:13 GMT Pragma: no-cache Location: http://sh.oowoo.ru/redsh.php Server: GSE Content-Type: text/html; charset=UTF-8 Expires: Fri, 01 Jan 1990 00:00:00 GMT Alternate-Protocol: 80:quic X-Content-Type-Options: nosniff X-Frame-Options: SAMEORIGIN X-XSS-Protection: 1; mode=block | malicious |
URL: http://sh.oowoo.ru/redsh.php (imitation of visitor from search engine) GET /redsh.php HTTP/1.1 Host: sh.oowoo.ru Referer: http://www.google.com/search?q=redirect+check4 | HTTP/1.1 302 Found Connection: close Date: Wed, 03 Sep 2014 09:45:01 GMT Location: http://hotzone2nn.com/sexgospital/?sid=269188418 Server: nginx/1.0.15 Content-Length: 0 Content-Type: text/html; charset=CP1251 X-Powered-By: PHP/5.2.17 | suspicious |
URL: http://hotzone2nn.com/sexgospital/?sid=269188418 (imitation of visitor from search engine) GET /sexgospital/?sid=269188418 HTTP/1.1 Host: hotzone2nn.com Referer: http://www.google.com/search?q=redirect+check5 | HTTP/1.1 302 Found Cache-Control: max-age=259200 Connection: close Date: Wed, 03 Sep 2014 09:46:13 GMT Pragma: no-cache Location: http://hotzonepqnn.info/sexgospital?sid=269188418 Server: nginx/1.0.14 Content-Length: 0 Content-Type: text/html; charset=utf-8 Expires: Sat, 06 Sep 2014 09:46:13 GMT Set-Cookie: PHPSESSID=9v9msjk887r5bvtcp6mmkbtvo4; path=/ X-Powered-By: PHP/5.3.10 | suspicious |
Scanned pages/files
Request | Server response | Status |
http://tukaev.com/ | 200 OK Content-Length: 4336 Content-Type: text/html | clean |
http://tukaev.com/js/jquery-1.4.1.min.js | 200 OK Content-Length: 70995 Content-Type: application/x-javascript | clean |
http://tukaev.com/js/custom.js | 200 OK Content-Length: 1286 Content-Type: application/x-javascript | clean |
http://tukaev.com/index.html | 200 OK Content-Length: 4336 Content-Type: text/html | clean |
http://tukaev.com/contact.html | 200 OK Content-Length: 5733 Content-Type: text/html | clean |
http://tukaev.com/foto.html | 200 OK Content-Length: 4336 Content-Type: text/html | clean |
http://tukaev.com/foto_wedding.html | 200 OK Content-Length: 5599 Content-Type: text/html | clean |
http://tukaev.com/foto_wedding_7_1.html | 200 OK Content-Length: 9086 Content-Type: text/html | clean |
http://tukaev.com/fancybox/jquery.mousewheel-3.0.2.pack.js | 200 OK Content-Length: 1157 Content-Type: application/x-javascript | clean |
http://tukaev.com/fancybox/jquery.fancybox-1.3.0.pack.js | 200 OK Content-Length: 15069 Content-Type: application/x-javascript | clean |
http://tukaev.com/js/custom_dark.js | 200 OK Content-Length: 1286 Content-Type: application/x-javascript | clean |
http://tukaev.com/foto/wedding/07/001.jpg | 200 OK Content-Length: 263637 Content-Type: image/jpeg | clean |
http://tukaev.com/test404page.js | HTTP/1.1 302 Found Cache-Control: no-cache, no-store, must-revalidate, max-age=0 Connection: close Date: Wed, 03 Sep 2014 09:46:16 GMT Location: http://bitly.com/STTMlN Server: LiteSpeed Content-Length: 1148 Content-Type: text/html | clean |
http://bitly.com/sttmln | HTTP/1.1 301 Moved Permanently Cache-Control: private; max-age=90 Connection: close Date: Wed, 03 Sep 2014 09:46:16 GMT Location: http://www.22b.net/ Server: nginx Content-Length: 111 Content-Type: text/html; charset=utf-8 Mime-Version: 1.0 Set-Cookie: _bit=5406e368-0028a-01943-cb1cf10a;domain=.bitly.com;expires=Mon Mar 2 09:46:16 2015;path=/; HttpOnly | clean |
http://www.22b.net/ | HTTP/1.1 301 Moved Permanently Cache-Control: max-age=900 Connection: close Date: Wed, 03 Sep 2014 09:46:16 GMT Age: 1 Location: http://august13.com Server: Microsoft-IIS/7.5 Content-Length: 0 Content-Type: text/html X-AspNet-Version: 4.0.30319 X-Powered-By: ASP.NET | clean |
http://august13.com/ | HTTP/1.1 301 Moved Permanently Cache-Control: max-age=900 Connection: close Date: Wed, 03 Sep 2014 09:46:17 GMT Age: 0 Location: http://www.june26.com Server: Microsoft-IIS/7.5 Content-Length: 0 Content-Type: text/html X-AspNet-Version: 4.0.30319 X-Powered-By: ASP.NET | clean |
http://www.june26.com/ | HTTP/1.1 301 Moved Permanently Date: Wed, 03 Sep 2014 09:46:18 GMT Location: http://june26.com/ Server: Microsoft-IIS/8.0 Content-Length: 141 Content-Type: text/html; charset=UTF-8 X-Powered-By: ASP.NET X-Powered-By-Plesk: PleskWin | clean |
http://june26.com/ | 200 OK Content-Length: 40277 Content-Type: text/html | clean |
https://apis.google.com/js/plusone.js | 200 OK Content-Length: 12388 Content-Type: application/javascript | clean |
http://pagead2.googlesyndication.com/pagead/show_ads.js | 200 OK Content-Length: 21259 Content-Type: text/javascript | clean |
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=tukaev.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://tukaev.com/
Result: tukaev.com is not infected or malware details are not published yet.
Result: tukaev.com is not infected or malware details are not published yet.