Malicious/Suspicious Redirects
Request | Server response | Status |
URL: http://www.uralweldexpo.ru/ (imitation of visitor from search engine) GET / HTTP/1.1 Host: www.uralweldexpo.ru Referer: http://www.google.com/search?q=redirect+check1 | HTTP/1.1 302 Found Connection: close Date: Thu, 04 Dec 2014 02:53:04 GMT Location: http://bitly.com/STTMlN Server: Apache/2.2.8 (ASPLinux) Content-Length: 289 Content-Type: text/html; charset=iso-8859-1 | malicious |
URL: http://bitly.com/STTMlN (imitation of visitor from search engine) GET /STTMlN HTTP/1.1 Host: bitly.com Referer: http://www.google.com/search?q=redirect+check2 | HTTP/1.1 301 Moved Permanently Cache-Control: private; max-age=90 Connection: close Date: Thu, 04 Dec 2014 02:53:04 GMT Location: http://goo.gl/0rXySb Server: nginx Content-Length: 112 Content-Type: text/html; charset=utf-8 Mime-Version: 1.0 Set-Cookie: _bit=547fcc90-00375-05347-251cf10a;domain=.bitly.com;expires=Tue Jun 2 02:53:04 2015;path=/; HttpOnly | malicious |
URL: http://goo.gl/0rXySb (imitation of visitor from search engine) GET /0rXySb HTTP/1.1 Host: goo.gl Referer: http://www.google.com/search?q=redirect+check3 | HTTP/1.1 301 Moved Permanently Cache-Control: no-cache, no-store, max-age=0, must-revalidate Connection: close Date: Thu, 04 Dec 2014 02:50:59 GMT Pragma: no-cache Age: 126 Location: http://sh.oowoo.ru/redsh.php Server: GSE Content-Type: text/html; charset=UTF-8 Expires: Mon, 01 Jan 1990 00:00:00 GMT Alternate-Protocol: 80:quic,p=0.002 X-Content-Type-Options: nosniff X-Frame-Options: SAMEORIGIN X-XSS-Protection: 1; mode=block | malicious |
URL: http://sh.oowoo.ru/redsh.php (imitation of visitor from search engine) GET /redsh.php HTTP/1.1 Host: sh.oowoo.ru Referer: http://www.google.com/search?q=redirect+check4 | HTTP/1.1 302 Found Connection: close Date: Thu, 04 Dec 2014 02:50:20 GMT Location: http://xseox.ru/down/shml Server: nginx/1.6.2 Content-Length: 0 Content-Type: text/html X-Powered-By: PHP/5.3.3 | suspicious |
URL: http://xseox.ru/down/shml (imitation of visitor from search engine) GET /down/shml HTTP/1.1 Host: xseox.ru Referer: http://www.google.com/search?q=redirect+check5 | HTTP/1.1 302 Moved Temporarily Cache-Control: max-age=0 Connection: close Date: Thu, 04 Dec 2014 02:50:20 GMT Pragma: no-cache Location: http://videorush.net/watch/121060/ Server: nginx/1.6.2 Content-Length: 0 Content-Type: text/html; charset=utf-8 Expires: Thu, 21 Jul 1977 07:30:00 GMT Last-Modified: Thu, 04 Dec 2014 02:50:20 GMT X-Powered-By: PHP/5.3.3 | suspicious |
Scanned pages/files
Request | Server response | Status |
http://www.uralweldexpo.ru/ | 200 OK Content-Length: 18 Content-Type: text/html | clean |
http://www.uralweldexpo.ru/test404page.js | 200 OK Content-Length: 0 Content-Type: text/html | clean |
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=uralweldexpo.ru
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://uralweldexpo.ru/
Result: uralweldexpo.ru is not infected or malware details are not published yet.
Result: uralweldexpo.ru is not infected or malware details are not published yet.