Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: usgmg.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Tue, 30 Sep 2014 20:25:40 GMT
Accept-Ranges: bytes
ETag: "d0cd4a-ad1-5044e19a8b400"
Server: Apache/2
Vary: Accept-Encoding,User-Agent
Content-Length: 2769
Content-Type: text/html
Last-Modified: Tue, 30 Sep 2014 20:19:28 GMT
...2769 bytes of data.
GET / HTTP/1.1
Host: usgmg.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Tue, 30 Sep 2014 20:25:40 GMT
Accept-Ranges: bytes
ETag: "d0cd4a-ad1-5044e19a8b400"
Server: Apache/2
Vary: Accept-Encoding,User-Agent
Content-Length: 2769
Content-Type: text/html
Last-Modified: Tue, 30 Sep 2014 20:19:28 GMT
...2769 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: usgmg.com
Referer: http://www.google.com/search?q=usgmg.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: usgmg.com
Referer: http://www.google.com/search?q=usgmg.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Scanned pages/files
| Request | Server response | Status |
http://usgmg.com/ | 200 OK Content-Length: 2769 Content-Type: text/html | clean |
http://usgmg.com/marketing_101.php | 200 OK Content-Length: 6456 Content-Type: text/html | clean |
http://detect.deviceatlas.com/redirect.js?d=http://www.usgmg.com&m=http://usgmg.gomobinow.mobi | HTTP/1.1 301 Moved Permanently Connection: close Date: Tue, 30 Sep 2014 20:25:42 GMT Location: http://detect-deviceatlas-com.appspot.com/redirect.js?d=http://www.usgmg.com&m=http://usgmg.gomobinow.mobi Server: nginx/1.4.4 Content-Length: 184 Content-Type: text/html | clean |
http://detect-deviceatlas-com.appspot.com/redirect.js?d=http://www.usgmg.com&m=http://usgmg.gomobinow.mobi | 200 OK Content-Length: 0 Content-Type: text/html | clean |
http://detect-deviceatlas-com.appspot.com/test404page.js | 404 Not Found Content-Length: 52 Content-Type: text/plain | clean |
http://usgmg.com/menubar/jquery.min.js | 200 OK Content-Length: 57254 Content-Type: application/javascript | clean |
http://usgmg.com/menubar/ddsmoothmenu.js | 200 OK Content-Length: 7626 Content-Type: application/javascript | clean |
http://usgmg.com/contact.php | 200 OK Content-Length: 12165 Content-Type: text/html | clean |
http://usgmg.com/index.php | 200 OK Content-Length: 7139 Content-Type: text/html | clean |
http://usgmg.com/ https://twitter.com/mossgroup | 404 Not Found Content-Length: 408 Content-Type: text/html | clean |
http://usgmg.com/services.php | 200 OK Content-Length: 9356 Content-Type: text/html | clean |
http://usgmg.com/marketing_tools.php | 200 OK Content-Length: 7152 Content-Type: text/html | clean |
http://usgmg.com/marketing_money.php | 200 OK Content-Length: 6494 Content-Type: text/html | clean |
http://usgmg.com/autmated_captue_system.php | 200 OK Content-Length: 6424 Content-Type: text/html | clean |
http://usgmg.com/about.php | 200 OK Content-Length: 9923 Content-Type: text/html | clean |
http://usgmg.com/testimonials.php | 200 OK Content-Length: 12519 Content-Type: text/html | clean |
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=usgmg.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://usgmg.com/
Result: usgmg.com is not infected or malware details are not published yet.
Result: usgmg.com is not infected or malware details are not published yet.