Scanned pages/files
Request | Server response | Status |
http://verotikehd.com/ | HTTP/1.1 301 Moved Permanently Connection: close Date: Thu, 24 Apr 2014 00:17:33 GMT Location: http://www.verotikehd.com/ Server: ghs Content-Length: 223 Content-Type: text/html; charset=UTF-8 Alternate-Protocol: 80:quic X-Frame-Options: SAMEORIGIN X-XSS-Protection: 1; mode=block | clean |
http://www.verotikehd.com/ | 200 OK Content-Length: 160322 Content-Type: text/html | clean |
https://apis.google.com/js/plusone.js | 200 OK Content-Length: 11659 Content-Type: application/javascript | clean |
http://cloakac.com/d9w/1cb/85bbc684dc/86/8 | 200 OK Content-Length: 8241 Content-Type: application/x-javascript | suspicious |
Hidden iFrame found. size: 0x0 style: hidden src: http://stats.checkru.net/l.php <iframe scrolling="no" frameborder="0" marginheight="0" marginwidth="0" style="padding:0;margin:0;border:0px; display: none;width: 0px; height: 0px;" allowtransparency="true" vspace="0" hspace="0" src="http://stats.checkru.net/l.php"> | ||
http://devkiforyou.org/b?size=4&arr=177880756&catgry=1&id=2011133631&t=_blank | 200 OK Content-Length: 272 Content-Type: text/html | clean |
http://devkiforyou.org/test404page.js | HTTP/1.1 302 Found Date: Thu, 24 Apr 2014 00:17:37 GMT Location: http://pagesinxt.com/?dn=devkiforyou.org&flrdr=yes&nxte=js Server: Apache Vary: Accept-Encoding,User-Agent Content-Length: 0 Content-Type: text/html; charset=UTF-8 X-Cnection: close | clean |
http://pagesinxt.com/?dn=devkiforyou.org&flrdr=yes&nxte=js | HTTP/1.1 302 Found Date: Thu, 24 Apr 2014 00:17:37 GMT Location: http://mypageresults.com/?dn=devkiforyou.org&flrdr=yes&nxte=js Server: Apache Vary: Accept-Encoding Content-Length: 254 Content-Type: text/html; charset=iso-8859-1 X-Cnection: close | clean |
http://mypageresults.com/?dn=devkiforyou.org&flrdr=yes&nxte=js | 200 OK Content-Length: 2505 Content-Type: text/html | clean |
http://mypageresults.com/?dn=devkiforyou.org&fp=gW7cPPE6ubyoXVa2ulAvsNSsDNfKdDtgbSNhLHNzeYNqKJgElwvVH9O75AIhHi6Ad6x%2F7MkcLZNPGWL60qwkXw%3D%3D&prvtof=N8ikSOhxND4ORloVd8pKNyGacGHultm150x9CREpDzY%3D&poru=TRN%2BoeoY36R2P4W%2F0KKT7hNbEyozr7gRhIRw%2BVnFygSd3VcIZR3rHHxxQIjaCiCKj9H7mgzKxNlvFIZ%2BHhKdIu8quz%2BE5uLBi%2BAxAASh1zw%3D&flrdr=yes&nxte=js | 200 OK Content-Length: 272 Content-Type: text/html | clean |
http://mypageresults.com/test404page.js | HTTP/1.1 302 Found Date: Thu, 24 Apr 2014 00:17:39 GMT Location: http://pagesinxt.com/?dn=mypageresults.com&flrdr=yes&nxte=js Server: Apache Vary: Accept-Encoding,User-Agent Content-Length: 0 Content-Type: text/html; charset=UTF-8 X-Cnection: close | clean |
http://pagesinxt.com/?dn=mypageresults.com&flrdr=yes&nxte=js | HTTP/1.1 302 Found Date: Thu, 24 Apr 2014 00:17:39 GMT Location: http://mypageresults.com/?dn=mypageresults.com&flrdr=yes&nxte=js Server: Apache Vary: Accept-Encoding Content-Length: 256 Content-Type: text/html; charset=iso-8859-1 X-Cnection: close | clean |
http://mypageresults.com/?dn=mypageresults.com&flrdr=yes&nxte=js | 200 OK Content-Length: 2517 Content-Type: text/html | clean |
http://mypageresults.com/?dn=mypageresults.com&fp=B4JulyCCnElHBlUB61%2BmbNO4E4u4PNRRsYuXflDyj7T4ReIvSE7UUGNo%2BK7ExqrpXL%2BSItBRIRhmNmSvbxBJow%3D%3D&prvtof=LGu%2F1ZK52lkOFhhxy2t2mibyIRX%2FYezaR1Ufb0UCODk%3D&poru=RprGX2jw4ozIrWloox09VjR2B2soFNC9mDPUA5ITI5luvUAoyLzfFT3o%2BnpYrqKJyadf3rvPhBNPXU54KTLYeTQOWBlMqF5mi0r244xMVw8%3D&flrdr=yes&nxte=js | 200 OK Content-Length: 271 Content-Type: text/html | clean |
http://userapi.com/js/api/openapi.js?49 | 200 OK Content-Length: 63942 Content-Type: application/x-javascript | clean |
http://blogergadgets.googlecode.com/files/blogger-page-navi.v1.js | 404 Not Found Content-Length: 1454 Content-Type: text/html | clean |
http://blogergadgets.googlecode.com//www.google.com/ | 404 Not Found Content-Length: 1425 Content-Type: text/html | clean |
http://dl.dropbox.com/u/48089857/pagenav.js | HTTP/1.1 302 FOUND Cache-Control: no-cache Connection: close Date: Thu, 24 Apr 2014 00:17:41 GMT Pragma: no-cache Location: http://dl.dropboxusercontent.com/u/48089857/pagenav.js Server: nginx Content-Type: text/html; charset=utf-8 X-RequestId: 83c4281fbd1b4a780a14726e78fdcd8b | clean |
http://dl.dropboxusercontent.com/u/48089857/pagenav.js | 460 Restricted Content-Length: 513 Content-Type: text/html | clean |
https://ajax.googleapis.com/ajax/libs/jquery/1.5.1/jquery.min.js | 200 OK Content-Length: 85260 Content-Type: text/javascript | clean |
https://www.blogger.com/static/v1/widgets/2520687781-widgets.js | 200 OK Content-Length: 89785 Content-Type: text/javascript | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: verotikehd.com
Result:
HTTP/1.1 301 Moved Permanently
Connection: close
Date: Thu, 24 Apr 2014 00:17:33 GMT
Location: http://www.verotikehd.com/
Server: ghs
Content-Length: 223
Content-Type: text/html; charset=UTF-8
Alternate-Protocol: 80:quic
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
...223 bytes of data.
GET / HTTP/1.1
Host: verotikehd.com
Result:
HTTP/1.1 301 Moved Permanently
Connection: close
Date: Thu, 24 Apr 2014 00:17:33 GMT
Location: http://www.verotikehd.com/
Server: ghs
Content-Length: 223
Content-Type: text/html; charset=UTF-8
Alternate-Protocol: 80:quic
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
...223 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: verotikehd.com
Referer: http://www.google.com/search?q=verotikehd.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: verotikehd.com
Referer: http://www.google.com/search?q=verotikehd.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=verotikehd.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://verotikehd.com/
Result: verotikehd.com is not infected or malware details are not published yet.
Result: verotikehd.com is not infected or malware details are not published yet.