Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: africala.org
Result:
HTTP/1.1 200 OK
Connection: close
Date: Mon, 29 Dec 2014 06:55:17 GMT
Accept-Ranges: bytes
ETag: "1e201a5-75e-4c07e293b3140"
Server: Apache/2.2.26 (Unix) mod_ssl/2.2.26 OpenSSL/1.0.1e-fips mod_bwlimited/1.4
Content-Length: 1886
Content-Type: text/html
Last-Modified: Sun, 20 May 2012 21:06:37 GMT
...1886 bytes of data.
GET / HTTP/1.1
Host: africala.org
Result:
HTTP/1.1 200 OK
Connection: close
Date: Mon, 29 Dec 2014 06:55:17 GMT
Accept-Ranges: bytes
ETag: "1e201a5-75e-4c07e293b3140"
Server: Apache/2.2.26 (Unix) mod_ssl/2.2.26 OpenSSL/1.0.1e-fips mod_bwlimited/1.4
Content-Length: 1886
Content-Type: text/html
Last-Modified: Sun, 20 May 2012 21:06:37 GMT
...1886 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: africala.org
Referer: http://www.google.com/search?q=africala.org
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: africala.org
Referer: http://www.google.com/search?q=africala.org
Result:
The result is similar to the first query. There are no suspicious redirects found.
Scanned pages/files
Request | Server response | Status |
http://africala.org/ | HTTP/1.1 200 OK Connection: close Date: Mon, 29 Dec 2014 06:55:17 GMT Accept-Ranges: bytes ETag: "1e201a5-75e-4c07e293b3140" Server: Apache/2.2.26 (Unix) mod_ssl/2.2.26 OpenSSL/1.0.1e-fips mod_bwlimited/1.4 Content-Length: 1886 Content-Type: text/html Last-Modified: Sun, 20 May 2012 21:06:37 GMT | clean |
http://www.africala.org/web | HTTP/1.1 301 Moved Permanently Connection: close Date: Mon, 29 Dec 2014 06:55:18 GMT Location: http://www.africala.org/web/ Server: Apache/2.2.26 (Unix) mod_ssl/2.2.26 OpenSSL/1.0.1e-fips mod_bwlimited/1.4 Content-Length: 369 Content-Type: text/html; charset=iso-8859-1 | clean |
http://www.africala.org/web/ | HTTP/1.1 302 Moved Temporarily Connection: close Date: Mon, 29 Dec 2014 06:55:19 GMT Location: /web/templates/index.php?page=17 Server: Apache/2.2.26 (Unix) mod_ssl/2.2.26 OpenSSL/1.0.1e-fips mod_bwlimited/1.4 Content-Length: 0 Content-Type: text/html X-Powered-By: PHP/5.3.28 | clean |
http://www.africala.org/web/templates/index.php?page=17 | 200 OK Content-Length: 16021 Content-Type: text/html | clean |
http://www.africala.org/src/feedback/feedback.js | HTTP/1.1 404 Not Found Connection: close Date: Mon, 29 Dec 2014 06:55:21 GMT Accept-Ranges: bytes Server: Apache/2.2.26 (Unix) mod_ssl/2.2.26 OpenSSL/1.0.1e-fips mod_bwlimited/1.4 Content-Length: 1622 Content-Type: text/html | clean |
http://www.africala.org/portal | HTTP/1.1 404 Not Found Connection: close Date: Mon, 29 Dec 2014 06:55:21 GMT Accept-Ranges: bytes Server: Apache/2.2.26 (Unix) mod_ssl/2.2.26 OpenSSL/1.0.1e-fips mod_bwlimited/1.4 Content-Length: 1622 Content-Type: text/html | clean |
http://www.africala.org/test404page.js | HTTP/1.1 404 Not Found Connection: close Date: Mon, 29 Dec 2014 06:55:21 GMT Accept-Ranges: bytes Server: Apache/2.2.26 (Unix) mod_ssl/2.2.26 OpenSSL/1.0.1e-fips mod_bwlimited/1.4 Content-Length: 1622 Content-Type: text/html | clean |
http://africala.org/web/src/jquery-mega-drop-down-menu/js/jquery.min.js.1.4.2.js | 200 OK Content-Length: 72175 Content-Type: application/javascript | clean |
http://africala.org/web/src/jquery-mega-drop-down-menu/js/jquery.hoverIntent.minified.js | 200 OK Content-Length: 1606 Content-Type: application/javascript | clean |
http://africala.org/web/src/jquery-mega-drop-down-menu/js/jquery.dcmegamenu.1.3.3.js | 200 OK Content-Length: 6901 Content-Type: application/javascript | clean |
http://www.statcounter.com/counter/counter.js | 200 OK Content-Length: 21363 Content-Type: application/x-javascript | clean |
http://africala.org/../src/shadowbox/shadowbox.js | 400 Bad Request Content-Length: 596 Content-Type: text/html | clean |
http://africala.org/../src/jquery-carrousel/jquery-1.5.2.min.js | 400 Bad Request Content-Length: 596 Content-Type: text/html | clean |
http://africala.org/../src/jquery-carrousel/jcarousellite_1.0.1c5.js | 400 Bad Request Content-Length: 596 Content-Type: text/html | clean |
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=africala.org
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://africala.org/
Result: africala.org is not infected or malware details are not published yet.
Result: africala.org is not infected or malware details are not published yet.