Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: attaj.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Sat, 26 Apr 2014 19:11:11 GMT
Accept-Ranges: bytes
ETag: "f9b-4ba48614276c0"
Server: Apache
Content-Length: 3995
Content-Type: text/html
Last-Modified: Fri, 02 Mar 2012 20:25:39 GMT
...3995 bytes of data.
GET / HTTP/1.1
Host: attaj.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Sat, 26 Apr 2014 19:11:11 GMT
Accept-Ranges: bytes
ETag: "f9b-4ba48614276c0"
Server: Apache
Content-Length: 3995
Content-Type: text/html
Last-Modified: Fri, 02 Mar 2012 20:25:39 GMT
...3995 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: attaj.com
Referer: http://www.google.com/search?q=attaj.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: attaj.com
Referer: http://www.google.com/search?q=attaj.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Scanned pages/files
Request | Server response | Status |
http://attaj.com/ | 200 OK Content-Length: 3995 Content-Type: text/html | clean |
http://www.cgi2you.com/counter/f-counter.php?user=attaj | 200 OK Content-Length: 268 Content-Type: text/text | clean |
http://www.cgi2you.com/counter/\"http://www.cgi2you.com/\" | HTTP/1.1 404 Not Found Connection: close Date: Sat, 26 Apr 2014 18:58:17 GMT Accept-Ranges: bytes ETag: "222eef-e9-5083c080" Server: Apache/2.0.54 (Debian GNU/Linux) FrontPage/5.0.2.2635 mod_python/3.1.3 Python/2.3.5 PHP/4.3.10-16 mod_ssl/2.0.54 OpenSSL/0.9.7e mod_perl/1.999.21 Perl/v5.8.4 Content-Length: 233 Content-Type: text/html Last-Modified: Thu, 13 Sep 2007 11:05:22 GMT | clean |
http://www.cgi2you.com/ | 200 OK Content-Length: 28128 Content-Type: text/html | clean |
http://www.cgi2you.com/../index.html | 400 Bad Request Content-Length: 1013 Content-Type: text/html | clean |
http://www.cgi2you.com/test404page.js | HTTP/1.1 404 Not Found Connection: close Date: Sat, 26 Apr 2014 18:58:22 GMT Accept-Ranges: bytes ETag: "222eef-e9-5083c080" Server: Apache/2.0.54 (Debian GNU/Linux) FrontPage/5.0.2.2635 mod_python/3.1.3 Python/2.3.5 PHP/4.3.10-16 mod_ssl/2.0.54 OpenSSL/0.9.7e mod_perl/1.999.21 Perl/v5.8.4 Content-Length: 233 Content-Type: text/html Last-Modified: Thu, 13 Sep 2007 11:05:22 GMT | clean |
http://www.cgi2you.com/counter/\"http://www.cgi2you.com/index.html | HTTP/1.1 404 Not Found Connection: close Date: Sat, 26 Apr 2014 18:58:22 GMT Accept-Ranges: bytes ETag: "222eef-e9-5083c080" Server: Apache/2.0.54 (Debian GNU/Linux) FrontPage/5.0.2.2635 mod_python/3.1.3 Python/2.3.5 PHP/4.3.10-16 mod_ssl/2.0.54 OpenSSL/0.9.7e mod_perl/1.999.21 Perl/v5.8.4 Content-Length: 233 Content-Type: text/html Last-Modified: Thu, 13 Sep 2007 11:05:22 GMT | clean |
http://www.cgi2you.com/counter/\"http://www.cgi2you.com/signup.html | HTTP/1.1 404 Not Found Connection: close Date: Sat, 26 Apr 2014 18:58:23 GMT Accept-Ranges: bytes ETag: "222eef-e9-5083c080" Server: Apache/2.0.54 (Debian GNU/Linux) FrontPage/5.0.2.2635 mod_python/3.1.3 Python/2.3.5 PHP/4.3.10-16 mod_ssl/2.0.54 OpenSSL/0.9.7e mod_perl/1.999.21 Perl/v5.8.4 Content-Length: 233 Content-Type: text/html Last-Modified: Thu, 13 Sep 2007 11:05:22 GMT | clean |
http://www.cgi2you.com/counter/\"http://www.cgi2you.com/faq.html | HTTP/1.1 404 Not Found Connection: close Date: Sat, 26 Apr 2014 18:58:23 GMT Accept-Ranges: bytes ETag: "222eef-e9-5083c080" Server: Apache/2.0.54 (Debian GNU/Linux) FrontPage/5.0.2.2635 mod_python/3.1.3 Python/2.3.5 PHP/4.3.10-16 mod_ssl/2.0.54 OpenSSL/0.9.7e mod_perl/1.999.21 Perl/v5.8.4 Content-Length: 233 Content-Type: text/html Last-Modified: Thu, 13 Sep 2007 11:05:22 GMT | clean |
http://www.cgi2you.com/counter/\"http://www.cgi2you.com/news.html | HTTP/1.1 404 Not Found Connection: close Date: Sat, 26 Apr 2014 18:58:24 GMT Accept-Ranges: bytes ETag: "222eef-e9-5083c080" Server: Apache/2.0.54 (Debian GNU/Linux) FrontPage/5.0.2.2635 mod_python/3.1.3 Python/2.3.5 PHP/4.3.10-16 mod_ssl/2.0.54 OpenSSL/0.9.7e mod_perl/1.999.21 Perl/v5.8.4 Content-Length: 233 Content-Type: text/html Last-Modified: Thu, 13 Sep 2007 11:05:22 GMT | clean |
http://www.cgi2you.com/counter/\"http://www.cgi2you.com/link2us.html | HTTP/1.1 404 Not Found Connection: close Date: Sat, 26 Apr 2014 18:58:24 GMT Accept-Ranges: bytes ETag: "222eef-e9-5083c080" Server: Apache/2.0.54 (Debian GNU/Linux) FrontPage/5.0.2.2635 mod_python/3.1.3 Python/2.3.5 PHP/4.3.10-16 mod_ssl/2.0.54 OpenSSL/0.9.7e mod_perl/1.999.21 Perl/v5.8.4 Content-Length: 233 Content-Type: text/html Last-Modified: Thu, 13 Sep 2007 11:05:22 GMT | clean |
http://www.cgi2you.com/counter/\"http://www.cgi2you.com/partners.html | HTTP/1.1 404 Not Found Connection: close Date: Sat, 26 Apr 2014 18:58:25 GMT Accept-Ranges: bytes ETag: "222eef-e9-5083c080" Server: Apache/2.0.54 (Debian GNU/Linux) FrontPage/5.0.2.2635 mod_python/3.1.3 Python/2.3.5 PHP/4.3.10-16 mod_ssl/2.0.54 OpenSSL/0.9.7e mod_perl/1.999.21 Perl/v5.8.4 Content-Length: 233 Content-Type: text/html Last-Modified: Thu, 13 Sep 2007 11:05:22 GMT | clean |
http://www.cgi2you.com/counter/\"http://www.cgi2you.com/more_counter.html | 200 OK Content-Length: 318 Content-Type: text/text | clean |
http://www.cgi2you.com/counter/\"http://www.cgi2you.com/\"http://www.cgi2you.com/\" | HTTP/1.1 404 Not Found Connection: close Date: Sat, 26 Apr 2014 18:58:26 GMT Accept-Ranges: bytes ETag: "222eef-e9-5083c080" Server: Apache/2.0.54 (Debian GNU/Linux) FrontPage/5.0.2.2635 mod_python/3.1.3 Python/2.3.5 PHP/4.3.10-16 mod_ssl/2.0.54 OpenSSL/0.9.7e mod_perl/1.999.21 Perl/v5.8.4 Content-Length: 233 Content-Type: text/html Last-Modified: Thu, 13 Sep 2007 11:05:22 GMT | clean |
http://www.cgi2you.com/counter/\"http://www.cgi2you.com/more_guestbook.html | HTTP/1.1 404 Not Found Connection: close Date: Sat, 26 Apr 2014 18:58:27 GMT Accept-Ranges: bytes ETag: "222eef-e9-5083c080" Server: Apache/2.0.54 (Debian GNU/Linux) FrontPage/5.0.2.2635 mod_python/3.1.3 Python/2.3.5 PHP/4.3.10-16 mod_ssl/2.0.54 OpenSSL/0.9.7e mod_perl/1.999.21 Perl/v5.8.4 Content-Length: 233 Content-Type: text/html Last-Modified: Thu, 13 Sep 2007 11:05:22 GMT | clean |
http://www.cgi2you.com/counter/\"http://www.cgi2you.com/more_board.html | HTTP/1.1 404 Not Found Connection: close Date: Sat, 26 Apr 2014 18:58:27 GMT Accept-Ranges: bytes ETag: "222eef-e9-5083c080" Server: Apache/2.0.54 (Debian GNU/Linux) FrontPage/5.0.2.2635 mod_python/3.1.3 Python/2.3.5 PHP/4.3.10-16 mod_ssl/2.0.54 OpenSSL/0.9.7e mod_perl/1.999.21 Perl/v5.8.4 Content-Length: 233 Content-Type: text/html Last-Modified: Thu, 13 Sep 2007 11:05:22 GMT | clean |
http://www.cgi2you.com/counter/\"http://www.cgi2you.com/more_poll.html | HTTP/1.1 404 Not Found Connection: close Date: Sat, 26 Apr 2014 18:58:28 GMT Accept-Ranges: bytes ETag: "222eef-e9-5083c080" Server: Apache/2.0.54 (Debian GNU/Linux) FrontPage/5.0.2.2635 mod_python/3.1.3 Python/2.3.5 PHP/4.3.10-16 mod_ssl/2.0.54 OpenSSL/0.9.7e mod_perl/1.999.21 Perl/v5.8.4 Content-Length: 233 Content-Type: text/html Last-Modified: Thu, 13 Sep 2007 11:05:22 GMT | clean |
http://www.cgi2you.com/counter/\"http://www.cgi2you.com/forgot.html | HTTP/1.1 404 Not Found Connection: close Date: Sat, 26 Apr 2014 18:58:28 GMT Accept-Ranges: bytes ETag: "222eef-e9-5083c080" Server: Apache/2.0.54 (Debian GNU/Linux) FrontPage/5.0.2.2635 mod_python/3.1.3 Python/2.3.5 PHP/4.3.10-16 mod_ssl/2.0.54 OpenSSL/0.9.7e mod_perl/1.999.21 Perl/v5.8.4 Content-Length: 233 Content-Type: text/html Last-Modified: Thu, 13 Sep 2007 11:05:22 GMT | clean |
http://www.cgi2you.com/counter/\"http://www.cgi2you.com/adv2us.html | HTTP/1.1 404 Not Found Connection: close Date: Sat, 26 Apr 2014 18:58:29 GMT Accept-Ranges: bytes ETag: "222eef-e9-5083c080" Server: Apache/2.0.54 (Debian GNU/Linux) FrontPage/5.0.2.2635 mod_python/3.1.3 Python/2.3.5 PHP/4.3.10-16 mod_ssl/2.0.54 OpenSSL/0.9.7e mod_perl/1.999.21 Perl/v5.8.4 Content-Length: 233 Content-Type: text/html Last-Modified: Thu, 13 Sep 2007 11:05:22 GMT | clean |
http://www.cgi2you.com/counter/\"http://www.cgi2you.com/policy.html | HTTP/1.1 404 Not Found Connection: close Date: Sat, 26 Apr 2014 18:58:29 GMT Accept-Ranges: bytes ETag: "222eef-e9-5083c080" Server: Apache/2.0.54 (Debian GNU/Linux) FrontPage/5.0.2.2635 mod_python/3.1.3 Python/2.3.5 PHP/4.3.10-16 mod_ssl/2.0.54 OpenSSL/0.9.7e mod_perl/1.999.21 Perl/v5.8.4 Content-Length: 233 Content-Type: text/html Last-Modified: Thu, 13 Sep 2007 11:05:22 GMT | clean |
http://www.cgi2you.com/counter/\"http://www.cgi2you.com/term.html | HTTP/1.1 404 Not Found Connection: close Date: Sat, 26 Apr 2014 18:58:30 GMT Accept-Ranges: bytes ETag: "222eef-e9-5083c080" Server: Apache/2.0.54 (Debian GNU/Linux) FrontPage/5.0.2.2635 mod_python/3.1.3 Python/2.3.5 PHP/4.3.10-16 mod_ssl/2.0.54 OpenSSL/0.9.7e mod_perl/1.999.21 Perl/v5.8.4 Content-Length: 233 Content-Type: text/html Last-Modified: Thu, 13 Sep 2007 11:05:22 GMT | clean |
http://www.cgi2you.com/counter/\"http://www.cgi2you.com/- | HTTP/1.1 404 Not Found Connection: close Date: Sat, 26 Apr 2014 18:58:30 GMT Accept-Ranges: bytes ETag: "222eef-e9-5083c080" Server: Apache/2.0.54 (Debian GNU/Linux) FrontPage/5.0.2.2635 mod_python/3.1.3 Python/2.3.5 PHP/4.3.10-16 mod_ssl/2.0.54 OpenSSL/0.9.7e mod_perl/1.999.21 Perl/v5.8.4 Content-Length: 233 Content-Type: text/html Last-Modified: Thu, 13 Sep 2007 11:05:22 GMT | clean |
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=attaj.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://attaj.com/
Result: attaj.com is not infected or malware details are not published yet.
Result: attaj.com is not infected or malware details are not published yet.