Malicious/Suspicious Redirects
| Request | Server response | Status |
URL: http://www.davidgough.com/ (imitation of visitor from search engine) GET / HTTP/1.1 Host: www.davidgough.com Referer: http://www.google.com/search?q=redirect+check1 | HTTP/1.1 301 Moved Permanently Connection: close Date: Wed, 09 Jul 2014 08:15:42 GMT Location: http://www.online-open.com/ Server: Apache/2.2 Content-Length: 307 Content-Type: text/html; charset=iso-8859-1 Set-Cookie: X-Mapping-miokmfji=7ABA2FB51DC8D64535B4D41185A93269; path=/ | malicious |
URL: http://www.online-open.com/ (imitation of visitor from search engine) GET / HTTP/1.1 Host: www.online-open.com Referer: http://www.google.com/search?q=redirect+check2 | HTTP/1.1 301 Moved Permanently Connection: close Date: Wed, 09 Jul 2014 08:15:41 GMT Location: http://adserver.kimia.es/get/iad/1-690-5beb48a093494f8712af5e4c6d50bf80?cl=Redirect_Straight&af=pack1&source=online-open.com Server: Apache/2.2.22 (Debian) Vary: Accept-Encoding Content-Length: 0 Content-Type: text/html X-Powered-By: PHP/5.4.4-14+deb7u11 | malicious |
URL: http://adserver.kimia.es/get/iad/1-690-5beb48a093494f8712af5e4c6d50bf80?cl=Redirect_Straight&af=pack1&source=online-open.com (imitation of visitor from search engine) GET /get/iad/1-690-5beb48a093494f8712af5e4c6d50bf80?cl=Redirect_Straight&af=pack1&source=online-open.com HTTP/1.1 Host: adserver.kimia.es Referer: http://www.google.com/search?q=redirect+check3 | HTTP/1.1 302 Found Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Connection: close Date: Wed, 09 Jul 2014 08:15:41 GMT Pragma: no-cache Location: http://td.vs3.com/?profile=kimia-aff&Service=Girls&click_id=xkpltadu201407091015100000000000000000000000004 Server: nginx Content-Length: 107 Content-Type: text/html Expires: Thu, 19 Nov 1981 08:52:00 GMT Access-Control-Allow-Origin: * Set-Cookie: PHPSESSID=a119f46f0b22e87f3d920352e6ef9f91; path=/ Set-Cookie: a119f46f0b22e87f3d920352e6ef9f91=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/ X-Powered-By: PHP/5.4.25 | suspicious |
URL: http://td.vs3.com/?profile=kimia-aff&Service=Girls&click_id=xkpltadu201407091015100000000000000000000000004 (imitation of visitor from search engine) GET /?profile=kimia-aff&Service=Girls&click_id=xkpltadu201407091015100000000000000000000000004 HTTP/1.1 Host: td.vs3.com Referer: http://www.google.com/search?q=redirect+check4 | HTTP/1.1 301 Moved Permanently Connection: close Location: http://flirt4free.com/rooms/?mp_code=acvf6&Service=Girls&click_id=xkpltadu201407091015100000000000000000000000004&utm_campaign=undefined&utm_content=acvf6&utm_medium=referral&utm_source=pop Content-Length: 101 Content-Type: text/html | suspicious |
Scanned pages/files
| Request | Server response | Status |
http://www.davidgough.com/ | 403 Bad Behavior Content-Length: 882 Content-Type: text/html | clean |
http://www.davidgough.com/test404page.js | 403 Bad Behavior Content-Length: 896 Content-Type: text/html | clean |
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=davidgough.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://davidgough.com/
Result: davidgough.com is not infected or malware details are not published yet.
Result: davidgough.com is not infected or malware details are not published yet.