Malicious/Suspicious Redirects
Request | Server response | Status |
URL: http://www.floristsdeliver.co.za/ (imitation of visitor from search engine) GET / HTTP/1.1 Host: www.floristsdeliver.co.za Referer: http://www.google.com/search?q=redirect+check1 | HTTP/1.1 302 Moved Temporarily Connection: close Date: Fri, 19 Sep 2014 06:40:27 GMT Location: http://offerforge.net/?a=2079&c=311435&p=r&s1=fd Server: nginx/1.6.2 Content-Type: text/html | malicious |
URL: https://offerforge.net/?a=2079&c=311435&p=r&s1=fd&ckmguid=69f1b453-3164-49f8-ab05-3f4316a2a4e8 (imitation of visitor from search engine) GET /?a=2079&c=311435&p=r&s1=fd&ckmguid=69f1b453-3164-49f8-ab05-3f4316a2a4e8 HTTP/1.1 Host: offerforge.net Referer: http://www.google.com/search?q=redirect+check2 | HTTP/1.1 302 Found Cache-Control: private Date: Fri, 19 Sep 2014 06:40:11 GMT Location: http://www.netflorist.co.za/?affID=100000473&cwpg=1 Server: Microsoft-IIS/7.5 Content-Length: 172 Content-Type: text/html; charset=utf-8 P3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT" Set-Cookie: .sess=xheeqhtkovuowh1s2glnu503; path=/; HttpOnly Set-Cookie: sid=Mu77VVdF4KO2tnqIJO2gtTEQ0Ti9FpMQFI1EgC1wxGejTMf2W10PPg==; domain=.offerforge.net; path=/; HttpOnly Set-Cookie: trk=xt5hhLkhHyq2tnqIJO2gtTEQ0Ti9FpMQFI1EgC1wxGejTMf2W10PPg==; domain=.offerforge.net; expires=Thu, 19-Sep-2019 07:40:11 GMT; path=/; HttpOnly Set-Cookie: c24=Mu77VVdF4KOtBUxcDuJbeTEE/VUPQx/p6+shBu0CXrU=; domain=.offerforge.net; expires=Fri, 26-Sep-2014 06:40:11 GMT; path=/; HttpOnly X-AspNet-Version: 4.0.30319 X-Powered-By: ASP.NET | suspicious |
Scanned pages/files
Request | Server response | Status |
http://www.floristsdeliver.co.za/ | 200 OK Content-Length: 10843 Content-Type: text/html | clean |
http://www.google-analytics.com/urchin.js | 200 OK Content-Length: 22678 Content-Type: text/javascript | clean |
http://www.floristsdeliver.co.za/../../florists/mitchells plain medical centre/ | 400 Bad Request Content-Length: 172 Content-Type: text/html | clean |
http://www.floristsdeliver.co.za/test404page.js | 404 Not Found Content-Length: 11812 Content-Type: text/html | clean |
http://code.jquery.com/jquery-1.9.1.js | 200 OK Content-Length: 268381 Content-Type: application/x-javascript | clean |
http://www.floristsdeliver.co.za/cgi-sys/js/simple-expand.min.js | 200 OK Content-Length: 2782 Content-Type: application/javascript | clean |
http://www.floristsdeliver.co.za/../../florists/siloam hospital/ | 400 Bad Request Content-Length: 172 Content-Type: text/html | clean |
http://www.floristsdeliver.co.za/../../florists/gen de la rey gedenk hospital/ | 400 Bad Request Content-Length: 172 Content-Type: text/html | clean |
http://www.floristsdeliver.co.za/../../florists/witpoort hospital/ | 400 Bad Request Content-Length: 172 Content-Type: text/html | clean |
http://www.floristsdeliver.co.za/../../florists/brits hospital/ | 400 Bad Request Content-Length: 172 Content-Type: text/html | clean |
http://www.floristsdeliver.co.za/../../florists/parklane clinic/ | 400 Bad Request Content-Length: 172 Content-Type: text/html | clean |
http://www.floristsdeliver.co.za/../../florists/entabeni/ | 400 Bad Request Content-Length: 172 Content-Type: text/html | clean |
http://www.floristsdeliver.co.za/../../florists/knysna private hospital/ | 400 Bad Request Content-Length: 172 Content-Type: text/html | clean |
http://www.floristsdeliver.co.za/../../florists/nic bodenstein hospital/ | 400 Bad Request Content-Length: 172 Content-Type: text/html | clean |
http://www.floristsdeliver.co.za/../../florists/potchefstroom medi clinic/ | 400 Bad Request Content-Length: 172 Content-Type: text/html | clean |
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=floristsdeliver.co.za
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://floristsdeliver.co.za/
Result: floristsdeliver.co.za is not infected or malware details are not published yet.
Result: floristsdeliver.co.za is not infected or malware details are not published yet.