Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: forum.indowebster.com
Result:
HTTP/1.1 303 See Other
Connection: close
Date: Mon, 26 Jan 2015 02:35:57 GMT
Via: 1.1 varnish
Age: 0
Location: http://forum.indowebster.com/forum.php
Server: Apache/2.2.16
Vary: Accept-Encoding
Content-Type: text/html
Set-Cookie: vbb_lastvisit=1422239527; expires=Tue, 26-Jan-2016 02:32:07 GMT; path=/
Set-Cookie: vbb_lastactivity=0; expires=Tue, 26-Jan-2016 02:32:07 GMT; path=/
X-Varnish: 1313715812
GET / HTTP/1.1
Host: forum.indowebster.com
Result:
HTTP/1.1 303 See Other
Connection: close
Date: Mon, 26 Jan 2015 02:35:57 GMT
Via: 1.1 varnish
Age: 0
Location: http://forum.indowebster.com/forum.php
Server: Apache/2.2.16
Vary: Accept-Encoding
Content-Type: text/html
Set-Cookie: vbb_lastvisit=1422239527; expires=Tue, 26-Jan-2016 02:32:07 GMT; path=/
Set-Cookie: vbb_lastactivity=0; expires=Tue, 26-Jan-2016 02:32:07 GMT; path=/
X-Varnish: 1313715812
Second query (visit from search engine):
GET / HTTP/1.1
Host: forum.indowebster.com
Referer: http://www.google.com/search?q=forum.indowebster.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: forum.indowebster.com
Referer: http://www.google.com/search?q=forum.indowebster.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Scanned pages/files
Request | Server response | Status |
http://forum.indowebster.com/ | HTTP/1.1 303 See Other Connection: close Date: Mon, 26 Jan 2015 02:35:57 GMT Via: 1.1 varnish Age: 0 Location: http://forum.indowebster.com/forum.php Server: Apache/2.2.16 Vary: Accept-Encoding Content-Type: text/html Set-Cookie: vbb_lastvisit=1422239527; expires=Tue, 26-Jan-2016 02:32:07 GMT; path=/ Set-Cookie: vbb_lastactivity=0; expires=Tue, 26-Jan-2016 02:32:07 GMT; path=/ X-Varnish: 1313715812 | clean |
http://forum.indowebster.com/forum.php | 200 OK Content-Length: 222955 Content-Type: text/html | clean |
http://forum.indowebster.com/forumrunner/detect.js | 200 OK Content-Length: 2885 Content-Type: application/x-javascript | clean |
http://forum.indowebster.com/clientscript/ajaxinclude.js | 200 OK Content-Length: 588 Content-Type: application/x-javascript | clean |
http://ajax.googleapis.com/ajax/libs/yui/2.9.0/build/yuiloader-dom-event/yuiloader-dom-event.js | 200 OK Content-Length: 61619 Content-Type: text/javascript | clean |
http://forum.indowebster.com/js/idws.min.2.js | 200 OK Content-Length: 95901 Content-Type: application/x-javascript | clean |
http://forum.indowebster.com/clientscript/vbulletin-core.js | 200 OK Content-Length: 51945 Content-Type: application/x-javascript | clean |
http://forum.indowebster.com/mobiquo/tapatalkdetect.js | 200 OK Content-Length: 3465 Content-Type: application/x-javascript | clean |
http://forum.indowebster.com/clientscript/vbulletin_read_marker.js?v=420 | 200 OK Content-Length: 4460 Content-Type: application/javascript | clean |
http://forum.indowebster.com/clientscript/ncode_imageresizer.js | 200 OK Content-Length: 4608 Content-Type: application/x-javascript | clean |
http://forum.indowebster.com/clientscript/vbulletin_md5.js | 200 OK Content-Length: 5464 Content-Type: application/x-javascript | clean |
http://tra.co.id/track.js | 502 Bad Gateway Content-Length: 574 Content-Type: text/html | clean |
http://tra.co.id/test404page.js | 502 Bad Gateway Content-Length: 574 Content-Type: text/html | clean |
http://static.forum.idws-static.com/mobiquo/tapatalkdetect.js | 200 OK Content-Length: 3465 Content-Type: application/javascript | clean |
http://cdn.innity.com/network.js | 200 OK Content-Length: 4687 Content-Type: application/javascript | clean |
http://cdn.innity.net/network.js | 200 OK Content-Length: 4687 Content-Type: application/javascript | clean |
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=forum.indowebster.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://forum.indowebster.com/
Result: forum.indowebster.com is not infected or malware details are not published yet.
Result: forum.indowebster.com is not infected or malware details are not published yet.