Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: gandhi-mahal.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Mon, 09 Mar 2015 03:01:11 GMT
Accept-Ranges: bytes
Accept-Ranges: bytes
Age: 0
Server: Apache/2
Content-Length: 4144
Content-Type: text/html
...4144 bytes of data.
GET / HTTP/1.1
Host: gandhi-mahal.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Mon, 09 Mar 2015 03:01:11 GMT
Accept-Ranges: bytes
Accept-Ranges: bytes
Age: 0
Server: Apache/2
Content-Length: 4144
Content-Type: text/html
...4144 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: gandhi-mahal.com
Referer: http://www.google.com/search?q=gandhi-mahal.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: gandhi-mahal.com
Referer: http://www.google.com/search?q=gandhi-mahal.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Scanned pages/files
| Request | Server response | Status |
http://gandhi-mahal.com/ | 200 OK Content-Length: 4144 Content-Type: text/html | clean |
http://gandhi-mahal.com/eng/index.shtml | 200 OK Content-Length: 3823 Content-Type: text/html | clean |
http://gandhi-mahal.com/index.shtml | 200 OK Content-Length: 4144 Content-Type: text/html | clean |
http://gandhi-mahal.com/ochanomizu/index.shtml | 200 OK Content-Length: 5493 Content-Type: text/html | clean |
http://gandhi-mahal.com/ochanomizu/menu.shtml | 200 OK Content-Length: 32060 Content-Type: text/html | clean |
http://gandhi-mahal.com/ochanomizu/setmenu.shtml | 200 OK Content-Length: 8796 Content-Type: text/html | clean |
http://gandhi-mahal.com/ochanomizu/partyplan.shtml | 200 OK Content-Length: 8681 Content-Type: text/html | clean |
http://gandhi-mahal.com/ochanomizu/takeout.shtml | 200 OK Content-Length: 5338 Content-Type: text/html | clean |
http://gandhi-mahal.com/cgi-bin/reservationj.shtml | 200 OK Content-Length: 11939 Content-Type: text/html | clean |
http://gandhi-mahal.com/ochanomizu/access.shtml | 200 OK Content-Length: 5260 Content-Type: text/html | clean |
http://gandhi-mahal.com/test404page.js | HTTP/1.1 302 Found Cache-Control: max-age=3600 Connection: close Date: Mon, 09 Mar 2015 03:01:16 GMT Accept-Ranges: bytes Age: 786 Location: http://www.utsunomiyasangyou.com/404.shtml Server: Apache/2 Content-Length: 226 Content-Type: text/html; charset=iso-8859-1 Expires: Mon, 09 Mar 2015 03:48:10 GMT | clean |
http://www.utsunomiyasangyou.com/404.shtml | 200 OK Content-Length: 45507 Content-Type: text/html | clean |
http://www.utsunomiyasangyou.com/base/shopping.shtml | 200 OK Content-Length: 14205 Content-Type: text/html | clean |
http://www.utsunomiyasangyou.com/cgi/formmail2/index.shtml | 200 OK Content-Length: 14841 Content-Type: text/html | clean |
http://www.utsunomiyasangyou.com/cgi/formmail/index.shtml | 200 OK Content-Length: 14519 Content-Type: text/html | clean |
http://www.utsunomiyasangyou.com/help/index.shtml | 200 OK Content-Length: 14058 Content-Type: text/html | clean |
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=gandhi-mahal.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://gandhi-mahal.com/
Result: gandhi-mahal.com is not infected or malware details are not published yet.
Result: gandhi-mahal.com is not infected or malware details are not published yet.