Scanned pages/files
| Request | Server response | Status |
http://gbg.bg/ | HTTP/1.1 301 Moved Permanently Connection: close Date: Mon, 28 Apr 2014 11:55:25 GMT Location: http://www.gbg.bg/ Server: Apache Content-Length: 226 Content-Type: text/html; charset=iso-8859-1 | clean |
http://www.gbg.bg/ | 200 OK Content-Length: 300984 Content-Type: text/html | suspicious |
Hidden iFrame found. size: 305x0 src: http://www.carmarket.bg/gbg <iframe width="305" height="257" height="0" frameborder="0" scrolling="no" allowtransparency="true" src="http://www.carmarket.bg/gbg"> | ||
http://m.netinfo.bg/gbg/js/jquery/jquery-1.9.1.min.js | 200 OK Content-Length: 92629 Content-Type: application/x-javascript | clean |
http://m.netinfo.bg/gbg/js/jquery/jquery.cookie.js | 200 OK Content-Length: 4341 Content-Type: application/x-javascript | clean |
http://m.netinfo.bg/gbg/js/gbg_interface_0.3.js | 200 OK Content-Length: 15219 Content-Type: application/x-javascript | suspicious |
Hidden iFrame found. size: 300x0 src: http://www.gbg.bg/resources/newhome/banner-top.html? <iframe width="300" height="0" frameborder="0" scrolling="no" allowtransparency="true" src="http://www.gbg.bg/resources/newhome/banner-top.html?'
+ math.round( math.random() * 10000 ) +
'"> Hidden iFrame found. size: 300x0 src: http://www.gbg.bg/resources/newhome/banner.html? <iframe width="300" height="0" frameborder="0" scrolling="no" allowtransparency="true" src="http://www.gbg.bg/resources/newhome/banner.html?'
+ math.round( math.random() * 10000 ) +
'"> | ||
http://m.netinfo.bg/gbg/js/jquery/jquery-ui-1.9.2.custom.min.js | 200 OK Content-Length: 37466 Content-Type: application/x-javascript | clean |
http://a.abv.bg/www/delivery/spcjs.php?id=8 | 200 OK Content-Length: 2218 Content-Type: application/x-javascript | clean |
http://diff3.smartadserver.com/call/pubdirj/182746/2503458/3dparty.testsite.netinfo_bg/300x150/[timestamp]/no?[countgo] | HTTP/1.1 302 Object moved Cache-Control: private,no-cache Date: Mon, 28 Apr 2014 11:55:29 GMT Pragma: no-cache Location: /def/def/showdef.asp Content-Length: 217 Content-Type: text/html Expires: Sun, 27 Apr 2014 11:55:30 GMT P3P: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo" Set-Cookie: sasd=%24a%3D0t%3B%24cn%3D0%5F0%3B%24isp%3D0%3B%24qc%3D1310039603%3B%24ql%3Dunknown%3B%24qpc%3D2000%3B%24qpp%3D0%3B%24qt%3D40%5F588%5F38598t; path=/ Set-Cookie: pbw=%24b%3D11080; expires=Sun, 17-Apr-2016 11:55:30 GMT; domain=smartadserver.com; path=/ Set-Cookie: TestIfCookieP=ok; expires=Sun, 17-Apr-2016 11:55:30 GMT; domain=smartadserver.com; path=/ Set-Cookie: TestIfCookie=ok; domain=smartadserver.com; path=/ | clean |
http://diff3.smartadserver.com/def/def/showdef.asp | 200 OK Content-Length: 24 Content-Type: application/x-javascript | clean |
http://www.adwise.bg/context/context-0.1.js | 200 OK Content-Length: 3119 Content-Type: application/javascript | clean |
http://gbg.bg/ukazatel/avto_moto | HTTP/1.1 301 Moved Permanently Connection: close Date: Mon, 28 Apr 2014 11:55:31 GMT Location: http://www.gbg.bg/ukazatel/avto_moto Server: Apache Content-Length: 244 Content-Type: text/html; charset=iso-8859-1 | clean |
http://www.gbg.bg/ukazatel/avto_moto | 200 OK Content-Length: 80504 Content-Type: text/html | suspicious |
Hidden iFrame found. size: 252x0 src: http://find.gbg.bg/?address=gbg.bg&c=aukro&q=ÐвÑо <iframe id="aukroiframeid" scrolling="no" frameborder="0" style=" margin-top: 10px; width: 252px; height: 0;" src="http://find.gbg.bg/?address=gbg.bg&c=aukro&q=ÐвÑо - моÑо"> | ||
http://www.gbg.bg/resources/js/common_v112.js | 200 OK Content-Length: 25472 Content-Type: application/javascript | clean |
http://gbg.bg/resources/js/jquery.min_v101.js | HTTP/1.1 301 Moved Permanently Connection: close Date: Mon, 28 Apr 2014 11:55:34 GMT Location: http://www.gbg.bg/resources/js/jquery.min_v101.js Server: Apache Content-Length: 257 Content-Type: text/html; charset=iso-8859-1 | clean |
http://www.gbg.bg/resources/js/jquery.min_v101.js | 200 OK Content-Length: 68407 Content-Type: application/javascript | clean |
http://gbg.bg/resources/js/jquery.cookie.js | HTTP/1.1 301 Moved Permanently Connection: close Date: Mon, 28 Apr 2014 11:55:35 GMT Location: http://www.gbg.bg/resources/js/jquery.cookie.js Server: Apache Content-Length: 255 Content-Type: text/html; charset=iso-8859-1 | clean |
http://www.gbg.bg/resources/js/jquery.cookie.js | 200 OK Content-Length: 4341 Content-Type: application/javascript | clean |
http://pagead2.googlesyndication.com/pagead/show_ads.js | 200 OK Content-Length: 21987 Content-Type: text/javascript | clean |
http://www.gbg.bg/js/xgemius.js | 200 OK Content-Length: 6227 Content-Type: application/javascript | clean |
http://gbg.bg/link/add?TB_iframe=true&height=490&width=530&modal=true | HTTP/1.1 301 Moved Permanently Connection: close Date: Mon, 28 Apr 2014 11:55:36 GMT Location: http://www.gbg.bg/link/add?TB_iframe=true&height=490&width=530&modal=true Server: Apache Content-Length: 293 Content-Type: text/html; charset=iso-8859-1 X-Pad: avoid browser bug | clean |
http://www.gbg.bg/link/add?tb_iframe=true&height=490&width=530&modal=true | 200 OK Content-Length: 13202 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: gbg.bg
Result:
HTTP/1.1 301 Moved Permanently
Connection: close
Date: Mon, 28 Apr 2014 11:55:25 GMT
Location: http://www.gbg.bg/
Server: Apache
Content-Length: 226
Content-Type: text/html; charset=iso-8859-1
...226 bytes of data.
GET / HTTP/1.1
Host: gbg.bg
Result:
HTTP/1.1 301 Moved Permanently
Connection: close
Date: Mon, 28 Apr 2014 11:55:25 GMT
Location: http://www.gbg.bg/
Server: Apache
Content-Length: 226
Content-Type: text/html; charset=iso-8859-1
...226 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: gbg.bg
Referer: http://www.google.com/search?q=gbg.bg
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: gbg.bg
Referer: http://www.google.com/search?q=gbg.bg
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=gbg.bg
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://gbg.bg/
Result: gbg.bg is not infected or malware details are not published yet.
Result: gbg.bg is not infected or malware details are not published yet.