Malicious/Suspicious Redirects
Request | Server response | Status |
URL: http://gidravlika.org/ (imitation of visitor from search engine) GET / HTTP/1.1 Host: gidravlika.org Referer: http://www.google.com/search?q=redirect+check1 | HTTP/1.1 302 Found Connection: close Date: Thu, 19 Jun 2014 01:54:07 GMT Location: http://goo.gl/0rXySb Server: nginx/1.4.1 Content-Length: 284 Content-Type: text/html; charset=iso-8859-1 | malicious |
URL: http://goo.gl/0rXySb (imitation of visitor from search engine) GET /0rXySb HTTP/1.1 Host: goo.gl Referer: http://www.google.com/search?q=redirect+check2 | HTTP/1.1 301 Moved Permanently Cache-Control: no-cache, no-store, max-age=0, must-revalidate Connection: close Date: Thu, 19 Jun 2014 01:53:00 GMT Pragma: no-cache Age: 67 Location: http://sh.oowoo.ru/redsh.php Server: GSE Content-Type: text/html; charset=UTF-8 Expires: Mon, 01 Jan 1990 00:00:00 GMT Alternate-Protocol: 80:quic X-Content-Type-Options: nosniff X-Frame-Options: SAMEORIGIN X-XSS-Protection: 1; mode=block | malicious |
URL: http://sh.oowoo.ru/redsh.php (imitation of visitor from search engine) GET /redsh.php HTTP/1.1 Host: sh.oowoo.ru Referer: http://www.google.com/search?q=redirect+check3 | HTTP/1.1 302 Found Connection: close Date: Thu, 19 Jun 2014 01:48:43 GMT Location: http://bitly.com/1kNQqvM Server: nginx/1.1.10 Content-Length: 0 Content-Type: text/html; charset=cp1251 X-Powered-By: PHP/5.2.17 | malicious |
URL: http://bitly.com/1kNQqvM (imitation of visitor from search engine) GET /1kNQqvM HTTP/1.1 Host: bitly.com Referer: http://www.google.com/search?q=redirect+check4 | HTTP/1.1 301 Moved Permanently Cache-Control: private; max-age=90 Connection: close Date: Thu, 19 Jun 2014 01:54:08 GMT Location: http://bongacams.com/track?c=18000 Server: nginx Content-Length: 126 Content-Type: text/html; charset=utf-8 Mime-Version: 1.0 Set-Cookie: _bit=53a242c0-000bf-05ce9-401cf10a;domain=.bitly.com;expires=Tue Dec 16 01:54:08 2014;path=/; HttpOnly | suspicious |
URL: http://bongacams.com/track?c=18000 (imitation of visitor from search engine) GET /track?c=18000 HTTP/1.1 Host: bongacams.com Referer: http://www.google.com/search?q=redirect+check5 | HTTP/1.1 302 Found Cache-Control: no-cache Connection: close Date: Thu, 19 Jun 2014 01:54:08 GMT Location: http://bongacash.com/tools/hit.php?c=18000 Server: nginx/1.2.6 Content-Length: 226 Content-Type: text/html; charset=iso-8859-1 Expires: Thu, 19 Jun 2014 01:54:07 GMT | suspicious |
URL: http://bongacash.com/tools/hit.php?c=18000 (imitation of visitor from search engine) GET /tools/hit.php?c=18000 HTTP/1.1 Host: bongacash.com Referer: http://www.google.com/search?q=redirect+check6 | HTTP/1.1 302 Found Cache-Control: no-cache Connection: close Date: Thu, 19 Jun 2014 01:54:08 GMT Location: http://bongacams.com?bcs=ZXN0azVlODFmYTViMTJmNjk5M2U5NjhkYzFhNjliZjQ5OTM4OjoxNzQxNTQ6Omh0dHA6Ly93d3cuZ29vZ2xlLmNvbS91cmw6Ojo6OjoxODAwMA~~ Server: nginx/1.4.1 Content-Length: 0 Content-Type: text/html Expires: Thu, 19 Jun 2014 01:54:07 GMT Set-Cookie: BCH_H=5e81fa5b12f6993e968dc1a69bf49938; expires=Fri, 06-Jun-2064 01:54:08 GMT; path=/; domain=.bongacash.com X-Powered-By: PHP/5.4.28 | suspicious |
Scanned pages/files
Request | Server response | Status |
http://gidravlika.org/ | 200 OK Content-Length: 17617 Content-Type: text/html | clean |
http://gidravlika.org/../templates/new/submenu.js | 400 Bad Request Content-Length: 172 Content-Type: text/html | clean |
http://gidravlika.org/test404page.js | 200 OK Content-Length: 17617 Content-Type: text/html | clean |
http://gidravlika.org/addons/wztooltip/wz_tooltip.js | 200 OK Content-Length: 17671 Content-Type: application/x-javascript | clean |
http://gidravlika.org/addons/tigra_color_picker/picker.js | 200 OK Content-Length: 5297 Content-Type: application/x-javascript | clean |
http://gidravlika.org/addons/tigra_calendar/calendar.js | 200 OK Content-Length: 6090 Content-Type: application/x-javascript | clean |
http://gidravlika.org/?id=1 | 200 OK Content-Length: 17617 Content-Type: text/html | clean |
http://gidravlika.org/?id=29 | 200 OK Content-Length: 31279 Content-Type: text/html | clean |
http://gidravlika.org/?id=30 | 200 OK Content-Length: 19482 Content-Type: text/html | clean |
http://gidravlika.org/?id=31 | 200 OK Content-Length: 16434 Content-Type: text/html | clean |
http://gidravlika.org/?id=28 | 200 OK Content-Length: 17489 Content-Type: text/html | clean |
http://gidravlika.org/?id=20&parentid=23&categoryid=76 | 200 OK Content-Length: 15773 Content-Type: text/html | clean |
http://gidravlika.org/picture/mh-ie-doc00012.pdf | 200 OK Content-Length: 301374 Content-Type: application/pdf | clean |
http://gidravlika.org/picture/4.pdf | 200 OK Content-Length: 301372 Content-Type: application/pdf | clean |
http://gidravlika.org/?id=21&parentid=76&categoryid=79&pparentid=23 | 200 OK Content-Length: 16969 Content-Type: text/html | clean |
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=gidravlika.org
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://gidravlika.org/
Result: gidravlika.org is not infected or malware details are not published yet.
Result: gidravlika.org is not infected or malware details are not published yet.