Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: gsm-faturaodeme.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Sun, 08 Jun 2014 17:23:11 GMT
Server: Apache
Content-Type: text/html; charset=UTF-8
X-Pingback: http://gsm-faturaodeme.com/xmlrpc.php
X-Powered-By: PHP/5.4.26
GET / HTTP/1.1
Host: gsm-faturaodeme.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Sun, 08 Jun 2014 17:23:11 GMT
Server: Apache
Content-Type: text/html; charset=UTF-8
X-Pingback: http://gsm-faturaodeme.com/xmlrpc.php
X-Powered-By: PHP/5.4.26
Second query (visit from search engine):
GET / HTTP/1.1
Host: gsm-faturaodeme.com
Referer: http://www.google.com/search?q=gsm-faturaodeme.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: gsm-faturaodeme.com
Referer: http://www.google.com/search?q=gsm-faturaodeme.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Scanned pages/files
Request | Server response | Status |
http://www.gsm-faturaodeme.com/ | HTTP/1.1 301 Moved Permanently Connection: close Date: Sun, 08 Jun 2014 17:23:09 GMT Location: http://gsm-faturaodeme.com/ Server: Apache Content-Length: 0 Content-Type: text/html; charset=UTF-8 X-Pingback: http://gsm-faturaodeme.com/xmlrpc.php X-Powered-By: PHP/5.4.26 | clean |
http://gsm-faturaodeme.com/ | 200 OK Content-Length: 37212 Content-Type: text/html | clean |
http://platform.twitter.com/widgets.js?ver=1.1 | 200 OK Content-Length: 97861 Content-Type: application/javascript | clean |
http://www.gsm-faturaodeme.com/reklam/ | HTTP/1.1 301 Moved Permanently Cache-Control: no-cache, must-revalidate, max-age=0 Connection: close Date: Sun, 08 Jun 2014 17:23:13 GMT Pragma: no-cache Location: http://gsm-faturaodeme.com/reklam/ Server: Apache Content-Length: 0 Content-Type: text/html; charset=UTF-8 Expires: Wed, 11 Jan 1984 05:00:00 GMT X-Pingback: http://gsm-faturaodeme.com/xmlrpc.php X-Powered-By: PHP/5.4.26 | clean |
http://gsm-faturaodeme.com/reklam/ | 404 Not Found Content-Length: 8449 Content-Type: text/html | clean |
http://gsm-faturaodeme.com/turkcell-fatura-odeme/ | 200 OK Content-Length: 11478 Content-Type: text/html | clean |
http://gsm-faturaodeme.com/avea-fatura-odeme/ | 200 OK Content-Length: 11476 Content-Type: text/html | clean |
http://gsm-faturaodeme.com/vodafone-fatura-odeme/ | 200 OK Content-Length: 11454 Content-Type: text/html | clean |
http://gsm-faturaodeme.com/category/genel/ | 200 OK Content-Length: 41295 Content-Type: text/html | clean |
http://gsm-faturaodeme.com/category/kredi-karti-ile-fatura-ode/ | 200 OK Content-Length: 46063 Content-Type: text/html | clean |
http://gsm-faturaodeme.com/nasil-fatura-odenir/ | 200 OK Content-Length: 16245 Content-Type: text/html | clean |
http://gsm-faturaodeme.com/tag/nasil-fatura-odenir/ | 200 OK Content-Length: 12655 Content-Type: text/html | clean |
http://gsm-faturaodeme.com/author/editor/ | 200 OK Content-Length: 12765 Content-Type: text/html | clean |
http://gsm-faturaodeme.com/kredi-karti-ile-fatura-odeme-islemleri/ | 200 OK Content-Length: 16907 Content-Type: text/html | clean |
http://gsm-faturaodeme.com/tag/kredi-karti-ile-fatura-odeme-islemleri/ | 200 OK Content-Length: 12991 Content-Type: text/html | clean |
http://gsm-faturaodeme.com/feed | HTTP/1.1 301 Moved Permanently Connection: close Date: Sun, 08 Jun 2014 17:23:23 GMT ETag: "31a60885a8ce54ee307f81b608f4eaa0" Location: http://gsm-faturaodeme.com/feed/ Server: Apache Content-Length: 0 Content-Type: text/html Last-Modified: Sun, 24 Nov 2013 20:00:23 GMT X-Pingback: http://gsm-faturaodeme.com/xmlrpc.php X-Powered-By: PHP/5.4.26 | clean |
http://gsm-faturaodeme.com/feed/ | 200 OK Content-Length: 41038 Content-Type: text/xml | clean |
http://gsm-faturaodeme.com/kredi-karti-ile-su-faturasi-odeme/ | 200 OK Content-Length: 17640 Content-Type: text/html | clean |
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=gsm-faturaodeme.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://gsm-faturaodeme.com/
Result: gsm-faturaodeme.com is not infected or malware details are not published yet.
Result: gsm-faturaodeme.com is not infected or malware details are not published yet.