Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: gtabbs.com
Result:
HTTP/1.1 301 Moved Permanently
Connection: close
Date: Thu, 12 Jun 2014 19:24:10 GMT
Location: http://www.gtabbs.com/
Server: Tengine
Content-Length: 230
Content-Type: text/html; charset=iso-8859-1
...230 bytes of data.
GET / HTTP/1.1
Host: gtabbs.com
Result:
HTTP/1.1 301 Moved Permanently
Connection: close
Date: Thu, 12 Jun 2014 19:24:10 GMT
Location: http://www.gtabbs.com/
Server: Tengine
Content-Length: 230
Content-Type: text/html; charset=iso-8859-1
...230 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: gtabbs.com
Referer: http://www.google.com/search?q=gtabbs.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: gtabbs.com
Referer: http://www.google.com/search?q=gtabbs.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Scanned pages/files
Request | Server response | Status |
http://gtabbs.com/ | HTTP/1.1 301 Moved Permanently Connection: close Date: Thu, 12 Jun 2014 19:24:10 GMT Location: http://www.gtabbs.com/ Server: Tengine Content-Length: 230 Content-Type: text/html; charset=iso-8859-1 | clean |
http://www.gtabbs.com/ | 200 OK Content-Length: 54211 Content-Type: text/html | clean |
http://www.gtabbs.com/js/core/core.js | 200 OK Content-Length: 24479 Content-Type: application/x-javascript | clean |
http://gtabbs.com/js/pw_ajax.js | 200 OK Content-Length: 12636 Content-Type: application/x-javascript | clean |
http://cbjs.baidu.com/js/m.js | 200 OK Content-Length: 30494 Content-Type: application/x-javascript | clean |
http://gtabbs.com/mode/area/js/ddsliderplayer.js | 200 OK Content-Length: 2350 Content-Type: application/x-javascript | clean |
http://gtabbs.com/js/Deploy.js | 200 OK Content-Length: 1912 Content-Type: application/x-javascript | clean |
http://gtabbs.com/js/global.js | 200 OK Content-Length: 49213 Content-Type: application/x-javascript | clean |
http://gtabbs.com/mode/area/js/adminview.js | 200 OK Content-Length: 12479 Content-Type: application/x-javascript | clean |
http://gtabbs.com/js/app_global.js | 200 OK Content-Length: 9467 Content-Type: application/x-javascript | clean |
http://gtabbs.com/m/index.php | HTTP/1.1 301 Moved Permanently Connection: close Date: Thu, 12 Jun 2014 19:24:21 GMT Location: http://www.gtabbs.com/m/index.php Server: Tengine Content-Length: 241 Content-Type: text/html; charset=iso-8859-1 | clean |
http://www.gtabbs.com/m/index.php | 200 OK Content-Length: 11438 Content-Type: text/html | clean |
http://www.gtabbs.com/m/index.php?a=search | 200 OK Content-Length: 8985 Content-Type: text/html | clean |
http://www.gtabbs.com/m/index.php?a=forum | 200 OK Content-Length: 8990 Content-Type: text/html | clean |
http://www.gtabbs.com/m/index.php?a=ms_index | 200 OK Content-Length: 8894 Content-Type: text/html | clean |
http://www.gtabbs.com/m/index.php?a=login | 200 OK Content-Length: 10311 Content-Type: text/html | clean |
http://www.gtabbs.com/m/ | 200 OK Content-Length: 11438 Content-Type: text/html | clean |
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=gtabbs.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://gtabbs.com/
Result: gtabbs.com is not infected or malware details are not published yet.
Result: gtabbs.com is not infected or malware details are not published yet.