Malicious/Suspicious Redirects
| Request | Server response | Status |
URL: http://www.gtbank.by/ (imitation of visitor from search engine) GET / HTTP/1.1 Host: www.gtbank.by Referer: http://www.google.com/search?q=redirect+check1 | HTTP/1.1 302 Moved Temporarily Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Connection: close Date: Mon, 15 Sep 2014 15:43:28 GMT Pragma: no-cache Location: http://web-redirect.ru/?web Server: Apache/2.2.15 (Red Hat) PHP/5.3.27 Content-Type: text/html; charset=UTF-8 Expires: Thu, 19 Nov 1981 08:52:00 GMT Set-Cookie: _cutt_caches_images=1410795808; expires=Tue, 16-Sep-2014 15:43:28 GMT; path=/ Set-Cookie: PHPSESSID=tlb6o1a8c5c24e5jfatm0rl1d7; path=/ Set-Cookie: dle_user_id=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.gtbank.by; httponly Set-Cookie: dle_password=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.gtbank.by; httponly Set-Cookie: dle_hash=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.gtbank.by; httponly X-Cache: MISS from turbine1.ht-systems.ru X-Cache-Lookup: MISS from turbine1.ht-systems.ru:6666 X-Powered-By: PHP/5.3.27 | malicious |
URL: http://web-redirect.ru/?web (imitation of visitor from search engine) GET /?web HTTP/1.1 Host: web-redirect.ru Referer: http://www.google.com/search?q=redirect+check2 | HTTP/1.1 302 Found Cache-Control: max-age=0 Connection: close Date: Mon, 15 Sep 2014 15:43:29 GMT Pragma: no-cache Location: http://honeycake.com.ua/components/com_weblinks/2/separator.php Server: nginx/1.0.15 Content-Length: 0 Content-Type: text/html; charset=utf-8 Expires: Thu, 21 Jul 1977 07:30:00 GMT Last-Modified: Mon, 15 Sep 2014 15:43:29 GMT X-Powered-By: PHP/5.3.3 | suspicious |
Scanned pages/files
| Request | Server response | Status |
http://www.gtbank.by/ | 200 OK Content-Length: 34212 Content-Type: text/html | clean |
http://goo.gl/TVwRqF | HTTP/1.1 301 Moved Permanently Cache-Control: no-cache, no-store, max-age=0, must-revalidate Connection: close Date: Mon, 15 Sep 2014 15:38:44 GMT Pragma: no-cache Age: 285 Location: http://myfilefordownloads.ru/jquery-2.1.1.min.js.php Server: GSE Content-Type: text/html; charset=UTF-8 Expires: Mon, 01 Jan 1990 00:00:00 GMT Alternate-Protocol: 80:quic,p=0.002 X-Content-Type-Options: nosniff X-Frame-Options: SAMEORIGIN X-XSS-Protection: 1; mode=block | clean |
http://myfilefordownloads.ru/jquery-2.1.1.min.js.php | 200 OK Content-Length: 1321 Content-Type: application/javascript | clean |
http://www.gtbank.by/engine/classes/js/jquery.js | 200 OK Content-Length: 91556 Content-Type: text/javascript | clean |
http://www.gtbank.by/engine/classes/js/jqueryui.js | 200 OK Content-Length: 65247 Content-Type: text/javascript | clean |
http://www.gtbank.by/engine/classes/js/dle_js.js | 200 OK Content-Length: 19675 Content-Type: text/javascript | clean |
http://www.gtbank.by/i/jquery.min.js | 200 OK Content-Length: 46437 Content-Type: text/javascript | clean |
http://www.gtbank.by/i/poll.js | 200 OK Content-Length: 1822 Content-Type: text/javascript | clean |
http://www.gtbank.by/openads/adx.js | 404 Not Found Content-Length: 303 Content-Type: text/html | clean |
http://www.gtbank.by/test404page.js | 404 Not Found Content-Length: 303 Content-Type: text/html | clean |
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=gtbank.by
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://gtbank.by/
Result: gtbank.by is not infected or malware details are not published yet.
Result: gtbank.by is not infected or malware details are not published yet.