Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: helpgsm.pl
Result:
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Thu, 09 Oct 2014 11:20:52 GMT
Pragma: no-cache
Server: Apache/2
Vary: Accept-Encoding,User-Agent
Content-Type: text/html; charset=UTF-8
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Set-Cookie: PHPSESSID=c4466ae7e4f687f4895078c11ea7f282; path=/
Set-Cookie: wpfilebase=1
X-Pingback: http://helpgsm.pl/xmlrpc.php
X-Powered-By: PHP/5.2.10
GET / HTTP/1.1
Host: helpgsm.pl
Result:
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Thu, 09 Oct 2014 11:20:52 GMT
Pragma: no-cache
Server: Apache/2
Vary: Accept-Encoding,User-Agent
Content-Type: text/html; charset=UTF-8
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Set-Cookie: PHPSESSID=c4466ae7e4f687f4895078c11ea7f282; path=/
Set-Cookie: wpfilebase=1
X-Pingback: http://helpgsm.pl/xmlrpc.php
X-Powered-By: PHP/5.2.10
Second query (visit from search engine):
GET / HTTP/1.1
Host: helpgsm.pl
Referer: http://www.google.com/search?q=helpgsm.pl
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: helpgsm.pl
Referer: http://www.google.com/search?q=helpgsm.pl
Result:
The result is similar to the first query. There are no suspicious redirects found.
Scanned pages/files
Request | Server response | Status |
http://helpgsm.pl/ | 200 OK Content-Length: 66233 Content-Type: text/html | clean |
https://ajax.googleapis.com/ajax/libs/jquery/1.4.4/jquery.min.js?ver=3.3.2 | 200 OK Content-Length: 78601 Content-Type: text/javascript | clean |
http://helpgsm.pl/wp-content/plugins/feature-suggest/js/jquery.infieldlabel.js?ver=3.3.2 | 200 OK Content-Length: 3867 Content-Type: application/javascript | clean |
http://helpgsm.pl/wp-content/plugins/gl-facebook-likebox/js/script.js?ver=3.3.2 | 200 OK Content-Length: 830 Content-Type: application/javascript | clean |
http://connect.facebook.net/en_US/all.js?ver=3.3.2 | 200 OK Content-Length: 163644 Content-Type: application/x-javascript | clean |
http://helpgsm.pl/wp-content/themes/Avenue/js/jcarousellite_1.0.1.pack.js?ver=3.3.2 | 200 OK Content-Length: 2137 Content-Type: application/javascript | clean |
http://helpgsm.pl/wp-content/themes/Avenue/js/jquery.nivo.slider.pack.js?ver=3.3.2 | 200 OK Content-Length: 15877 Content-Type: application/javascript | clean |
http://helpgsm.pl/wp-content/themes/Avenue/js/colorbox/jquery.colorbox-min.js?ver=3.3.2 | 200 OK Content-Length: 9820 Content-Type: application/javascript | clean |
http://helpgsm.pl/wp-content/themes/Avenue/js/scripts.js?ver=3.3.2 | 200 OK Content-Length: 3411 Content-Type: application/javascript | clean |
http://helpgsm.pl/wp-content/plugins/simple-lightbox/js/lib.js?ver=1.5.4b | 200 OK Content-Length: 10184 Content-Type: application/javascript | clean |
http://helpgsm.pl/wp-content/plugins/youtube-embed/js/ye-gatracker.js?ver=3.3.2 | 200 OK Content-Length: 100 Content-Type: application/javascript | clean |
http://pagead2.googlesyndication.com/pagead/show_ads.js | 200 OK Content-Length: 21308 Content-Type: text/javascript | clean |
http://www.google.com/recaptcha/api/challenge?k=6LelO9QSAAAAAPV5-wvgwNEEdUe7eZevRYNwIysc | 200 OK Content-Length: 10775 Content-Type: text/javascript | clean |
http://helpgsm.pl/wp-content/plugins/formidable/js/formidable.js?ver=1.06.03 | 200 OK Content-Length: 14409 Content-Type: application/javascript | clean |
http://helpgsm.pl/wp-content/plugins/feature-suggest/js/global.js?ver=3.3.2 | 200 OK Content-Length: 2036 Content-Type: application/javascript | clean |
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=helpgsm.pl
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://helpgsm.pl/
Result: helpgsm.pl is not infected or malware details are not published yet.
Result: helpgsm.pl is not infected or malware details are not published yet.