Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: kureselbak.org
Result:
HTTP/1.1 301 Moved Permanently
Connection: close
Date: Sat, 17 Jan 2015 03:44:11 GMT
Location: http://www.kureselbak.org/
Server: LiteSpeed
Content-Length: 0
Content-Type: text/html; charset=UTF-8
X-Pingback: http://www.kureselbak.org/xmlrpc.php
X-Powered-By: PHP/5.3.27
...0 bytes of data.
GET / HTTP/1.1
Host: kureselbak.org
Result:
HTTP/1.1 301 Moved Permanently
Connection: close
Date: Sat, 17 Jan 2015 03:44:11 GMT
Location: http://www.kureselbak.org/
Server: LiteSpeed
Content-Length: 0
Content-Type: text/html; charset=UTF-8
X-Pingback: http://www.kureselbak.org/xmlrpc.php
X-Powered-By: PHP/5.3.27
...0 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: kureselbak.org
Referer: http://www.google.com/search?q=kureselbak.org
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: kureselbak.org
Referer: http://www.google.com/search?q=kureselbak.org
Result:
The result is similar to the first query. There are no suspicious redirects found.
Scanned pages/files
Request | Server response | Status |
http://kureselbak.org/ | HTTP/1.1 301 Moved Permanently Connection: close Date: Sat, 17 Jan 2015 03:44:11 GMT Location: http://www.kureselbak.org/ Server: LiteSpeed Content-Length: 0 Content-Type: text/html; charset=UTF-8 X-Pingback: http://www.kureselbak.org/xmlrpc.php X-Powered-By: PHP/5.3.27 | clean |
http://www.kureselbak.org/ | 200 OK Content-Length: 59347 Content-Type: text/html | clean |
http://is.gd/3pz70l | HTTP/1.1 301 Moved Permanently Connection: close Date: Sat, 17 Jan 2015 03:44:13 GMT Location: http://diipo.com/.cache/ Server: cloudflare-nginx Content-Type: text/html CF-RAY: 1a9f8d92b2290ae4-WAW Set-Cookie: __cfduid=d3e4ba4fe1ce8a3f2d318c4f8948bad571421466253; expires=Sun, 17-Jan-16 03:44:13 GMT; path=/; domain=.is.gd; HttpOnly X-Powered-By: PHP/5.5.9-1ubuntu4.5 | clean |
http://diipo.com/.cache/ | HTTP/1.1 302 Found Connection: close Date: Sat, 17 Jan 2015 03:44:12 GMT Location: http://diipo.com/cgi-sys/suspendedpage.cgi Server: Apache Content-Length: 226 Content-Type: text/html; charset=iso-8859-1 | clean |
http://diipo.com/cgi-sys/suspendedpage.cgi | HTTP/1.1 301 Moved Permanently Connection: close Date: Sat, 17 Jan 2015 03:44:12 GMT Location: http://biz41.inmotionhosting.com/unavailable.html Server: Apache Content-Length: 257 Content-Type: text/html; charset=iso-8859-1 | clean |
http://biz41.inmotionhosting.com/unavailable.html | 200 OK Content-Length: 1163 Content-Type: text/html | clean |
http://biz41.inmotionhosting.com/test404page.js | 404 Not Found Content-Length: 236 Content-Type: text/html | clean |
http://www.kureselbak.org/wp-content/themes/suffusion/dbx.js | 200 OK Content-Length: 47437 Content-Type: application/javascript | clean |
http://www.kureselbak.org/wp-includes/js/jquery/jquery.js?ver=1.8.3 | 200 OK Content-Length: 93658 Content-Type: application/javascript | clean |
http://www.kureselbak.org/wp-content/themes/suffusion/scripts/sidebar-tabs.js?ver=3.5.1 | 200 OK Content-Length: 647 Content-Type: application/javascript | clean |
http://www.kureselbak.org/wp-content/themes/suffusion/scripts/widget-fix.js?ver=3.5.1 | 200 OK Content-Length: 155 Content-Type: application/javascript | clean |
http://is.gd/CDGG6L | HTTP/1.1 301 Moved Permanently Connection: close Date: Sat, 17 Jan 2015 03:44:18 GMT Location: http://koedawood.com/u9104d3/ Server: cloudflare-nginx Content-Type: text/html CF-RAY: 1a9f8db04d300ae4-WAW Set-Cookie: __cfduid=ddc74f5a264fb668bcd5dfd736214421e1421466257; expires=Sun, 17-Jan-16 03:44:17 GMT; path=/; domain=.is.gd; HttpOnly X-Powered-By: PHP/5.5.9-1ubuntu4.5 | clean |
http://koedawood.com/u9104d3/ | 200 OK Content-Length: 2534 Content-Type: text/html | clean |
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=kureselbak.org
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://kureselbak.org/
Result: kureselbak.org is not infected or malware details are not published yet.
Result: kureselbak.org is not infected or malware details are not published yet.