Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: medibafra.com.tr
Result:
HTTP/1.1 200 OK
Connection: close
Date: Tue, 27 Jan 2015 04:45:29 GMT
Server: LiteSpeed
Content-Type: text/html; charset=UTF-8
X-Pingback: http://medibafra.com.tr/xmlrpc.php
GET / HTTP/1.1
Host: medibafra.com.tr
Result:
HTTP/1.1 200 OK
Connection: close
Date: Tue, 27 Jan 2015 04:45:29 GMT
Server: LiteSpeed
Content-Type: text/html; charset=UTF-8
X-Pingback: http://medibafra.com.tr/xmlrpc.php
Second query (visit from search engine):
GET / HTTP/1.1
Host: medibafra.com.tr
Referer: http://www.google.com/search?q=medibafra.com.tr
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: medibafra.com.tr
Referer: http://www.google.com/search?q=medibafra.com.tr
Result:
The result is similar to the first query. There are no suspicious redirects found.
Scanned pages/files
Request | Server response | Status |
http://medibafra.com.tr/ | 200 OK Content-Length: 21690 Content-Type: text/html | clean |
http://medibafra.com.tr/category/video-galeri | HTTP/1.1 301 Moved Permanently Connection: close Date: Tue, 27 Jan 2015 04:45:29 GMT Location: http://medibafra.com.tr/category/video-galeri/ Server: LiteSpeed Content-Length: 0 Content-Type: text/html; charset=UTF-8 X-Pingback: http://medibafra.com.tr/xmlrpc.php | clean |
http://medibafra.com.tr/category/video-galeri/ | 200 OK Content-Length: 20078 Content-Type: text/html | clean |
http://medibafra.com.tr/category/foto-galeri | HTTP/1.1 301 Moved Permanently Connection: close Date: Tue, 27 Jan 2015 04:45:32 GMT Location: http://medibafra.com.tr/category/foto-galeri/ Server: LiteSpeed Content-Length: 0 Content-Type: text/html; charset=UTF-8 X-Pingback: http://medibafra.com.tr/xmlrpc.php | clean |
http://medibafra.com.tr/category/foto-galeri/ | 200 OK Content-Length: 19518 Content-Type: text/html | clean |
http://medibafra.com.tr/nobetci-eczane | HTTP/1.1 301 Moved Permanently Connection: close Date: Tue, 27 Jan 2015 04:45:34 GMT Location: http://medibafra.com.tr/nobetci-eczane/ Server: LiteSpeed Content-Length: 0 Content-Type: text/html; charset=UTF-8 X-Pingback: http://medibafra.com.tr/xmlrpc.php | clean |
http://medibafra.com.tr/nobetci-eczane/ | 200 OK Content-Length: 25194 Content-Type: text/html | clean |
http://medibafra.com.tr/category/hasta-ve-refakatci/ | 200 OK Content-Length: 19460 Content-Type: text/html | clean |
http://medibafra.com.tr/gazete | HTTP/1.1 301 Moved Permanently Connection: close Date: Tue, 27 Jan 2015 04:45:37 GMT Location: http://medibafra.com.tr/gazete/ Server: LiteSpeed Content-Length: 0 Content-Type: text/html; charset=UTF-8 X-Pingback: http://medibafra.com.tr/xmlrpc.php | clean |
http://medibafra.com.tr/gazete/ | 200 OK Content-Length: 18935 Content-Type: text/html | clean |
http://medibafra.com.tr/category/basinda-biz | HTTP/1.1 301 Moved Permanently Connection: close Date: Tue, 27 Jan 2015 04:45:38 GMT Location: http://medibafra.com.tr/category/basinda-biz/ Server: LiteSpeed Content-Length: 0 Content-Type: text/html; charset=UTF-8 X-Pingback: http://medibafra.com.tr/xmlrpc.php | clean |
http://medibafra.com.tr/category/basinda-biz/ | 200 OK Content-Length: 19167 Content-Type: text/html | clean |
http://medibafra.com.tr/is-basvurusu | HTTP/1.1 301 Moved Permanently Connection: close Date: Tue, 27 Jan 2015 04:45:40 GMT Location: http://medibafra.com.tr/is-basvurusu/ Server: LiteSpeed Content-Length: 0 Content-Type: text/html; charset=UTF-8 X-Pingback: http://medibafra.com.tr/xmlrpc.php | clean |
http://medibafra.com.tr/is-basvurusu/ | 200 OK Content-Length: 18999 Content-Type: text/html | clean |
http://medibafra.com.tr/test404page.js | 404 Not Found Content-Length: 21676 Content-Type: text/html | clean |
http://medibafra.com.tr/category/ | 404 Not Found Content-Length: 21676 Content-Type: text/html | clean |
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=medibafra.com.tr
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://medibafra.com.tr/
Result: medibafra.com.tr is not infected or malware details are not published yet.
Result: medibafra.com.tr is not infected or malware details are not published yet.