Malicious/Suspicious Redirects
Request | Server response | Status |
URL: http://www.netphp.net/ (imitation of visitor from search engine) GET / HTTP/1.1 Host: www.netphp.net Referer: http://www.google.com/search?q=redirect+check1 | HTTP/1.1 302 Moved Temporarily Connection: close Date: Mon, 22 Sep 2014 09:19:40 GMT Location: http://prsnbrk.osa.pl/ Server: Apache/2.2.3 (CentOS) Vary: Accept-Encoding Content-Type: text/html X-Powered-By: PHP/5.2.10 | malicious |
Scanned pages/files
Request | Server response | Status |
http://www.netphp.net/ | 200 OK Content-Length: 48879 Content-Type: text/html | clean |
http://www.netphp.net/base/js/base.js | 200 OK Content-Length: 78649 Content-Type: application/x-javascript | clean |
http://www.netphp.net/base/js/common.js | 200 OK Content-Length: 12172 Content-Type: application/x-javascript | clean |
http://www.netphp.net/base/js/form.js | 200 OK Content-Length: 16340 Content-Type: application/x-javascript | clean |
http://www.netphp.net/base/js/blockui.js | 200 OK Content-Length: 12587 Content-Type: application/x-javascript | clean |
http://www.netphp.net/advs/js/advsheadlb.js | 200 OK Content-Length: 702 Content-Type: application/x-javascript | clean |
http://js.tongji.linezing.com/649991/tongji.js | 200 OK Content-Length: 13055 Content-Type: application/x-javascript | clean |
http://china.alibaba.com/athena/tpLink.htm?type=view&uid=netphp2008 | HTTP/1.1 301 Moved Permanently Connection: close Date: Mon, 22 Sep 2014 09:18:43 GMT Location: http://exodus.1688.com/athena/tpLink.htm?type=view&uid=netphp2008 Server: Apache Vary: Accept-Encoding Content-Length: 277 Content-Type: text/html; charset=iso-8859-1 | clean |
http://exodus.1688.com/athena/tplink.htm?type=view&uid=netphp2008 | HTTP/1.1 301 Moved Permanently Connection: close Date: Mon, 22 Sep 2014 09:18:44 GMT Location: http://athena.1688.com/athena/tplink.htm?type=view&uid=netphp2008 Server: Apache Vary: Accept-Encoding Content-Length: 277 Content-Type: text/html; charset=iso-8859-1 | clean |
http://athena.1688.com/athena/tplink.htm?type=view&uid=netphp2008 | HTTP/1.1 301 Moved Permanently Connection: close Date: Mon, 22 Sep 2014 09:18:46 GMT Location: http://athena.1688.com/athena/tpLink.htm?type=view&uid=netphp2008 Vary: Accept-Encoding Content-Language: cn,zh-cn Content-Length: 0 Content-Type: text/html; charset=GBK Set-Cookie: JSESSIONID=8L78SPuu1-SuDSpnLyInDxdV8rX4-aTG4aqO-8sh;Path=/;Domain=.1688.com Set-Cookie: _tmp_ck_0="GDnm0JftrADJDBy2D9NT6DFHpVFoTvpz7qD2QpdAqqBeMbZaFQlBl3RyVbofOS%2B2cA%2FAC4f2eFzVvk9JCJ5WvPmBhIegDtdyGQWFPjVLyeyc%2FVrCu7L2Bjs7Gyjcu3h7%2FqDZzdkI3B%2Bbi5Q7Ox64wOuXvK%2BN%2FZ6LfHwFkDHJXxllRxGEAGwjUBc9jFVk1J6itVrVeFMoh%2BTbx77Uo9LbWwtA4EiEXUDImaG2VhGx5xZFCyD0mqL%2BVsboqJir5ifL7IpIDYhKsCWGDZ5UIJvB8ilXgbmJHO2bW6041y%2BLt8eP5ZWcP9FHFh8H0xHztnVQk%2FrUYQAdiCQrA8BQYsUSyQ%3D%3D";Version=1;Path=/;Domain=.1688.com;Discard X-XSS-Protection: 1;mode=block | clean |
http://athena.1688.com/test404page.js | HTTP/1.1 302 Found Connection: close Date: Mon, 22 Sep 2014 09:18:46 GMT Location: http://page.1688.com/shtml/static/wrongpage.html Server: Apache Vary: Accept-Encoding Content-Length: 297 Content-Type: text/html; charset=iso-8859-1 | clean |
http://page.1688.com/shtml/static/wrongpage.html | 200 OK Content-Length: 38842 Content-Type: text/html | clean |
http://astatic.alicdn.com/js/app/operation/homepage/page/404/merge-v1.js?_v=a4bb174e50054794635719b13ef9ff53.js | 200 OK Content-Length: 166254 Content-Type: application/x-javascript | clean |
http://athena.1688.com/ | HTTP/1.1 302 Found Connection: close Date: Mon, 22 Sep 2014 09:18:50 GMT Location: http://page.1688.com/shtml/static/wrongpage.html Server: Apache Vary: Accept-Encoding Content-Length: 297 Content-Type: text/html; charset=iso-8859-1 | clean |
http://page.1688.com/test404page.js | HTTP/1.1 302 Found Connection: close Date: Mon, 22 Sep 2014 09:18:51 GMT Age: 0 Location: http://page.1688.com/shtml/static/wrongpage.html Server: Apache/2.2.22 (Unix) Vary: Accept-Encoding Content-Length: 232 Content-Type: text/html; charset=iso-8859-1 X-Cache: MISS from cm3-static-002 | clean |
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=netphp.net
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://netphp.net/
Result: netphp.net is not infected or malware details are not published yet.
Result: netphp.net is not infected or malware details are not published yet.