Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: not606.com
Result:
HTTP/1.1 200 OK
Cache-Control: private
Connection: close
Date: Thu, 18 Sep 2014 00:33:04 GMT
Pragma: private
Server: Apache/2.2.15 (CentOS)
Content-Type: text/html; charset=ISO-8859-1
Set-Cookie: bb_sessionhash=4b1ef8d0642dd208cc9acdf2f7ccb05f; path=/; domain=.not606.com; HttpOnly
Set-Cookie: bb_lastvisit=1411000384; expires=Fri, 18-Sep-2015 00:33:04 GMT; path=/; domain=.not606.com
Set-Cookie: bb_lastactivity=0; expires=Fri, 18-Sep-2015 00:33:04 GMT; path=/; domain=.not606.com
X-Powered-By: PHP/5.3.3
GET / HTTP/1.1
Host: not606.com
Result:
HTTP/1.1 200 OK
Cache-Control: private
Connection: close
Date: Thu, 18 Sep 2014 00:33:04 GMT
Pragma: private
Server: Apache/2.2.15 (CentOS)
Content-Type: text/html; charset=ISO-8859-1
Set-Cookie: bb_sessionhash=4b1ef8d0642dd208cc9acdf2f7ccb05f; path=/; domain=.not606.com; HttpOnly
Set-Cookie: bb_lastvisit=1411000384; expires=Fri, 18-Sep-2015 00:33:04 GMT; path=/; domain=.not606.com
Set-Cookie: bb_lastactivity=0; expires=Fri, 18-Sep-2015 00:33:04 GMT; path=/; domain=.not606.com
X-Powered-By: PHP/5.3.3
Second query (visit from search engine):
GET / HTTP/1.1
Host: not606.com
Referer: http://www.google.com/search?q=not606.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: not606.com
Referer: http://www.google.com/search?q=not606.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Scanned pages/files
| Request | Server response | Status |
http://not606.com/ | 200 OK Content-Length: 36586 Content-Type: text/html | clean |
http://yui.yahooapis.com/2.7.0/build/utilities/utilities.js | 200 OK Content-Length: 115854 Content-Type: application/javascript | clean |
http://yui.yahooapis.com/2.7.0/build/tabview/tabview-min.js | 200 OK Content-Length: 9633 Content-Type: application/javascript | clean |
http://not606.com/includes/dispatcher-min.js | 200 OK Content-Length: 10787 Content-Type: text/javascript | clean |
http://yui.yahooapis.com/2.9.0/build/yuiloader-dom-event/yuiloader-dom-event.js?v=419 | 200 OK Content-Length: 61619 Content-Type: application/javascript | clean |
http://yui.yahooapis.com/2.9.0/build/connection/connection-min.js?v=419 | 200 OK Content-Length: 13257 Content-Type: application/javascript | clean |
http://www.not606.com/clientscript/vbulletin-core.js?v=419 | 200 OK Content-Length: 51218 Content-Type: text/javascript | clean |
http://yui.yahooapis.com/2.9.0/build/animation/animation-min.js?v=419 | 200 OK Content-Length: 14240 Content-Type: application/javascript | clean |
http://www.not606.com/clientscript/vbulletin-sidebar.js?v=419 | 200 OK Content-Length: 4316 Content-Type: text/javascript | clean |
http://not606.com/clientscript/vbulletin_md5.js?v=419 | 200 OK Content-Length: 5464 Content-Type: text/javascript | clean |
http://pagead2.googlesyndication.com/pagead/show_ads.js | 200 OK Content-Length: 21394 Content-Type: text/javascript | clean |
http://not606.com/forum.php?s=4b1ef8d0642dd208cc9acdf2f7ccb05f | 200 OK Content-Length: 36613 Content-Type: text/html | clean |
http://not606.com/register.php?s=4b1ef8d0642dd208cc9acdf2f7ccb05f | 200 OK Content-Length: 28167 Content-Type: text/html | clean |
http://not606.com/clientscript/vbulletin_ajax_nameverif.js?v=419 | 200 OK Content-Length: 2502 Content-Type: text/javascript | clean |
http://www.google.com/recaptcha/api/challenge?k=6LezcMkSAAAAAMXY6dg9FobPwcjaKDV0C5GDvQR- | 200 OK Content-Length: 8885 Content-Type: text/javascript | clean |
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=not606.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://not606.com/
Result: not606.com is not infected or malware details are not published yet.
Result: not606.com is not infected or malware details are not published yet.