Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: thailandhoyaclub.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Mon, 02 Jun 2014 16:42:13 GMT
Server: Apache/2
Vary: Accept-Encoding,User-Agent
Content-Length: 5380
Content-Type: text/html
X-Powered-By: PHP/5.2.17
...5380 bytes of data.
GET / HTTP/1.1
Host: thailandhoyaclub.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Mon, 02 Jun 2014 16:42:13 GMT
Server: Apache/2
Vary: Accept-Encoding,User-Agent
Content-Length: 5380
Content-Type: text/html
X-Powered-By: PHP/5.2.17
...5380 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: thailandhoyaclub.com
Referer: http://www.google.com/search?q=thailandhoyaclub.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: thailandhoyaclub.com
Referer: http://www.google.com/search?q=thailandhoyaclub.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Scanned pages/files
Request | Server response | Status |
http://thailandhoyaclub.com/ | 200 OK Content-Length: 5380 Content-Type: text/html | clean |
http://thailandhoyaclub.com/species.php | 200 OK Content-Length: 9305 Content-Type: text/html | clean |
http://thailandhoyaclub.com/index.php | 200 OK Content-Length: 5380 Content-Type: text/html | clean |
http://thailandhoyaclub.com/oplants.php | 200 OK Content-Length: 17577 Content-Type: text/html | clean |
http://thailandhoyaclub.com/articles.php | 200 OK Content-Length: 29850 Content-Type: text/html | clean |
http://thailandhoyaclub.com/news.php | 200 OK Content-Length: 19758 Content-Type: text/html | clean |
http://thailandhoyaclub.com/webboard/ | HTTP/1.1 302 Found Cache-Control: private Connection: close Date: Mon, 02 Jun 2014 16:42:20 GMT Pragma: no-cache Location: http://www.thailandhoyaclub.com/webboard/index.php?PHPSESSID=418940959327088a67fc9a7f7941bfb5;www Server: Apache/2 Vary: Accept-Encoding,User-Agent Content-Length: 0 Content-Type: text/html Expires: Thu, 19 Nov 1981 08:52:00 GMT Set-Cookie: PHPSESSID=418940959327088a67fc9a7f7941bfb5; path=/ X-Powered-By: PHP/5.2.17 | clean |
http://www.thailandhoyaclub.com/webboard/index.php?phpsessid=418940959327088a67fc9a7f7941bfb5;www | 200 OK Content-Length: 24038 Content-Type: text/html | clean |
http://www.thailandhoyaclub.com/webboard/Themes/default/script.js?fin11 | 200 OK Content-Length: 13506 Content-Type: application/javascript | clean |
http://www.thailandhoyaclub.com/webboard/Themes/default/sha1.js | 200 OK Content-Length: 12815 Content-Type: application/javascript | clean |
http://thailandhoyaclub.com/test404page.js | 404 Not Found Content-Length: 403 Content-Type: text/html | clean |
http://thailandhoyaclub.com/aboutus.php | 200 OK Content-Length: 9385 Content-Type: text/html | clean |
http://thailandhoyaclub.com/species.php?s=a | 200 OK Content-Length: 9305 Content-Type: text/html | clean |
http://thailandhoyaclub.com/species.php?s=b | 200 OK Content-Length: 11308 Content-Type: text/html | clean |
http://thailandhoyaclub.com/species.php?s=c | 200 OK Content-Length: 9305 Content-Type: text/html | clean |
http://thailandhoyaclub.com/species.php?s=d | 200 OK Content-Length: 9305 Content-Type: text/html | clean |
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=thailandhoyaclub.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://thailandhoyaclub.com/
Result: thailandhoyaclub.com is not infected or malware details are not published yet.
Result: thailandhoyaclub.com is not infected or malware details are not published yet.