Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: wahyukartu.com
Result:
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Sun, 05 Oct 2014 15:45:54 GMT
Pragma: no-cache
Server: Apache/2.2.27 (Unix) mod_ssl/2.2.27 OpenSSL/1.0.1e-fips mod_bwlimited/1.4
Content-Type: text/html
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Set-Cookie: PHPSESSID=a9692688ccdeca79828837aabb56c46f; path=/
Set-Cookie: ci_session=a%3A5%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%2212455326bcfb8a5d4258233a1f436c7c%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A13%3A%2278.158.11.226%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A50%3A%22Mozilla%2F4.0+%28compatible%3B+MSIE+8.0%3B+Windows+NT+5.1%29%22%3Bs%3A13%3A%22last_activity%22%3Bi%3A1412523954%3Bs%3A9%3A%22user_data%22%3Bs%3A0%3A%22%22%3B%7D7c5b087306c7c7eb74ac4e1ebbfbdfb0; expires=Sun, 05-Oct-2014 17:45:54 GMT; path=/
X-Powered-By: PHP/5.4.27
GET / HTTP/1.1
Host: wahyukartu.com
Result:
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Sun, 05 Oct 2014 15:45:54 GMT
Pragma: no-cache
Server: Apache/2.2.27 (Unix) mod_ssl/2.2.27 OpenSSL/1.0.1e-fips mod_bwlimited/1.4
Content-Type: text/html
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Set-Cookie: PHPSESSID=a9692688ccdeca79828837aabb56c46f; path=/
Set-Cookie: ci_session=a%3A5%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%2212455326bcfb8a5d4258233a1f436c7c%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A13%3A%2278.158.11.226%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A50%3A%22Mozilla%2F4.0+%28compatible%3B+MSIE+8.0%3B+Windows+NT+5.1%29%22%3Bs%3A13%3A%22last_activity%22%3Bi%3A1412523954%3Bs%3A9%3A%22user_data%22%3Bs%3A0%3A%22%22%3B%7D7c5b087306c7c7eb74ac4e1ebbfbdfb0; expires=Sun, 05-Oct-2014 17:45:54 GMT; path=/
X-Powered-By: PHP/5.4.27
Second query (visit from search engine):
GET / HTTP/1.1
Host: wahyukartu.com
Referer: http://www.google.com/search?q=wahyukartu.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: wahyukartu.com
Referer: http://www.google.com/search?q=wahyukartu.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Scanned pages/files
Request | Server response | Status |
http://wahyukartu.com/ | 200 OK Content-Length: 21381 Content-Type: text/html | clean |
http://wahyukartu.com/front | 200 OK Content-Length: 21382 Content-Type: text/html | clean |
http://wahyukartu.com/pages/About-Us | 200 OK Content-Length: 10495 Content-Type: text/html | clean |
http://wahyukartu.com/pages/History | 200 OK Content-Length: 12113 Content-Type: text/html | clean |
http://wahyukartu.com/pages/Our-Customers | 200 OK Content-Length: 10162 Content-Type: text/html | clean |
http://wahyukartu.com/pages/Our-Partners | 200 OK Content-Length: 10162 Content-Type: text/html | clean |
http://wahyukartu.com/pages/Product | 200 OK Content-Length: 10052 Content-Type: text/html | clean |
http://wahyukartu.com/pages/Gift-Cards | 200 OK Content-Length: 10941 Content-Type: text/html | clean |
http://wahyukartu.com/pages/Telecomunication | 200 OK Content-Length: 10853 Content-Type: text/html | clean |
http://wahyukartu.com/pages/Banking-Card | 200 OK Content-Length: 12484 Content-Type: text/html | clean |
http://wahyukartu.com/pages/Goverment-ID-Card | 200 OK Content-Length: 11661 Content-Type: text/html | clean |
http://wahyukartu.com/pages/Loyalty-Programs | 200 OK Content-Length: 10343 Content-Type: text/html | clean |
http://wahyukartu.com/pages/Retail-membership-Loyalty-Cards | 200 OK Content-Length: 11543 Content-Type: text/html | clean |
http://wahyukartu.com/pages/Non-Standard-Cards | 200 OK Content-Length: 10132 Content-Type: text/html | clean |
http://wahyukartu.com/pages/Product-Service | 200 OK Content-Length: 12210 Content-Type: text/html | clean |
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=wahyukartu.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://wahyukartu.com/
Result: wahyukartu.com is not infected or malware details are not published yet.
Result: wahyukartu.com is not infected or malware details are not published yet.