Malicious/Suspicious Redirects
Request | Server response | Status |
URL: http://zabula.com.ua/ (imitation of visitor from search engine) GET / HTTP/1.1 Host: zabula.com.ua Referer: http://www.google.com/search?q=redirect+check1 | HTTP/1.1 302 Found Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Connection: close Date: Sun, 24 Aug 2014 03:50:47 GMT Pragma: no-cache Location: http://web-redirect.ru/?web Server: Apache/2.2.15 Content-Length: 211 Content-Type: text/html; charset=iso-8859-1 Expires: Mon, 1 Jan 2001 00:00:00 GMT P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM" Set-Cookie: _cutt_caches_images=1408852247; expires=Mon, 25-Aug-2014 03:50:47 GMT; path=/ Set-Cookie: 0d986a9c4746c5493680d0bfec41741b=6m0d0rto9i57j896fj423erhb1; path=/ Set-Cookie: lang=deleted; expires=Sat, 24-Aug-2013 03:50:46 GMT; path=/ Set-Cookie: jfcookie=deleted; expires=Sat, 24-Aug-2013 03:50:46 GMT; path=/ Set-Cookie: jfcookie[lang]=deleted; expires=Sat, 24-Aug-2013 03:50:46 GMT; path=/ | malicious |
URL: http://web-redirect.ru/?web (imitation of visitor from search engine) GET /?web HTTP/1.1 Host: web-redirect.ru Referer: http://www.google.com/search?q=redirect+check2 | HTTP/1.1 302 Found Cache-Control: max-age=0 Connection: close Date: Sun, 24 Aug 2014 03:50:21 GMT Pragma: no-cache Location: http://eciga.org/components/com_weblinks/1/separator.php Server: nginx/1.0.15 Content-Length: 0 Content-Type: text/html; charset=utf-8 Expires: Thu, 21 Jul 1977 07:30:00 GMT Last-Modified: Sun, 24 Aug 2014 03:50:21 GMT X-Powered-By: PHP/5.3.3 | suspicious |
Scanned pages/files
Request | Server response | Status |
http://zabula.com.ua/ | 200 OK Content-Length: 41178 Content-Type: text/html | clean |
http://zabula.com.ua/components/com_eztestimonial/assets/js/mootools-core.js | 200 OK Content-Length: 96362 Content-Type: text/javascript | clean |
http://zabula.com.ua/components/com_eztestimonial/assets/js/modal.js | 200 OK Content-Length: 9732 Content-Type: text/javascript | clean |
http://zabula.com.ua/templates/vm_sample/scripts/eqal_column.js | 200 OK Content-Length: 610 Content-Type: text/javascript | clean |
http://userapi.com/js/api/openapi.js?48 | 200 OK Content-Length: 64013 Content-Type: application/x-javascript | clean |
http://zabula.com.ua/index.php | HTTP/1.1 301 Moved Permanently Connection: close Date: Sun, 24 Aug 2014 03:50:49 GMT Location: http://zabula.com.ua/ Server: Apache/2.2.15 Content-Length: 0 Content-Type: text/html; charset=UTF-8 P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM" Set-Cookie: 0d986a9c4746c5493680d0bfec41741b=u23u66oj59tpdnpqcosnhdrqn3; path=/ Set-Cookie: lang=deleted; expires=Sat, 24-Aug-2013 03:50:48 GMT; path=/ Set-Cookie: jfcookie=deleted; expires=Sat, 24-Aug-2013 03:50:48 GMT; path=/ Set-Cookie: jfcookie[lang]=deleted; expires=Sat, 24-Aug-2013 03:50:48 GMT; path=/ | clean |
http://zabula.com.ua/test404page.js | 404 Not Found Content-Length: 212 Content-Type: text/html | clean |
http://zabula.com.ua/obo-mne.html | 200 OK Content-Length: 45526 Content-Type: text/html | clean |
https://apis.google.com/js/plusone.js | 200 OK Content-Length: 12388 Content-Type: application/javascript | clean |
http://vkontakte.ru/js/api/openapi.js?9 | 200 OK Content-Length: 64013 Content-Type: application/x-javascript | clean |
http://platform.twitter.com/widgets.js | 200 OK Content-Length: 100805 Content-Type: application/javascript | clean |
http://platform.linkedin.com/in.js | 200 OK Content-Length: 3690 Content-Type: text/javascript | clean |
http://userapi.com/js/api/openapi.js | 200 OK Content-Length: 64013 Content-Type: application/x-javascript | clean |
http://cdn.connect.mail.ru/js/loader.js | 200 OK Content-Length: 4120 Content-Type: application/x-javascript | clean |
http://zabula.com.ua/portfolio/svadba.html | 200 OK Content-Length: 20194 Content-Type: text/html | clean |
http://zabula.com.ua/flashgallery/flashgallery/swfobject.js | 200 OK Content-Length: 6722 Content-Type: text/javascript | clean |
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=zabula.com.ua
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://zabula.com.ua/
Result: zabula.com.ua is not infected or malware details are not published yet.
Result: zabula.com.ua is not infected or malware details are not published yet.