Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: bizarresexuality.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Fri, 10 Oct 2014 16:59:04 GMT
Server: Apache
Content-Type: text/html
GET / HTTP/1.1
Host: bizarresexuality.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Fri, 10 Oct 2014 16:59:04 GMT
Server: Apache
Content-Type: text/html
Second query (visit from search engine):
GET / HTTP/1.1
Host: bizarresexuality.com
Referer: http://www.google.com/search?q=bizarresexuality.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: bizarresexuality.com
Referer: http://www.google.com/search?q=bizarresexuality.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Scanned pages/files
Request | Server response | Status |
http://bizarresexuality.com/ | 200 OK Content-Length: 155850 Content-Type: text/html | clean |
http://banners.alt.com/go/page/js_im_box_v2?lang=english&plain_text=1&skip_lpo=1&delay=1&size=square250&align=left&find_sex=2&looking_for_person=1&photo=3&explicit=1&no_rating=30&page=search&pid=p62969 | 200 OK Content-Length: 5816 Content-Type: text/html | clean |
http://banners.alt.com/test404page.js | HTTP/1.1 404 Not Found Connection: Keep-Alive Date: Fri, 10 Oct 2014 16:59:08 GMT Location: http://graphics.pop6.com/banners/bdsm/15403_468x60.gif Server: Apache Content-Length: 0 Content-Type: text/plain Keep-Alive: timeout=5, max=122 Set-Cookie: banner_user_id=78.158.11.226-1412960348-12389; path=/; domain=.alt.com; expires=Sat, 11-Oct-2014 16:59:08 GMT Set-Cookie: banner=bdsm_none_p13_banner-15403_cl0; path=/; domain=.alt.com; expires=Sat, 11-Oct-2014 16:59:08 GMT X-ApacheServer: ki44-18.friendfinderinc.com X-PERF: 0.035915,0.015418,DB_2_0.0040640,CD_8_0.0013390,PK_2_0.0117630,CE_5_0.0033310 | clean |
http://graphics.pop6.com/banners/bdsm/15403_468x60.gif | 200 OK Content-Length: 15589 Content-Type: image/gif | clean |
http://graphics.pop6.com/test404page.js | 404 Not Found Content-Length: 212 Content-Type: text/html | clean |
http://bizarresexuality.com//ajax.googleapis.com/ajax/libs/jquery/1.11.1/jquery.min.js/ | HTTP/1.1 404 Not Found Connection: close Date: Fri, 10 Oct 2014 16:59:09 GMT Server: Apache Content-Length: 315 Content-Type: text/html | clean |
http://taboo.cc/exit | HTTP/1.1 200 OK Connection: close Date: Fri, 10 Oct 2014 16:59:09 GMT Server: Apache Content-Type: text/html | clean |
http://taboo.cc/video/26411/two_vicious_nymphs_fuck_in_the_riverbed | 200 OK Content-Length: 90637 Content-Type: text/html | clean |
http://hitslap.com/show.php?u=9&type=redirect&traffic=mobile | 200 OK Content-Length: 124 Content-Type: text/html | clean |
http://hitslap.com/show.php?u=9&type=redirect&traffic=mobile'+'&r='+Math.random()+' | 200 OK Content-Length: 147 Content-Type: text/html | clean |
http://hitslap.com/show.php?u=9&type=redirect&traffic=mobile'+'&r='+Math.random()+''+'&r='+Math.random()+' | 200 OK Content-Length: 170 Content-Type: text/html | clean |
http://hitslap.com/show.php?u=9&type=redirect&traffic=mobile'+'&r='+Math.random()+''+'&r='+Math.random()+''+'&r='+Math.random()+' | 200 OK Content-Length: 193 Content-Type: text/html | clean |
http://hitslap.com/show.php?u=9&type=redirect&traffic=mobile'+'&r='+Math.random()+''+'&r='+Math.random()+''+'&r='+Math.random()+''+'&r='+Math.random()+' | 200 OK Content-Length: 216 Content-Type: text/html | clean |
http://hitslap.com/show.php?u=9&type=redirect&traffic=mobile'+'&r='+Math.random()+''+'&r='+Math.random()+''+'&r='+Math.random()+''+'&r='+Math.random()+''+'&r='+Math.random()+' | 200 OK Content-Length: 239 Content-Type: text/html | clean |
http://hitslap.com/show.php?u=9&type=redirect&traffic=mobile'+'&r='+Math.random()+''+'&r='+Math.random()+''+'&r='+Math.random()+''+'&r='+Math.random()+''+'&r='+Math.random()+''+'&r='+Math.random()+' | 200 OK Content-Length: 262 Content-Type: text/html | clean |
http://hitslap.com/show.php?u=9&type=redirect&traffic=mobile'+'&r='+Math.random()+''+'&r='+Math.random()+''+'&r='+Math.random()+''+'&r='+Math.random()+''+'&r='+Math.random()+''+'&r='+Math.random()+''+'&r='+Math.random()+' | 200 OK Content-Length: 285 Content-Type: text/html | clean |
http://hitslap.com/show.php?u=9&type=redirect&traffic=mobile'+'&r='+Math.random()+''+'&r='+Math.random()+''+'&r='+Math.random()+''+'&r='+Math.random()+''+'&r='+Math.random()+''+'&r='+Math.random()+''+'&r='+Math.random()+''+'&r='+Math.random()+' | 200 OK Content-Length: 308 Content-Type: text/html | clean |
http://hitslap.com/show.php?u=9&type=redirect&traffic=mobile'+'&r='+Math.random()+''+'&r='+Math.random()+''+'&r='+Math.random()+''+'&r='+Math.random()+''+'&r='+Math.random()+''+'&r='+Math.random()+''+'&r='+Math.random()+''+'&r='+Math.random()+''+'&r='+Math.random()+' | 200 OK Content-Length: 331 Content-Type: text/html | clean |
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=bizarresexuality.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://bizarresexuality.com/
Result: bizarresexuality.com is not infected or malware details are not published yet.
Result: bizarresexuality.com is not infected or malware details are not published yet.