Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: costumerusuk.com
Result:
HTTP/1.1 301 Moved
Cache-Control: no-cache
Connection: close
Date: Fri, 18 Jul 2014 14:49:23 GMT
Location: http://costumerusuk.com/index.php
Server: Apache/2.4.9 (Unix)
Vary: Host
Content-Length: 0
Content-Type: text/html; charset=utf-8
X-Powered-By: PHP/5.2.17
...0 bytes of data.
GET / HTTP/1.1
Host: costumerusuk.com
Result:
HTTP/1.1 301 Moved
Cache-Control: no-cache
Connection: close
Date: Fri, 18 Jul 2014 14:49:23 GMT
Location: http://costumerusuk.com/index.php
Server: Apache/2.4.9 (Unix)
Vary: Host
Content-Length: 0
Content-Type: text/html; charset=utf-8
X-Powered-By: PHP/5.2.17
...0 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: costumerusuk.com
Referer: http://www.google.com/search?q=costumerusuk.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: costumerusuk.com
Referer: http://www.google.com/search?q=costumerusuk.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Scanned pages/files
| Request | Server response | Status |
http://www.costumerusuk.com/ | HTTP/1.1 302 Moved Temporarily Connection: close Date: Fri, 18 Jul 2014 14:49:13 GMT Location: http://costumerusuk.com/index.php? Server: Apache/2.4.9 (Unix) Content-Length: 0 Content-Type: text/html; charset=utf-8 X-Powered-By: PHP/5.2.17 | clean |
http://costumerusuk.com/index.php? | 200 OK Content-Length: 47595 Content-Type: text/html | clean |
http://costumerusuk.com/themes/prestacoder_blacknwhite/cache/266ba86a942ad4fbb448122903efe30d.js | 200 OK Content-Length: 144074 Content-Type: text/javascript | clean |
http://costumerusuk.com/modules/pss_slideshow/js/jquery-plugins/jquery.cross-slide.js | 200 OK Content-Length: 11724 Content-Type: text/javascript | clean |
http://www.costumerusuk.com/test404page.js | HTTP/1.1 302 Moved Temporarily Connection: close Date: Fri, 18 Jul 2014 14:49:18 GMT Location: http://costumerusuk.com/index.php?controller=404 Server: Apache/2.4.9 (Unix) Content-Length: 0 Content-Type: text/html; charset=utf-8 X-Powered-By: PHP/5.2.17 | clean |
http://costumerusuk.com/index.php?controller=404 | 404 Not Found Content-Length: 32326 Content-Type: text/html | clean |
http://costumerusuk.com/ | HTTP/1.1 301 Moved Cache-Control: no-cache Connection: close Date: Fri, 18 Jul 2014 14:49:23 GMT Location: http://costumerusuk.com/index.php Server: Apache/2.4.9 (Unix) Vary: Host Content-Length: 0 Content-Type: text/html; charset=utf-8 X-Powered-By: PHP/5.2.17 | clean |
http://costumerusuk.com/index.php | 200 OK Content-Length: 47594 Content-Type: text/html | clean |
http://costumerusuk.com/index.php?id_lang=7 | 200 OK Content-Length: 47609 Content-Type: text/html | clean |
http://costumerusuk.com/index.php?id_lang=1 | 200 OK Content-Length: 47604 Content-Type: text/html | clean |
http://costumerusuk.com/index.php?controller=order-opc | 200 OK Content-Length: 33728 Content-Type: text/html | clean |
http://costumerusuk.com/themes/prestacoder_blacknwhite/cache/937f3106742c32a7624d4797ee2998c6.js | 200 OK Content-Length: 222811 Content-Type: text/javascript | clean |
http://costumerusuk.com/index.php?controller=order-opc&id_lang=7 | 200 OK Content-Length: 33754 Content-Type: text/html | clean |
http://costumerusuk.com/index.php?controller=order-opc&id_lang=1 | 200 OK Content-Length: 33742 Content-Type: text/html | clean |
http://costumerusuk.com/index.php?controller=my-account | HTTP/1.1 302 Moved Temporarily Connection: close Date: Fri, 18 Jul 2014 14:49:36 GMT Location: http://costumerusuk.com/index.php?controller=authentication&back=my-account Server: Apache/2.4.9 (Unix) Vary: Host Content-Length: 0 Content-Type: text/html; charset=utf-8 Set-Cookie: 3f99a2f33f7744ef0eca694ec6b1a644=FyJsqr16MiPtqR%2FpVztikGsEQ3cbkUxpdNXucpnibWNSN5dtXzGQwhLIlh08GMr0ANaXDCHZJnT2X4l2u5FnbJaO%2BEVn4pfFHzDl9K6oq0Q%3D000075; expires=Thu, 07-Aug-2014 14:49:36 GMT; path=/; domain=costumerusuk.com; httponly X-Powered-By: PHP/5.2.17 | clean |
http://costumerusuk.com/index.php?controller=authentication&back=my-account | 200 OK Content-Length: 34962 Content-Type: text/html | clean |
http://costumerusuk.com/themes/prestacoder_blacknwhite/cache/af8959c026f83b60be8be8c477d31812.js | 200 OK Content-Length: 146849 Content-Type: text/javascript | clean |
http://costumerusuk.com/index.php?controller=authentication&back=my-account&id_lang=7 | 200 OK Content-Length: 34988 Content-Type: text/html | clean |
http://costumerusuk.com/index.php?controller=authentication&back=my-account&id_lang=1 | 200 OK Content-Length: 34976 Content-Type: text/html | clean |
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=costumerusuk.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://costumerusuk.com/
Result: costumerusuk.com is not infected or malware details are not published yet.
Result: costumerusuk.com is not infected or malware details are not published yet.