Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: erotik.nl
Result:
HTTP/1.1 301 Moved Permanently
Connection: close
Date: Tue, 16 Sep 2014 03:17:03 GMT
Location: http://www.erotik.nl/
Server: Apache
Vary: Accept-Encoding
Content-Length: 229
Content-Type: text/html; charset=iso-8859-1
...229 bytes of data.
GET / HTTP/1.1
Host: erotik.nl
Result:
HTTP/1.1 301 Moved Permanently
Connection: close
Date: Tue, 16 Sep 2014 03:17:03 GMT
Location: http://www.erotik.nl/
Server: Apache
Vary: Accept-Encoding
Content-Length: 229
Content-Type: text/html; charset=iso-8859-1
...229 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: erotik.nl
Referer: http://www.google.com/search?q=erotik.nl
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: erotik.nl
Referer: http://www.google.com/search?q=erotik.nl
Result:
The result is similar to the first query. There are no suspicious redirects found.
Scanned pages/files
Request | Server response | Status |
http://erotik.nl/ | HTTP/1.1 301 Moved Permanently Connection: close Date: Tue, 16 Sep 2014 03:17:03 GMT Location: http://www.erotik.nl/ Server: Apache Vary: Accept-Encoding Content-Length: 229 Content-Type: text/html; charset=iso-8859-1 | clean |
http://www.erotik.nl/ | 200 OK Content-Length: 293625 Content-Type: text/html | clean |
http://www.klikbonus.com/tools/mdetect.php?siteid=template&site=sex-filmpjes.nl | 200 OK Content-Length: 24473 Content-Type: text/html | clean |
http://www.klikbonus.com/test404page.js | HTTP/1.1 302 Found Connection: close Date: Tue, 16 Sep 2014 03:16:28 GMT Location: http://x0.nl/ Server: Apache Content-Length: 197 Content-Type: text/html; charset=iso-8859-1 | clean |
http://x0.nl/ | 200 OK Content-Length: 28107 Content-Type: text/html | clean |
http://www.klikbonus.com/tools/mdetect.php?siteid=48 | 200 OK Content-Length: 24478 Content-Type: text/html | clean |
http://promotools.mbicash.nl/banners/javascript/banner.js?bannerid=153&prid=3244&p=329920&pi=&nas=BN_SP_Bannerset2012_JS | 200 OK Content-Length: 379 Content-Type: text/html | clean |
http://adspaces.ero-advertising.com/adspace/199559.js | 200 OK Content-Length: 1824 Content-Type: application/javascript | clean |
http://www.ondemandcash.com/tools/flashbanners/flashbanners.js.php?banner=dvddownload/nl/promotieacties/160x600.swf&height=600&width=160&p=1004&i=erotik | 200 OK Content-Length: 1083 Content-Type: text/html | clean |
http://promotools.mbicash.nl/banners/javascript/banner.js?bannerid=129&prid=3240&p=329920&pi=&nas=BN_SCS_Bannerset2012_JS | 200 OK Content-Length: 386 Content-Type: text/html | clean |
http://promotools.mbicash.nl/banners/javascript/banner.js?bannerid=141&prid=3246&p=329920&pi=&nas=BN_SDG_Bannerset2012_JS | 200 OK Content-Length: 366 Content-Type: text/html | clean |
http://promotools.vpscash.nl/dating/promo/heteprofielen/gif_banners/160x600/heteprofielen_001.js?p=15772&pi=erotik | 200 OK Content-Length: 388 Content-Type: text/x-javascript | clean |
http://promotools.mbicash.nl/banners/javascript/banner.js?bannerid=184&prid=3238&p=329920&pi=erotik&nas=BN_SSD_Bannerset2012A_JS | 200 OK Content-Length: 376 Content-Type: text/html | clean |
http://adspaces.ero-advertising.com/adspace/199740.js | 200 OK Content-Length: 1813 Content-Type: application/javascript | clean |
http://promotools.vpscash.nl/escort/promo/flash_banners/160x600/index.js?p=15772&pi=erotik | 200 OK Content-Length: 822 Content-Type: text/x-javascript | clean |
http://tools.vpscash.nl/dating/promo/neukoproepjes/gif_banners/468x60/neukoproepjes_001.js?p=15772&pi=erotik | 200 OK Content-Length: 385 Content-Type: text/x-javascript | clean |
http://erotik.nl//ajax.aspnetcdn.com/ajax/jQuery/jquery-1.9.1.min.js/ | HTTP/1.1 301 Moved Permanently Connection: close Date: Tue, 16 Sep 2014 03:17:09 GMT Location: http://www.erotik.nl/ajax.aspnetcdn.com/ajax/jQuery/jquery-1.9.1.min.js/ Server: Apache Vary: Accept-Encoding Content-Length: 280 Content-Type: text/html; charset=iso-8859-1 | clean |
http://www.erotik.nl/ajax.aspnetcdn.com/ajax/jquery/jquery-1.9.1.min.js/ | 404 Not Found Content-Length: 249 Content-Type: text/html | clean |
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=erotik.nl
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://erotik.nl/
Result: erotik.nl is not infected or malware details are not published yet.
Result: erotik.nl is not infected or malware details are not published yet.