Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: erotischdaten.be
Result:
HTTP/1.1 301 Moved Permanently
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Mon, 15 Sep 2014 08:46:25 GMT
Pragma: no-cache
Location: http://www.erotischdaten.be/
Server: Apache
Content-Length: 0
Content-Type: text/html; charset=UTF-8
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Set-Cookie: PHPSESSID=31fgj4l5tti8f4conng1noon63; path=/; domain=.erotischdaten.be
X-UA-Compatible: IE=edge
...0 bytes of data.
GET / HTTP/1.1
Host: erotischdaten.be
Result:
HTTP/1.1 301 Moved Permanently
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Mon, 15 Sep 2014 08:46:25 GMT
Pragma: no-cache
Location: http://www.erotischdaten.be/
Server: Apache
Content-Length: 0
Content-Type: text/html; charset=UTF-8
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Set-Cookie: PHPSESSID=31fgj4l5tti8f4conng1noon63; path=/; domain=.erotischdaten.be
X-UA-Compatible: IE=edge
...0 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: erotischdaten.be
Referer: http://www.google.com/search?q=erotischdaten.be
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: erotischdaten.be
Referer: http://www.google.com/search?q=erotischdaten.be
Result:
The result is similar to the first query. There are no suspicious redirects found.
Scanned pages/files
Request | Server response | Status |
http://erotischdaten.be/ | HTTP/1.1 301 Moved Permanently Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Connection: close Date: Mon, 15 Sep 2014 08:46:25 GMT Pragma: no-cache Location: http://www.erotischdaten.be/ Server: Apache Content-Length: 0 Content-Type: text/html; charset=UTF-8 Expires: Thu, 19 Nov 1981 08:52:00 GMT Set-Cookie: PHPSESSID=31fgj4l5tti8f4conng1noon63; path=/; domain=.erotischdaten.be X-UA-Compatible: IE=edge | clean |
http://www.erotischdaten.be/ | 200 OK Content-Length: 160825 Content-Type: text/html | clean |
http://cdn.jouweb.nl/scripts/jquery/jquery-1.8.3.min.js?1408953080 | 200 OK Content-Length: 93583 Content-Type: application/x-javascript | clean |
https://www.eurobellen.nl/linkex/?id=44roos | 200 OK Content-Length: 2122 Content-Type: text/html | clean |
https://www.eurobellen.nl/linkex/ | 200 OK Content-Length: 2116 Content-Type: text/html | clean |
https://www.eurobellen.nl/linkex/Http://www.everyoneweb.com/vicefm | 404 Not Found Content-Length: 959 Content-Type: text/html | clean |
http://www.eurobellen.nl/test404page.js | HTTP/1.1 302 Found Connection: close Date: Mon, 15 Sep 2014 08:46:28 GMT Location: https://www.eurobellen.nl/test404page.js Server: Apache Vary: Accept-Encoding Content-Length: 291 Content-Type: text/html; charset=iso-8859-1 | clean |
https://www.eurobellen.nl/test404page.js | 404 Not Found Content-Length: 959 Content-Type: text/html | clean |
https://www.eurobellen.nl/linkex/www.hairstyling-arnhem.nl | 404 Not Found Content-Length: 959 Content-Type: text/html | clean |
http://www.mollie.nl/partners/microads/411371.js | 200 OK Content-Length: 1641 Content-Type: application/javascript | clean |
http://www.jouwweb.nl/jouwweb-fallback?website=3839&strategy=adsense&width=468&colorBorder=%23FFFFFF&colorBg=%23DACBE7&colorLink=%23E70810 | 200 OK Content-Length: 4060 Content-Type: text/javascript | clean |
http://www.solidads.net/solidads/show_ads.js | 200 OK Content-Length: 1472 Content-Type: text/javascript | clean |
http://xslt.alexa.com/site_stats/js/s/c?url=http://www.erotischdaten.be/ | 200 OK Content-Length: 3153 Content-Type: application/x-javascript | clean |
http://www.jouwweb.nl/session/is-owner-of-website/website/3839 | 200 OK Content-Length: 226 Content-Type: text/javascript | clean |
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=erotischdaten.be
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://erotischdaten.be/
Result: erotischdaten.be is not infected or malware details are not published yet.
Result: erotischdaten.be is not infected or malware details are not published yet.