Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: goberg.nl
Result:
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate
Cache-Control: post-check=0, pre-check=0
Date: Thu, 18 Dec 2014 02:55:20 GMT
Pragma: no-cache
Server: Microsoft-IIS/6.0
Content-Length: 174424
Content-Type: text/html
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Last-Modified: Thu, 18 Dec 2014 02:55:20 GMT
Set-Cookie: c06b383566ad8f44ecc0d8f9da40861d=-; path=/
Set-Cookie: mosvisitor=1
X-Powered-By: ASP.NET
X-Powered-By: PHP/5.2.13
...174424 bytes of data.
GET / HTTP/1.1
Host: goberg.nl
Result:
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate
Cache-Control: post-check=0, pre-check=0
Date: Thu, 18 Dec 2014 02:55:20 GMT
Pragma: no-cache
Server: Microsoft-IIS/6.0
Content-Length: 174424
Content-Type: text/html
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Last-Modified: Thu, 18 Dec 2014 02:55:20 GMT
Set-Cookie: c06b383566ad8f44ecc0d8f9da40861d=-; path=/
Set-Cookie: mosvisitor=1
X-Powered-By: ASP.NET
X-Powered-By: PHP/5.2.13
...174424 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: goberg.nl
Referer: http://www.google.com/search?q=goberg.nl
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: goberg.nl
Referer: http://www.google.com/search?q=goberg.nl
Result:
The result is similar to the first query. There are no suspicious redirects found.
Scanned pages/files
| Request | Server response | Status |
http://goberg.nl/ | 200 OK Content-Length: 174424 Content-Type: text/html | clean |
http://www.goberg.nl/modules/ja_transmenu/transmenu.js | 200 OK Content-Length: 34938 Content-Type: application/x-javascript | clean |
http://goberg.nl/index.php?option=com_content&task=view&id=20&Itemid=34 | 200 OK Content-Length: 106550 Content-Type: text/html | clean |
http://goberg.nl/index.php?option=com_content&task=view&id=76&Itemid=130 | 200 OK Content-Length: 122015 Content-Type: text/html | clean |
http://goberg.nl/test404page.js | 404 Not Found Content-Length: 1635 Content-Type: text/html | clean |
http://goberg.nl/index.php?option=com_content&task=view&id=22&Itemid=38 | 200 OK Content-Length: 114511 Content-Type: text/html | clean |
http://goberg.nl/images/formulieren/oliebollen%20a42013.pdf | 200 OK Content-Length: 301483 Content-Type: application/pdf | clean |
http://goberg.nl/images/formulieren/oliebollen%20a42014.pdf | 200 OK Content-Length: 300124 Content-Type: application/pdf | clean |
http://goberg.nl/index.php?option=com_content&task=view&id=53&Itemid=92 | 200 OK Content-Length: 118442 Content-Type: text/html | clean |
http://goberg.nl/index.php?option=com_content&task=view&id=66&Itemid=115 | 200 OK Content-Length: 107357 Content-Type: text/html | clean |
http://goberg.nl/index.php?option=com_content&task=view&id=54&Itemid=93 | 200 OK Content-Length: 95595 Content-Type: text/html | clean |
http://goberg.nl/index.php?option=com_facileforms&Itemid=52 | 200 OK Content-Length: 97694 Content-Type: text/html | clean |
http://goberg.nl/components/com_facileforms/facileforms.js | 200 OK Content-Length: 3721 Content-Type: application/x-javascript | clean |
http://goberg.nl/index.php?option=com_content&task=view&id=47&Itemid=84 | 200 OK Content-Length: 140644 Content-Type: text/html | clean |
http://goberg.nl/index.php?option=com_content&task=view&id=24&Itemid=69 | 200 OK Content-Length: 105543 Content-Type: text/html | clean |
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=goberg.nl
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://goberg.nl/
Result: goberg.nl is not infected or malware details are not published yet.
Result: goberg.nl is not infected or malware details are not published yet.