Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: humoron.com
Result:
HTTP/1.1 301 Moved Permanently
Connection: close
Date: Fri, 13 Nov 2015 17:56:04 GMT
Location: http://www.humoron.com/
Server: cloudflare-nginx
Content-Length: 0
CF-RAY: 244c59e7b8742adf-WAW
Set-Cookie: __cfduid=d6145b76f424dcefc7d793cba85ce338c1447437364; expires=Sat, 12-Nov-16 17:56:04 GMT; path=/; domain=.humoron.com; HttpOnly
...0 bytes of data.
GET / HTTP/1.1
Host: humoron.com
Result:
HTTP/1.1 301 Moved Permanently
Connection: close
Date: Fri, 13 Nov 2015 17:56:04 GMT
Location: http://www.humoron.com/
Server: cloudflare-nginx
Content-Length: 0
CF-RAY: 244c59e7b8742adf-WAW
Set-Cookie: __cfduid=d6145b76f424dcefc7d793cba85ce338c1447437364; expires=Sat, 12-Nov-16 17:56:04 GMT; path=/; domain=.humoron.com; HttpOnly
...0 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: humoron.com
Referer: http://www.google.com/search?q=humoron.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: humoron.com
Referer: http://www.google.com/search?q=humoron.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Scanned pages/files
Request | Server response | Status |
http://humoron.com/ | HTTP/1.1 301 Moved Permanently Connection: close Date: Fri, 13 Nov 2015 17:56:04 GMT Location: http://www.humoron.com/ Server: cloudflare-nginx Content-Length: 0 CF-RAY: 244c59e7b8742adf-WAW Set-Cookie: __cfduid=d6145b76f424dcefc7d793cba85ce338c1447437364; expires=Sat, 12-Nov-16 17:56:04 GMT; path=/; domain=.humoron.com; HttpOnly | clean |
http://www.humoron.com/ | 200 OK Content-Length: 85288 Content-Type: text/html | clean |
http://www.humoron.com/wwwajax.js | 200 OK Content-Length: 5295 Content-Type: application/javascript | clean |
http://service.clicksvenue.com/get_embed.php?sid=427&spid=465&scid=10 | 200 OK Content-Length: 946 Content-Type: application/x-javascript | clean |
http://humoron.com/js/mobile.js | HTTP/1.1 301 Moved Permanently Cache-Control: public, max-age=86400 Connection: close Date: Fri, 13 Nov 2015 17:56:07 GMT Location: http://www.humoron.com/js/mobile.js Server: cloudflare-nginx Content-Length: 0 Expires: Sat, 14 Nov 2015 17:56:07 GMT CF-Cache-Status: MISS CF-RAY: 244c59f8141f2ab5-WAW Set-Cookie: __cfduid=d8f6766d9c3e9946196a7501ab18074231447437367; expires=Sat, 12-Nov-16 17:56:07 GMT; path=/; domain=.humoron.com; HttpOnly | clean |
http://www.humoron.com/js/mobile.js | 200 OK Content-Length: 2653 Content-Type: application/javascript | clean |
http://humoron.com/out.php?member=daftporn.com | HTTP/1.1 301 Moved Permanently Connection: close Date: Fri, 13 Nov 2015 17:56:07 GMT Location: http://www.humoron.com/out.php?member=daftporn.com Server: cloudflare-nginx Content-Length: 0 CF-RAY: 244c59f9d4cb2aeb-WAW Set-Cookie: __cfduid=db63d8301ec5bb909857519eda8d1f2f91447437367; expires=Sat, 12-Nov-16 17:56:07 GMT; path=/; domain=.humoron.com; HttpOnly | clean |
http://www.humoron.com/out.php?member=daftporn.com | HTTP/1.1 302 Found Connection: close Date: Fri, 13 Nov 2015 17:56:07 GMT Location: http://www.daftporn.com Server: cloudflare-nginx Content-Type: text/html CF-RAY: 244c59fa82722b0f-WAW Set-Cookie: __cfduid=d5009e6630c01536288edd9f09163e1751447437367; expires=Sat, 12-Nov-16 17:56:07 GMT; path=/; domain=.humoron.com; HttpOnly Set-Cookie: from=nocookie; expires=Sat, 14-Nov-2015 17:55:05 GMT; path=/ Set-Cookie: to=nocookie%7Cdaftporn.com; expires=Sat, 14-Nov-2015 17:55:05 GMT; path=/ Set-Cookie: vs=daftporn.com%7C; expires=Sat, 14-Nov-2015 17:55:05 GMT; path=/ X-Powered-By: PHP/5.4.4-14+deb7u14 | clean |
http://www.daftporn.com/ | 200 OK Content-Length: 38523 Content-Type: text/html | clean |
http://www.daftporn.com/extreme-videos | HTTP/1.1 301 Moved Permanently Connection: close Date: Fri, 13 Nov 2015 17:52:37 GMT Location: http://www.daftporn.com/extreme-videos/ Server: Apache Content-Length: 313 Content-Type: text/html; charset=iso-8859-1 | clean |
http://www.daftporn.com/extreme-videos/ | 200 OK Content-Length: 20963 Content-Type: text/html | clean |
http://www.daftporn.com/?p=pictures | 200 OK Content-Length: 18927 Content-Type: text/html | clean |
http://www.daftporn.com/?p=gallery | 200 OK Content-Length: 25669 Content-Type: text/html | clean |
http://www.daftporn.com/?p=animated_porn_gifs | 200 OK Content-Length: 16544 Content-Type: text/html | clean |
http://www.daftporn.com/link.php?location=content&position=26 | 200 OK Content-Length: 292 Content-Type: text/html | clean |
http://www.daftporn.com/test404page.js | 404 Not Found Content-Length: 14314 Content-Type: text/html | clean |
http://www.daftporn.com/?p=submit | 200 OK Content-Length: 24812 Content-Type: text/html | clean |
http://www.daftporn.com/link.php?location=content&position=23 | 200 OK Content-Length: 288 Content-Type: text/html | clean |
http://www.daftporn.com/link.php?location=left&position=6 | 200 OK Content-Length: 310 Content-Type: text/html | clean |
http://www.daftporn.com/link.php?location=left&position=10 | 200 OK Content-Length: 280 Content-Type: text/html | clean |
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=humoron.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://humoron.com/
Result: humoron.com is not infected or malware details are not published yet.
Result: humoron.com is not infected or malware details are not published yet.