Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: maxwitte.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Sat, 13 Sep 2014 20:55:25 GMT
Server: Apache
Content-Type: text/html
X-Powered-By: PHP/5.2.17
GET / HTTP/1.1
Host: maxwitte.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Sat, 13 Sep 2014 20:55:25 GMT
Server: Apache
Content-Type: text/html
X-Powered-By: PHP/5.2.17
Second query (visit from search engine):
GET / HTTP/1.1
Host: maxwitte.com
Referer: http://www.google.com/search?q=maxwitte.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: maxwitte.com
Referer: http://www.google.com/search?q=maxwitte.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Scanned pages/files
| Request | Server response | Status |
http://maxwitte.com/ | HTTP/1.1 200 OK Connection: close Date: Sat, 13 Sep 2014 20:55:25 GMT Server: Apache Content-Type: text/html X-Powered-By: PHP/5.2.17 | clean |
http://www.max-witte.de/ | 200 OK Content-Length: 16726 Content-Type: text/html | clean |
http://instantcontent.freenet.de/freecounter/counter.php?counter_id=1143541271_35&design_id=6 | HTTP/1.1 301 Moved Permanently Connection: close Date: Sat, 13 Sep 2014 20:55:25 GMT Location: http://domain.freenet.de/funktionen/weblog/?counter_id=1143541271_35&design_id=6 Server: Apache Vary: Accept-Encoding Content-Length: 367 Content-Type: text/html; charset=iso-8859-1 | clean |
http://domain.freenet.de/funktionen/weblog/?counter_id=1143541271_35&design_id=6 | HTTP/1.1 301 Moved Permanently Connection: close Date: Sat, 13 Sep 2014 20:55:26 GMT Location: https://domain.freenet.de/funktionen/weblog/?counter_id=1143541271_35&design_id=6 Server: Apache/2.2.16 (Debian) Vary: Accept-Encoding Content-Length: 376 Content-Type: text/html; charset=iso-8859-1 | clean |
https://domain.freenet.de/funktionen/weblog/?counter_id=1143541271_35&design_id=6 | HTTP/1.1 302 Found Connection: close Date: Sat, 13 Sep 2014 20:55:26 GMT Location: /funktionen/weblog?counter_id=1143541271_35&design_id=6 Server: Apache/2.2.16 (Debian) Vary: Accept-Encoding Content-Length: 0 Content-Type: text/html; charset=UTF-8 X-Pad: avoid browser bug | clean |
https://domain.freenet.de/funktionen/weblog?counter_id=1143541271_35&design_id=6 | HTTP/1.1 302 Found Cache-Control: max-age=cacheTime Connection: close Date: Sat, 13 Sep 2014 20:55:26 GMT Location: /Domain/Uebersicht Server: Apache/2.2.16 (Debian) Vary: Accept-Encoding Content-Length: 0 Content-Type: text/html; charset=UTF-8 Expires: Sat, 13 Sep 2014 20:55:26 +0000 Last-Modified: Sat, 13 Sep 2014 20:55:26 +0000 X-Content-Type-Options: nosniff X-Frame-Options: SAMEORIGIN X-Powered-By: Fat-Free Framework X-XSS-Protection: 1; mode=block | clean |
https://domain.freenet.de/domain/uebersicht | HTTP/1.1 302 Found Cache-Control: max-age=cacheTime Connection: close Date: Sat, 13 Sep 2014 20:55:26 GMT Location: /Domain/Uebersicht Server: Apache/2.2.16 (Debian) Vary: Accept-Encoding Content-Length: 0 Content-Type: text/html; charset=UTF-8 Expires: Sat, 13 Sep 2014 20:55:26 +0000 Last-Modified: Sat, 13 Sep 2014 20:55:26 +0000 X-Content-Type-Options: nosniff X-Frame-Options: SAMEORIGIN X-Powered-By: Fat-Free Framework X-XSS-Protection: 1; mode=block | clean |
http://domain.freenet.de/test404page.js | HTTP/1.1 301 Moved Permanently Connection: close Date: Sat, 13 Sep 2014 20:55:27 GMT Location: https://domain.freenet.de/test404page.js Server: Apache/2.2.16 (Debian) Vary: Accept-Encoding Content-Length: 331 Content-Type: text/html; charset=iso-8859-1 | clean |
https://domain.freenet.de/test404page.js | HTTP/1.1 302 Found Cache-Control: no-cache, no-store, must-revalidate Connection: close Date: Sat, 13 Sep 2014 20:55:27 GMT Location: /Domain/Uebersicht Server: Apache/2.2.16 (Debian) Vary: Accept-Encoding Content-Length: 0 Content-Type: text/html; charset=UTF-8 X-Content-Type-Options: nosniff X-Frame-Options: SAMEORIGIN X-Powered-By: Fat-Free Framework X-XSS-Protection: 1; mode=block | clean |
http://homepageprogramme.net/pagerank/pr.php?id=105&bild=pra&extra=1 | HTTP/1.1 302 Found Connection: close Date: Sat, 13 Sep 2014 20:55:27 GMT Location: http://ww15.homepageprogramme.net/pagerank/pr.php?id=105&bild=pra&extra=1 Server: Apache Content-Length: 0 Content-Type: text/html; charset=UTF-8 X-Powered-By: PHP/5.3.3-7+squeeze21 | clean |
http://ww15.homepageprogramme.net/pagerank/pr.php?id=105&bild=pra&extra=1 | 404 Not Found Content-Length: 13177 Content-Type: text/html | clean |
http://www.google.com/adsense/domains/caf.js | 200 OK Content-Length: 258 Content-Type: text/javascript | clean |
http://a1.dnbizcdn.com/js/parking_caf_281_1408041.js | 200 OK Content-Length: 37943 Content-Type: application/x-javascript | clean |
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=maxwitte.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://maxwitte.com/
Result: maxwitte.com is not infected or malware details are not published yet.
Result: maxwitte.com is not infected or malware details are not published yet.