Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: oenologuesdefrance.fr
Result:
HTTP/1.1 200 OK
Connection: close
Date: Fri, 15 Aug 2014 06:03:22 GMT
Server: Apache/2.2.22 (Ubuntu)
Vary: Accept-Encoding
Content-Type: text/html
X-Powered-By: PHP/4.4.4-8+etch6
GET / HTTP/1.1
Host: oenologuesdefrance.fr
Result:
HTTP/1.1 200 OK
Connection: close
Date: Fri, 15 Aug 2014 06:03:22 GMT
Server: Apache/2.2.22 (Ubuntu)
Vary: Accept-Encoding
Content-Type: text/html
X-Powered-By: PHP/4.4.4-8+etch6
Second query (visit from search engine):
GET / HTTP/1.1
Host: oenologuesdefrance.fr
Referer: http://www.google.com/search?q=oenologuesdefrance.fr
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: oenologuesdefrance.fr
Referer: http://www.google.com/search?q=oenologuesdefrance.fr
Result:
The result is similar to the first query. There are no suspicious redirects found.
Scanned pages/files
| Request | Server response | Status |
http://oenologuesdefrance.fr/ | 200 OK Content-Length: 1833 Content-Type: text/html | clean |
http://oenologuesdefrance.fr/accueil.php | 200 OK Content-Length: 29149 Content-Type: text/html | clean |
http://oenologuesdefrance.fr/extranet.php | 200 OK Content-Length: 8281 Content-Type: text/html | clean |
http://oenologuesdefrance.fr/_redirection.php?id_campagne=29&lien=www.titrivin.com | HTTP/1.1 302 Found Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Connection: close Date: Fri, 15 Aug 2014 06:03:23 GMT Pragma: no-cache Location: http://www.titrivin.com Server: Apache/2.2.22 (Ubuntu) Vary: Accept-Encoding Content-Length: 0 Content-Type: text/html Expires: Thu, 19 Nov 1981 08:52:00 GMT Set-Cookie: PHPSESSID=a62069c674867b5f6a8392a23d32e57a; path=/ X-Powered-By: PHP/4.4.4-8+etch6 | clean |
http://www.titrivin.com/ | 200 OK Content-Length: 21439 Content-Type: text/html | clean |
http://www.titrivin.com/typo3temp/compressor/merged-635efeffff74e778ecfb05f7240eb8ad.js | 200 OK Content-Length: 94841 Content-Type: application/javascript | clean |
http://oenologuesdefrance.fr/typo3temp/compressor/merged-7f19c3744824ef855f380af75b88039e.js | 404 Not Found Content-Length: 348 Content-Type: text/html | clean |
http://oenologuesdefrance.fr/test404page.js | 404 Not Found Content-Length: 299 Content-Type: text/html | clean |
http://oenologuesdefrance.fr/typo3temp/compressor/merged-76632fe177d2e35b3879e6cc31c03d74.js | 404 Not Found Content-Length: 348 Content-Type: text/html | clean |
http://oenologuesdefrance.fr/evenement.php?id_evenement=101 | 200 OK Content-Length: 10462 Content-Type: text/html | clean |
http://oenologuesdefrance.fr/evenement.php?id_evenement=100 | 200 OK Content-Length: 10210 Content-Type: text/html | clean |
http://oenologuesdefrance.fr/gestion/download.php?dwn=fichiers_evenements/100_Davaye2014.pdf | 200 OK Content-Length: 271848 Content-Type: application/octet-stream | clean |
http://oenologuesdefrance.fr/evenement.php?id_evenement=99 | 200 OK Content-Length: 10754 Content-Type: text/html | clean |
http://oenologuesdefrance.fr/gestion/download.php?dwn=fichiers_evenements/99_annonce_cg.pdf | 200 OK Content-Length: 300707 Content-Type: application/octet-stream | clean |
http://oenologuesdefrance.fr/evenement.php?id_evenement=96 | 200 OK Content-Length: 12626 Content-Type: text/html | clean |
http://oenologuesdefrance.fr/gestion/download.php?dwn=fichiers_evenements/96_beaujolais.pdf | 200 OK Content-Length: 300706 Content-Type: application/octet-stream | clean |
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=oenologuesdefrance.fr
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://oenologuesdefrance.fr/
Result: oenologuesdefrance.fr is not infected or malware details are not published yet.
Result: oenologuesdefrance.fr is not infected or malware details are not published yet.