Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: monmouth.journalsnj.com
Result:
HTTP/1.1 200 OK
Cache-Control: max-age=3, must-revalidate
Connection: close
Date: Thu, 18 Dec 2014 16:33:26 GMT
Server: Apache/2.2.26 (Unix) mod_ssl/2.2.26 OpenSSL/1.0.1e-fips DAV/2 mod_bwlimited/1.4
Vary: Accept-Encoding,Cookie
Content-Length: 118792
Content-Type: text/html; charset=UTF-8
Last-Modified: Thu, 18 Dec 2014 15:37:51 GMT
WP-Super-Cache: Served supercache file from PHP
X-Powered-By: PHP/5.4.26
...118792 bytes of data.
GET / HTTP/1.1
Host: monmouth.journalsnj.com
Result:
HTTP/1.1 200 OK
Cache-Control: max-age=3, must-revalidate
Connection: close
Date: Thu, 18 Dec 2014 16:33:26 GMT
Server: Apache/2.2.26 (Unix) mod_ssl/2.2.26 OpenSSL/1.0.1e-fips DAV/2 mod_bwlimited/1.4
Vary: Accept-Encoding,Cookie
Content-Length: 118792
Content-Type: text/html; charset=UTF-8
Last-Modified: Thu, 18 Dec 2014 15:37:51 GMT
WP-Super-Cache: Served supercache file from PHP
X-Powered-By: PHP/5.4.26
...118792 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: monmouth.journalsnj.com
Referer: http://www.google.com/search?q=monmouth.journalsnj.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: monmouth.journalsnj.com
Referer: http://www.google.com/search?q=monmouth.journalsnj.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Scanned pages/files
Request | Server response | Status |
http://www.pocu.net/ | HTTP/1.1 301 Moved Permanently Connection: close Date: Tue, 16 Sep 2014 01:03:38 GMT Location: http://www.erotikporna.com/ Server: cloudflare-nginx Content-Type: text/html CF-RAY: 16a9253b9ffe0893-FRA Set-Cookie: __cfduid=d72bd473067eb83aaeea6f60bbbb381541410829418819; expires=Mon, 23-Dec-2019 23:50:00 GMT; path=/; domain=.pocu.net; HttpOnly | malicious |
http://www.erotikporna.com/ | 200 OK Content-Length: 20347 Content-Type: text/html | clean |
http://ajax.googleapis.com/ajax/libs/swfobject/2.2/swfobject.js | 200 OK Content-Length: 10220 Content-Type: text/javascript | clean |
http://www.pocu.net/sirala/en-yeni.html | HTTP/1.1 301 Moved Permanently Connection: close Date: Tue, 16 Sep 2014 01:03:39 GMT Location: http://www.erotikporna.com/sirala/en-yeni.html Server: cloudflare-nginx Content-Type: text/html CF-RAY: 16a92541f2020893-FRA Set-Cookie: __cfduid=d70cf0b010f010ca52ee8d27cbed009a41410829419836; expires=Mon, 23-Dec-2019 23:50:00 GMT; path=/; domain=.pocu.net; HttpOnly | malicious |
http://www.erotikporna.com/sirala/en-yeni.html | 200 OK Content-Length: 22278 Content-Type: text/html | clean |
http://www.erotikporna.com/sirala/en-cok-izlenen.html | 200 OK Content-Length: 22733 Content-Type: text/html | clean |
http://www.erotikporna.com/sirala/rastgele.html | 200 OK Content-Length: 22278 Content-Type: text/html | clean |
http://www.erotikporna.com/porno-izle/aldatma-pornolari.html | 200 OK Content-Length: 19979 Content-Type: text/html | clean |
http://www.erotikporna.com/porno-izle/amator-porno.html | 200 OK Content-Length: 20510 Content-Type: text/html | clean |
http://www.erotikporna.com/porno-izle/anal-porno.html | 200 OK Content-Length: 20214 Content-Type: text/html | clean |
http://www.erotikporna.com/porno-izle/anime-porno.html | 200 OK Content-Length: 20497 Content-Type: text/html | clean |
http://www.erotikporna.com/porno-izle/attirma-filmleri.html | 200 OK Content-Length: 20587 Content-Type: text/html | clean |
http://www.erotikporna.com/porno-izle/erotik-filmler.html | 200 OK Content-Length: 20841 Content-Type: text/html | clean |
http://www.erotikporna.com/porno-izle/gay-porno.html | 200 OK Content-Length: 20832 Content-Type: text/html | clean |
http://www.erotikporna.com/porno-izle/grup-seks.html | 200 OK Content-Length: 20615 Content-Type: text/html | clean |
http://www.erotikporna.com/porno-izle/iskenceli-porno.html | 200 OK Content-Length: 19185 Content-Type: text/html | clean |
http://www.erotikporna.com/porno-izle/japon-pornosu.html | 200 OK Content-Length: 20838 Content-Type: text/html | clean |
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=pocu.net
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://pocu.net/
Result: pocu.net is not infected or malware details are not published yet.
Result: pocu.net is not infected or malware details are not published yet.