Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: shop.mario-colonel.com
Result:
HTTP/1.1 301 Moved
Connection: close
Date: Fri, 22 Aug 2014 02:39:21 GMT
Location: http://shop.mario-colonel.com/fr/
Server: Apache
Vary: User-Agent
Content-Length: 0
Content-Type: text/html; charset=utf-8
Set-Cookie: 8812c36aa5ae336c2a77bf63211d899a=8k8K5FR5KZdeWzqbDEAulFjjAfhy4VHlleG5B%2BX8AynA4OF7gAVMaUSoh0Cm9WOcQcbQe7aFltv3ejh8rLS28Q%3D%3D000060; expires=Thu, 11-Sep-2014 02:39:21 GMT; path=/; domain=shop.mario-colonel.com; httponly
Set-Cookie: 8812c36aa5ae336c2a77bf63211d899a=8k8K5FR5KZdeWzqbDEAulFjjAfhy4VHlleG5B%2BX8Ayn%2BzwlYVyt2WYEuA%2Fv8s5IN0SAXg5Xw6Z1sLX2M%2FvX5qq0Rawm8ChJ91MOjUVog%2BC8%3D000075; expires=Thu, 11-Sep-2014 02:39:21 GMT; path=/; domain=shop.mario-colonel.com; httponly
X-Powered-By: PHP/5.2.13-pl1-gentoo
...0 bytes of data.
GET / HTTP/1.1
Host: shop.mario-colonel.com
Result:
HTTP/1.1 301 Moved
Connection: close
Date: Fri, 22 Aug 2014 02:39:21 GMT
Location: http://shop.mario-colonel.com/fr/
Server: Apache
Vary: User-Agent
Content-Length: 0
Content-Type: text/html; charset=utf-8
Set-Cookie: 8812c36aa5ae336c2a77bf63211d899a=8k8K5FR5KZdeWzqbDEAulFjjAfhy4VHlleG5B%2BX8AynA4OF7gAVMaUSoh0Cm9WOcQcbQe7aFltv3ejh8rLS28Q%3D%3D000060; expires=Thu, 11-Sep-2014 02:39:21 GMT; path=/; domain=shop.mario-colonel.com; httponly
Set-Cookie: 8812c36aa5ae336c2a77bf63211d899a=8k8K5FR5KZdeWzqbDEAulFjjAfhy4VHlleG5B%2BX8Ayn%2BzwlYVyt2WYEuA%2Fv8s5IN0SAXg5Xw6Z1sLX2M%2FvX5qq0Rawm8ChJ91MOjUVog%2BC8%3D000075; expires=Thu, 11-Sep-2014 02:39:21 GMT; path=/; domain=shop.mario-colonel.com; httponly
X-Powered-By: PHP/5.2.13-pl1-gentoo
...0 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: shop.mario-colonel.com
Referer: http://www.google.com/search?q=shop.mario-colonel.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: shop.mario-colonel.com
Referer: http://www.google.com/search?q=shop.mario-colonel.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Scanned pages/files
Request | Server response | Status |
http://shop.mario-colonel.com/ | HTTP/1.1 301 Moved Connection: close Date: Fri, 22 Aug 2014 02:39:21 GMT Location: http://shop.mario-colonel.com/fr/ Server: Apache Vary: User-Agent Content-Length: 0 Content-Type: text/html; charset=utf-8 Set-Cookie: 8812c36aa5ae336c2a77bf63211d899a=8k8K5FR5KZdeWzqbDEAulFjjAfhy4VHlleG5B%2BX8AynA4OF7gAVMaUSoh0Cm9WOcQcbQe7aFltv3ejh8rLS28Q%3D%3D000060; expires=Thu, 11-Sep-2014 02:39:21 GMT; path=/; domain=shop.mario-colonel.com; httponly Set-Cookie: 8812c36aa5ae336c2a77bf63211d899a=8k8K5FR5KZdeWzqbDEAulFjjAfhy4VHlleG5B%2BX8Ayn%2BzwlYVyt2WYEuA%2Fv8s5IN0SAXg5Xw6Z1sLX2M%2FvX5qq0Rawm8ChJ91MOjUVog%2BC8%3D000075; expires=Thu, 11-Sep-2014 02:39:21 GMT; path=/; domain=shop.mario-colonel.com; httponly X-Powered-By: PHP/5.2.13-pl1-gentoo | clean |
http://shop.mario-colonel.com/fr/ | 200 OK Content-Length: 17825 Content-Type: text/html | clean |
http://shop.mario-colonel.com/themes/mariocolonel/cache/f9ed58016825379dd5eca08d28e79559.js | 200 OK Content-Length: 129869 Content-Type: application/x-javascript | clean |
http://shop.mario-colonel.com/themes/mariocolonel/js/prettify.js | 200 OK Content-Length: 13632 Content-Type: application/x-javascript | clean |
http://shop.mario-colonel.com/themes/mariocolonel/js/kickstart.js | 200 OK Content-Length: 69068 Content-Type: application/x-javascript | clean |
http://shop.mario-colonel.com/fr/mon-compte | HTTP/1.1 302 Moved Temporarily Connection: close Date: Fri, 22 Aug 2014 02:39:23 GMT Location: http://shop.mario-colonel.com/fr/authentification?back=my-account.php Server: Apache Vary: User-Agent Content-Length: 0 Content-Type: text/html; charset=utf-8 Set-Cookie: 8812c36aa5ae336c2a77bf63211d899a=8k8K5FR5KZdeWzqbDEAulFaD5pFUn0%2FJt7QpnS9BFXrA4OF7gAVMaUSoh0Cm9WOcswR5ukqdFbGSMXZ4%2BsaTaQ%3D%3D000059; expires=Thu, 11-Sep-2014 02:39:23 GMT; path=/; domain=shop.mario-colonel.com; httponly X-Powered-By: PHP/5.2.13-pl1-gentoo | clean |
http://shop.mario-colonel.com/fr/authentification?back=my-account.php | 200 OK Content-Length: 15894 Content-Type: text/html | clean |
http://shop.mario-colonel.com/themes/mariocolonel/cache/1b005a0c92070fb6e74e17abeb61079a.js | 200 OK Content-Length: 132644 Content-Type: application/x-javascript | clean |
http://shop.mario-colonel.com/fr/commande | 200 OK Content-Length: 14241 Content-Type: text/html | clean |
http://shop.mario-colonel.com/themes/mariocolonel/cache/4bdc6db7eaee8f1993b96f0178d55b41.js | 200 OK Content-Length: 170016 Content-Type: application/x-javascript | clean |
http://shop.mario-colonel.com/en/order | 200 OK Content-Length: 13837 Content-Type: text/html | clean |
http://shop.mario-colonel.com/en/ | 200 OK Content-Length: 17212 Content-Type: text/html | clean |
http://shop.mario-colonel.com/en/my-account | HTTP/1.1 302 Moved Temporarily Connection: close Date: Fri, 22 Aug 2014 02:39:27 GMT Location: http://shop.mario-colonel.com/fr/authentification?back=my-account.php Server: Apache Vary: User-Agent Content-Length: 0 Content-Type: text/html; charset=utf-8 Set-Cookie: 8812c36aa5ae336c2a77bf63211d899a=8k8K5FR5KZdeWzqbDEAulBiyXLwEWjRVxQWcFbgkduXA4OF7gAVMaUSoh0Cm9WOc0PZl012RoHUjXKw6wT%2ByGQ%3D%3D000059; expires=Thu, 11-Sep-2014 02:39:27 GMT; path=/; domain=shop.mario-colonel.com; httponly X-Powered-By: PHP/5.2.13-pl1-gentoo | clean |
http://shop.mario-colonel.com/test404page.js | 404 Not Found Content-Length: 0 Content-Type: text/html | clean |
http://shop.mario-colonel.com/en/5-posters | 200 OK Content-Length: 14565 Content-Type: text/html | clean |
http://shop.mario-colonel.com/fr/5-posters | 200 OK Content-Length: 15485 Content-Type: text/html | clean |
http://shop.mario-colonel.com/fr/9-horizontaux | 200 OK Content-Length: 26531 Content-Type: text/html | clean |
http://shop.mario-colonel.com/en/9-horizontal | 200 OK Content-Length: 25814 Content-Type: text/html | clean |
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=shop.mario-colonel.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://shop.mario-colonel.com/
Result: shop.mario-colonel.com is not infected or malware details are not published yet.
Result: shop.mario-colonel.com is not infected or malware details are not published yet.