Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=subdemon.com
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: redleaf.es
Result:
HTTP/1.1 301 Moved Permanently
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Tue, 30 Sep 2014 03:12:30 GMT
Pragma: no-cache
Location: http://www.redleaf.es/
Server: Apache
Vary: Accept-Encoding,User-Agent
Content-Length: 0
Content-Type: text/html; charset=UTF-8
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Set-Cookie: PHPSESSID=c4447e647c752389740ccd8c3fd8b8eb; path=/
X-Pingback: http://www.redleaf.es/xmlrpc.php
X-UA-Compatible: IE=edge,chrome=1
...0 bytes of data.
GET / HTTP/1.1
Host: redleaf.es
Result:
HTTP/1.1 301 Moved Permanently
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Tue, 30 Sep 2014 03:12:30 GMT
Pragma: no-cache
Location: http://www.redleaf.es/
Server: Apache
Vary: Accept-Encoding,User-Agent
Content-Length: 0
Content-Type: text/html; charset=UTF-8
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Set-Cookie: PHPSESSID=c4447e647c752389740ccd8c3fd8b8eb; path=/
X-Pingback: http://www.redleaf.es/xmlrpc.php
X-UA-Compatible: IE=edge,chrome=1
...0 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: redleaf.es
Referer: http://www.google.com/search?q=redleaf.es
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: redleaf.es
Referer: http://www.google.com/search?q=redleaf.es
Result:
The result is similar to the first query. There are no suspicious redirects found.
Scanned pages/files
Request | Server response | Status |
http://subdemon.com/ | HTTP/1.1 301 Moved Permanently Connection: close Date: Mon, 12 May 2014 02:58:09 GMT Location: http://www.demonoid.me Server: lighttpd/1.4.28 Content-Length: 0 Content-Type: text/html X-Powered-By: PHP/5.3.9-1~dotdeb.3 | malicious |
http://www.demonoid.me/ | HTTP/1.1 301 Moved Permanently Connection: close Date: Mon, 12 May 2014 02:58:08 GMT Location: http://www.demonoid.ph/ Server: Apache Content-Length: 231 Content-Type: text/html; charset=iso-8859-1 | clean |
http://www.demonoid.ph/ | 200 OK Content-Length: 21090 Content-Type: text/html | clean |
http://www.demonoid.ph/js/jquery-1.9.1.min.js | 200 OK Content-Length: 92629 Content-Type: application/x-javascript | clean |
http://subdemon.com/cached/se.js | HTTP/1.1 301 Moved Permanently Connection: close Date: Mon, 12 May 2014 02:58:10 GMT Location: http://www.demonoid.me/cached/se.js Server: lighttpd/1.4.28 Content-Length: 0 Content-Type: text/html X-Powered-By: PHP/5.3.9-1~dotdeb.3 | malicious |
http://www.demonoid.me/cached/se.js | HTTP/1.1 301 Moved Permanently Connection: close Date: Mon, 12 May 2014 02:58:09 GMT Location: http://www.demonoid.ph/cached/se.js Server: Apache Content-Length: 243 Content-Type: text/html; charset=iso-8859-1 | clean |
http://www.demonoid.ph/cached/se.js | 200 OK Content-Length: 398 Content-Type: application/x-javascript | clean |
http://subdemon.com/register.php | HTTP/1.1 301 Moved Permanently Connection: close Date: Mon, 12 May 2014 02:58:11 GMT Location: http://www.demonoid.me/register.php Server: lighttpd/1.4.28 Content-Length: 0 Content-Type: text/html X-Powered-By: PHP/5.3.9-1~dotdeb.3 | malicious |
http://www.demonoid.me/register.php | HTTP/1.1 301 Moved Permanently Connection: close Date: Mon, 12 May 2014 02:58:10 GMT Location: http://www.demonoid.ph/register.php Server: Apache Content-Length: 243 Content-Type: text/html; charset=iso-8859-1 | clean |
http://www.demonoid.ph/register.php | 200 OK Content-Length: 30270 Content-Type: text/html | clean |
http://www.google.com/recaptcha/api/challenge?k=6Lc5eL8SAAAAADg7yP_VRi1dBZxqesuNGEr1CDOg | 200 OK Content-Length: 9374 Content-Type: text/javascript | clean |
http://subdemon.com/password_retrieval.php | HTTP/1.1 301 Moved Permanently Connection: close Date: Mon, 12 May 2014 02:58:12 GMT Location: http://www.demonoid.me/password_retrieval.php Server: lighttpd/1.4.28 Content-Length: 0 Content-Type: text/html X-Powered-By: PHP/5.3.24-1~dotdeb.0 | malicious |
http://www.demonoid.me/password_retrieval.php | HTTP/1.1 301 Moved Permanently Connection: close Date: Mon, 12 May 2014 02:58:11 GMT Location: http://www.demonoid.ph/password_retrieval.php Server: Apache Content-Length: 253 Content-Type: text/html; charset=iso-8859-1 | clean |
http://www.demonoid.ph/password_retrieval.php | 200 OK Content-Length: 15441 Content-Type: text/html | clean |
http://www.demonoid.ph/files/ | 200 OK Content-Length: 125180 Content-Type: text/html | clean |
http://www.demonoid.ph/cached/dropdown7.js | 200 OK Content-Length: 4321 Content-Type: application/x-javascript | clean |
http://www.demonoid.ph/torrent_categories_script.php | 200 OK Content-Length: 24950 Content-Type: text/javascript | clean |
http://www.demonoid.ph/top_torrents.php | 200 OK Content-Length: 300666 Content-Type: text/html | clean |
http://www.demonoid.ph/torrent_upload.php | HTTP/1.1 301 Moved Permanently Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Connection: close Date: Mon, 12 May 2014 02:58:18 GMT Pragma: no-cache Location: /account_handler.php?returnpath=%2Ftorrent_upload.php&withq=0 Server: i see what you did there Vary: Accept-Encoding,User-Agent Content-Type: text/html Expires: Thu, 19 Nov 1981 08:52:00 GMT Set-Cookie: PHPSESSID=8pdtm3k22knblbuu63jdgbmqg4; path=/ Set-Cookie: lkni=1318980578; expires=Mon, 12-May-2014 06:58:15 GMT; path=/ Set-Cookie: X-Proxy-To=app26; path=/ X-L2-Cache: MISS X-Server-L0: app26 | clean |
http://www.demonoid.ph/account_handler.php?returnpath=%2ftorrent_upload.php&withq=0 | 200 OK Content-Length: 19660 Content-Type: text/html | clean |
http://www.demonoid.ph/faq.php | 200 OK Content-Length: 62331 Content-Type: text/html | clean |
http://www.demonoid.ph/forum.php | HTTP/1.1 301 Moved Permanently Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Connection: close Date: Mon, 12 May 2014 02:58:20 GMT Pragma: no-cache Location: /account_handler.php?returnpath=%2Fforum.php&withq=0 Server: i see what you did there Vary: Accept-Encoding,User-Agent Content-Type: text/html Expires: Thu, 19 Nov 1981 08:52:00 GMT Set-Cookie: PHPSESSID=hkqeg5e7m61dh63hll87lufr61; path=/ Set-Cookie: X-Proxy-To=app27; path=/ X-L2-Cache: MISS X-Server-L0: app27 | clean |
http://www.demonoid.ph/account_handler.php?returnpath=%2fforum.php&withq=0 | 200 OK Content-Length: 19645 Content-Type: text/html | clean |
http://www.demonoid.ph/irc/ | 200 OK Content-Length: 3398 Content-Type: text/html | clean |
http://www.demonoid.ph/APE_JSF/Clients/mootools-core.js | 200 OK Content-Length: 103250 Content-Type: application/x-javascript | clean |