Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=tekjansen.com
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: tekjansen.com
Result:
HTTP/1.1 200 OK
Cache-Control: private
Connection: close
Date: Wed, 14 Jan 2015 07:15:25 GMT
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding
Content-Type: text/html
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Set-Cookie: PHPSESSID=q91c70q5jd128elnsecfrktff5; path=/
GET / HTTP/1.1
Host: tekjansen.com
Result:
HTTP/1.1 200 OK
Cache-Control: private
Connection: close
Date: Wed, 14 Jan 2015 07:15:25 GMT
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding
Content-Type: text/html
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Set-Cookie: PHPSESSID=q91c70q5jd128elnsecfrktff5; path=/
Second query (visit from search engine):
GET / HTTP/1.1
Host: tekjansen.com
Referer: http://www.google.com/search?q=tekjansen.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: tekjansen.com
Referer: http://www.google.com/search?q=tekjansen.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Scanned pages/files
Request | Server response | Status |
http://tekjansen.com/ | 200 OK Content-Length: 21640 Content-Type: text/html | clean |
http://media.fastclick.net/w/get.media?sid=24123&m=1&tp=5&d=j&t=s | HTTP/1.1 302 Found Connection: Keep-Alive Date: Wed, 14 Jan 2015 07:15:26 GMT Location: http://ams-login.dotomi.com/commonid/match?user_token=AQENKrwbYK_JZQIBAQErAQEBAQE&rurl=http%3A%2F%2Fmedia%2Efastclick%2Enet%2Fw%2Fget%2Emedia%3Fsid%3D24123%26m%3D1%26tp%3D5%26d%3Dj%26t%3Ds%26vcpdid%3DAQENKrwbYK%5FJZQIBAQErAQEBAQE%26no%5Fcj%5Fc%3D1%26ccs%5Fstatus%3D0&tok=Tp4KqJjzhnM%3D Content-Length: 477 Content-Type: text/html; charset=iso-8859-1 Keep-Alive: timeout=5, max=19893 P3P: policyref="/w3c/p3p.xml", CP="NOI NID DEVo TAIo PSAo HISo OTPo OUR DELo BUS COM NAV INT DSP COR" Set-Cookie: cttutcid=821850490835652472; domain=.fastclick.net; path=/; expires=Fri, 13-Jan-2017 07:15:26 GMT | clean |
http://ams-login.dotomi.com/commonid/match?user_token=aqenkrwbyk_jzqibaqeraqebaqe&rurl=http%3a%2f%2fmedia%2efastclick%2enet%2fw%2fget%2emedia%3fsid%3d24123%26m%3d1%26tp%3d5%26d%3dj%26t%3ds%26vcpdid%3daqenkrwbyk%5fjzqibaqeraqebaqe%26no%5fcj%5fc%3d1%26ccs%5fstatus%3d0&tok=tp4kqjjzhnm%3d | HTTP/1.1 302 Found Connection: close Date: Wed, 14 Jan 2015 07:15:27 GMT Location: http://media.fastclick.net/w/get.media?sid=24123&m=1&tp=5&d=j&t=s&vcpdid=aqenkrwbyk_jzqibaqeraqebaqe&no_cj_c=1&ccs_status=0&status=-2 Server: nginx/1.6.2 Content-Length: 0 P3P: policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP" | clean |
http://media.fastclick.net/w/get.media?sid=24123&m=1&tp=5&d=j&t=s&vcpdid=aqenkrwbyk_jzqibaqeraqebaqe&no_cj_c=1&ccs_status=0&status=-2 | 204 No Content Content-Length: 0 Content-Type: text/plain | clean |
http://media.fastclick.net/test404page.js | 204 No Content Content-Length: 0 Content-Type: application/x-javascript | clean |
http://media.fastclick.net/w/get.media?sid=24123&m=3&tp=7&d=j&t=s | HTTP/1.1 302 Found Connection: Keep-Alive Date: Wed, 14 Jan 2015 07:15:27 GMT Location: http://ams-login.dotomi.com/commonid/match?user_token=AQENKrwbYK_JZQIBAQErAQEBAQE&rurl=http%3A%2F%2Fmedia%2Efastclick%2Enet%2Fw%2Fget%2Emedia%3Fsid%3D24123%26m%3D3%26tp%3D7%26d%3Dj%26t%3Ds%26vcpdid%3DAQENKrwbYK%5FJZQIBAQErAQEBAQE%26no%5Fcj%5Fc%3D1%26ccs%5Fstatus%3D0&tok=Tp4KqJjziNM%3D Content-Length: 477 Content-Type: text/html; charset=iso-8859-1 Keep-Alive: timeout=5, max=19967 P3P: policyref="/w3c/p3p.xml", CP="NOI NID DEVo TAIo PSAo HISo OTPo OUR DELo BUS COM NAV INT DSP COR" Set-Cookie: cttutcid=821024250871408929; domain=.fastclick.net; path=/; expires=Fri, 13-Jan-2017 07:15:27 GMT | clean |
http://ams-login.dotomi.com/commonid/match?user_token=aqenkrwbyk_jzqibaqeraqebaqe&rurl=http%3a%2f%2fmedia%2efastclick%2enet%2fw%2fget%2emedia%3fsid%3d24123%26m%3d3%26tp%3d7%26d%3dj%26t%3ds%26vcpdid%3daqenkrwbyk%5fjzqibaqeraqebaqe%26no%5fcj%5fc%3d1%26ccs%5fstatus%3d0&tok=tp4kqjjzinm%3d | HTTP/1.1 302 Found Connection: close Date: Wed, 14 Jan 2015 07:15:27 GMT Location: http://media.fastclick.net/w/get.media?sid=24123&m=3&tp=7&d=j&t=s&vcpdid=aqenkrwbyk_jzqibaqeraqebaqe&no_cj_c=1&ccs_status=0&status=-2 Server: nginx/1.6.2 Content-Length: 0 P3P: policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP" | clean |
http://media.fastclick.net/w/get.media?sid=24123&m=3&tp=7&d=j&t=s&vcpdid=aqenkrwbyk_jzqibaqeraqebaqe&no_cj_c=1&ccs_status=0&status=-2 | 204 No Content Content-Length: 0 Content-Type: text/plain | clean |