Malicious/Suspicious Redirects
Request | Server response | Status |
URL: http://www.webwinkel-beginnen.org/ (imitation of visitor from search engine) GET / HTTP/1.1 Host: www.webwinkel-beginnen.org Referer: http://www.google.com/search?q=redirect+check1 | HTTP/1.1 301 Moved Permanently Connection: close Date: Sun, 31 Aug 2014 07:13:24 GMT Location: http://goo.gl/niCjwD Server: Apache/2 Content-Length: 306 Content-Type: text/html; charset=iso-8859-1 | malicious |
URL: http://goo.gl/niCjwD (imitation of visitor from search engine) GET /niCjwD HTTP/1.1 Host: goo.gl Referer: http://www.google.com/search?q=redirect+check2 | HTTP/1.1 301 Moved Permanently Cache-Control: no-cache, no-store, max-age=0, must-revalidate Connection: close Date: Sun, 31 Aug 2014 07:13:24 GMT Pragma: no-cache Location: http://www.mb102.com/lnk.asp?o=5727&c=918271&a=30772 Server: GSE Content-Type: text/html; charset=UTF-8 Expires: Fri, 01 Jan 1990 00:00:00 GMT Alternate-Protocol: 80:quic X-Content-Type-Options: nosniff X-Frame-Options: SAMEORIGIN X-XSS-Protection: 1; mode=block | suspicious |
URL: http://www.mb102.com/lnk.asp?o=5727&c=918271&a=30772 (imitation of visitor from search engine) GET /lnk.asp?o=5727&c=918271&a=30772 HTTP/1.1 Host: www.mb102.com Referer: http://www.google.com/search?q=redirect+check3 | HTTP/1.1 302 Object moved Cache-Control: private Date: Sun, 31 Aug 2014 07:12:38 GMT Location: http://www.maxbounty.com/lnk.asp?o=5727&c=918271&a=30772 Server: Microsoft-IIS/7.0 Content-Length: 185 Content-Type: text/html Set-Cookie: ASPSESSIONIDCQTQSCRB=FBNDBIBBPHGPPCPJEKBDPGIL; path=/ X-Powered-By: ASP.NET | suspicious |
URL: http://www.maxbounty.com/r.asp?f=0&n=21000&x=92316&z=62997 (imitation of visitor from search engine) GET /r.asp?f=0&n=21000&x=92316&z=62997 HTTP/1.1 Host: www.maxbounty.com Referer: http://www.google.com/search?q=redirect+check4 | HTTP/1.1 302 Object moved Cache-Control: private Date: Sun, 31 Aug 2014 07:12:31 GMT Location: http://lp.sharelive.net/?appid=608&subid=1079277525 Server: Microsoft-IIS/7.0 Content-Length: 176 Content-Type: text/html P3P: policyref="/P3P/p3p.xml",CP="ALL DSP COR CURa ADMi DEVi HISi OTPi OUR IND PHY ONL UNI FIN COM NAV INT STA" Set-Cookie: I=1079277525; expires=Wed, 28-Aug-2024 04:00:00 GMT; path=/ Set-Cookie: mb%5F5250=AC=1079277525&CS=&AF=147150; expires=Thu, 30-Oct-2014 04:00:00 GMT; path=/ Set-Cookie: ASPSESSIONIDASDSTTTA=DFNEAFDBNLAJINNICJCPHGAJ; path=/ X-Powered-By: ASP.NET | suspicious |
Scanned pages/files
Request | Server response | Status |
http://www.webwinkel-beginnen.org/ | 500 timeout Content-Length: 30 Content-Type: text/plain | clean |
http://www.webwinkel-beginnen.org/test404page.js | 500 timeout Content-Length: 30 Content-Type: text/plain | clean |
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=webwinkel-beginnen.org
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://webwinkel-beginnen.org/
Result: webwinkel-beginnen.org is not infected or malware details are not published yet.
Result: webwinkel-beginnen.org is not infected or malware details are not published yet.