Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: batcafe.com
Result:
GET / HTTP/1.1
Host: batcafe.com
Result:
Second query (visit from search engine):
GET / HTTP/1.1
Host: batcafe.com
Referer: http://www.google.com/search?q=batcafe.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: batcafe.com
Referer: http://www.google.com/search?q=batcafe.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Scanned pages/files
Request | Server response | Status |
http://www.batcafe.com/ | 200 OK Content-Length: 7963 Content-Type: text/html | clean |
http://www.batcafe.com/batblog/ | 200 OK Content-Length: 43142 Content-Type: text/html | clean |
http://rpc.blogrolling.com/display.php?r=94b701faf664669973a14436bdee2aa8 | 404 Not Found Content-Length: 3267 Content-Type: text/html | clean |
http://s7.addthis.com/js/250/addthis_widget.js | 200 OK Content-Length: 6816 Content-Type: text/javascript | clean |
http://rpc.blogrolling.com/ | 200 OK Content-Length: 3701 Content-Type: text/html | clean |
http://rpc.blogrolling.com/test404page.js | 404 Not Found Content-Length: 3267 Content-Type: text/html | clean |
http://s12.sitemeter.com/js/counter.js?site=s12edgar | HTTP/1.1 302 Redirect Date: Mon, 12 May 2014 10:30:20 GMT Location: http://s12.sitemeter.com/js/counter.asp?site=s12edgar Server: Microsoft-IIS/6.0 Content-Length: 176 Content-Type: text/html X-Powered-By: ASP.NET | clean |
http://s12.sitemeter.com/js/counter.asp?site=s12edgar | 200 OK Content-Length: 7551 Content-Type: application/x-javascript | clean |
http://www.batcafe.com/writing_section.html | 200 OK Content-Length: 7929 Content-Type: text/html | clean |
http://www.batcafe.com/misspent_youth/index.html | 200 OK Content-Length: 10446 Content-Type: text/html | clean |
http://htmlgear.tripod.com/text/control.text?u=mordbat&i=2&a=render&style=js | HTTP/1.1 301 Moved Permanently Connection: close Date: Mon, 12 May 2014 10:32:26 GMT Location: http://htmlgear.lycos.com/text/control.text?u=mordbat&i=2&a=render&style=js Server: Apache/2.2.3 (CentOS) mod_perl/2.0.2 Perl/v5.8.8 Content-Length: 295 Content-Type: text/html; charset=iso-8859-1 | clean |
http://htmlgear.lycos.com/text/control.text?u=mordbat&i=2&a=render&style=js | 200 OK Content-Length: 5034 Content-Type: text/html | clean |
http://www.batcafe.com/guano/polar/polar_index.html | 200 OK Content-Length: 796 Content-Type: text/html | clean |
http://www.batcafe.com/enfer/about.html | 200 OK Content-Length: 6315 Content-Type: text/html | clean |
http://htmlgear.lycos.com/text/control.text?u=mordbat&i=3&a=render&style=js | 200 OK Content-Length: 5034 Content-Type: text/html | clean |
http://www.batcafe.com/writing_index.html | 200 OK Content-Length: 8980 Content-Type: text/html | clean |
http://www.batcafe.com/speakeasy_public/winterslastdregs.html | 200 OK Content-Length: 6309 Content-Type: text/html | clean |
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=batcafe.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://batcafe.com/
Result: batcafe.com is not infected or malware details are not published yet.
Result: batcafe.com is not infected or malware details are not published yet.