Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: 104.131.0.199
Result:
HTTP/1.1 200 OK
Connection: close
Date: Tue, 04 Nov 2014 07:56:48 GMT
Server: nginx/1.4.6 (Ubuntu)
Content-Type: text/html; charset=UTF-8
Link: <http://wp.me/RLUC>; rel=shortlink
Set-Cookie: wfvt_14126702=545886c06a140; expires=Tue, 04-Nov-2014 08:26:48 GMT; Max-Age=1800; path=/; httponly
Set-Cookie: adinj=1; expires=Tue, 04-Nov-2014 08:56:48 GMT; Max-Age=3600; path=/
Set-Cookie: adinj=1; expires=Tue, 04-Nov-2014 08:56:48 GMT; Max-Age=3600; path=/
Set-Cookie: adinj=1; expires=Tue, 04-Nov-2014 08:56:48 GMT; Max-Age=3600; path=/
Set-Cookie: adinj=1; expires=Tue, 04-Nov-2014 08:56:48 GMT; Max-Age=3600; path=/
Set-Cookie: adinj=1; expires=Tue, 04-Nov-2014 08:56:48 GMT; Max-Age=3600; path=/
Set-Cookie: adinj=1; expires=Tue, 04-Nov-2014 08:56:48 GMT; Max-Age=3600; path=/
Set-Cookie: adinj=1; expires=Tue, 04-Nov-2014 08:56:48 GMT; Max-Age=3600; path=/
Set-Cookie: adinj=1; expires=Tue, 04-Nov-2014 08:56:48 GMT; Max-Age=3600; path=/
Set-Cookie: adinj=1; expires=Tue, 04-Nov-2014 08:56:48 GMT; Max-Age=3600; path=/
Set-Cookie: adinj=1; expires=Tue, 04-Nov-2014 08:56:48 GMT; Max-Age=3600; path=/
Set-Cookie: adinj=1; expires=Tue, 04-Nov-2014 08:56:48 GMT; Max-Age=3600; path=/
Set-Cookie: adinj=1; expires=Tue, 04-Nov-2014 08:56:48 GMT; Max-Age=3600; path=/
Set-Cookie: adinj=1; expires=Tue, 04-Nov-2014 08:56:48 GMT; Max-Age=3600; path=/
Set-Cookie: adinj=1; expires=Tue, 04-Nov-2014 08:56:48 GMT; Max-Age=3600; path=/
Set-Cookie: adinj=1; expires=Tue, 04-Nov-2014 08:56:48 GMT; Max-Age=3600; path=/
Set-Cookie: adinj=1; expires=Tue, 04-Nov-2014 08:56:48 GMT; Max-Age=3600; path=/
Set-Cookie: adinj=1; expires=Tue, 04-Nov-2014 08:56:48 GMT; Max-Age=3600; path=/
Set-Cookie: adinj=1; expires=Tue, 04-Nov-2014 08:56:48 GMT; Max-Age=3600; path=/
Set-Cookie: adinj=1; expires=Tue, 04-Nov-2014 08:56:48 GMT; Max-Age=3600; path=/
Set-Cookie: adinj=1; expires=Tue, 04-Nov-2014 08:56:48 GMT; Max-Age=3600; path=/
Set-Cookie: adinj=1; expires=Tue, 04-Nov-2014 08:56:48 GMT; Max-Age=3600; path=/
Set-Cookie: adinj=1; expires=Tue, 04-Nov-2014 08:56:48 GMT; Max-Age=3600; path=/
X-Pingback: http://www.funvblog.net/xmlrpc.php
X-Powered-By: W3 Total Cache/0.9.4
GET / HTTP/1.1
Host: 104.131.0.199
Result:
HTTP/1.1 200 OK
Connection: close
Date: Tue, 04 Nov 2014 07:56:48 GMT
Server: nginx/1.4.6 (Ubuntu)
Content-Type: text/html; charset=UTF-8
Link: <http://wp.me/RLUC>; rel=shortlink
Set-Cookie: wfvt_14126702=545886c06a140; expires=Tue, 04-Nov-2014 08:26:48 GMT; Max-Age=1800; path=/; httponly
Set-Cookie: adinj=1; expires=Tue, 04-Nov-2014 08:56:48 GMT; Max-Age=3600; path=/
Set-Cookie: adinj=1; expires=Tue, 04-Nov-2014 08:56:48 GMT; Max-Age=3600; path=/
Set-Cookie: adinj=1; expires=Tue, 04-Nov-2014 08:56:48 GMT; Max-Age=3600; path=/
Set-Cookie: adinj=1; expires=Tue, 04-Nov-2014 08:56:48 GMT; Max-Age=3600; path=/
Set-Cookie: adinj=1; expires=Tue, 04-Nov-2014 08:56:48 GMT; Max-Age=3600; path=/
Set-Cookie: adinj=1; expires=Tue, 04-Nov-2014 08:56:48 GMT; Max-Age=3600; path=/
Set-Cookie: adinj=1; expires=Tue, 04-Nov-2014 08:56:48 GMT; Max-Age=3600; path=/
Set-Cookie: adinj=1; expires=Tue, 04-Nov-2014 08:56:48 GMT; Max-Age=3600; path=/
Set-Cookie: adinj=1; expires=Tue, 04-Nov-2014 08:56:48 GMT; Max-Age=3600; path=/
Set-Cookie: adinj=1; expires=Tue, 04-Nov-2014 08:56:48 GMT; Max-Age=3600; path=/
Set-Cookie: adinj=1; expires=Tue, 04-Nov-2014 08:56:48 GMT; Max-Age=3600; path=/
Set-Cookie: adinj=1; expires=Tue, 04-Nov-2014 08:56:48 GMT; Max-Age=3600; path=/
Set-Cookie: adinj=1; expires=Tue, 04-Nov-2014 08:56:48 GMT; Max-Age=3600; path=/
Set-Cookie: adinj=1; expires=Tue, 04-Nov-2014 08:56:48 GMT; Max-Age=3600; path=/
Set-Cookie: adinj=1; expires=Tue, 04-Nov-2014 08:56:48 GMT; Max-Age=3600; path=/
Set-Cookie: adinj=1; expires=Tue, 04-Nov-2014 08:56:48 GMT; Max-Age=3600; path=/
Set-Cookie: adinj=1; expires=Tue, 04-Nov-2014 08:56:48 GMT; Max-Age=3600; path=/
Set-Cookie: adinj=1; expires=Tue, 04-Nov-2014 08:56:48 GMT; Max-Age=3600; path=/
Set-Cookie: adinj=1; expires=Tue, 04-Nov-2014 08:56:48 GMT; Max-Age=3600; path=/
Set-Cookie: adinj=1; expires=Tue, 04-Nov-2014 08:56:48 GMT; Max-Age=3600; path=/
Set-Cookie: adinj=1; expires=Tue, 04-Nov-2014 08:56:48 GMT; Max-Age=3600; path=/
Set-Cookie: adinj=1; expires=Tue, 04-Nov-2014 08:56:48 GMT; Max-Age=3600; path=/
X-Pingback: http://www.funvblog.net/xmlrpc.php
X-Powered-By: W3 Total Cache/0.9.4
Second query (visit from search engine):
GET / HTTP/1.1
Host: 104.131.0.199
Referer: http://www.google.com/search?q=104.131.0.199
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: 104.131.0.199
Referer: http://www.google.com/search?q=104.131.0.199
Result:
The result is similar to the first query. There are no suspicious redirects found.
Scanned pages/files
Request | Server response | Status |
http://104.131.0.199/ | 200 OK Content-Length: 43708 Content-Type: text/html | clean |
http://cdn2.funvblog.net/wp-includes/js/jquery/jquery.js?ver=1.11.1 | 200 OK Content-Length: 95807 Content-Type: application/x-javascript | clean |
http://cdn2.funvblog.net/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.2.1 | 200 OK Content-Length: 7200 Content-Type: application/x-javascript | clean |
http://cdn3.funvblog.net/wp-content/plugins/wwm-social-share-on-image-hover/js/wwm_custom.js?ver=4.0 | 200 OK Content-Length: 2428 Content-Type: application/x-javascript | clean |
http://cdn2.funvblog.net/wp-content/themes/funvblog-2014/js/menu.js?ver=1.0.0 | 200 OK Content-Length: 207 Content-Type: application/x-javascript | clean |
http://cdn3.funvblog.net/wp-content/plugins/flv-embed/swfobject.js | 200 OK Content-Length: 6887 Content-Type: application/x-javascript | clean |
http://104.131.0.199//pagead2.googlesyndication.com/pagead/js/adsbygoogle.js/ | HTTP/1.1 301 Moved Permanently Cache-Control: no-cache, must-revalidate, max-age=0 Connection: close Date: Tue, 04 Nov 2014 07:56:53 GMT Pragma: no-cache Location: http://104.131.0.199/pagead2.googlesyndication.com/pagead/js/adsbygoogle.js/ Server: nginx/1.4.6 (Ubuntu) Content-Type: text/html; charset=UTF-8 Expires: Wed, 11 Jan 1984 05:00:00 GMT Set-Cookie: wfvt_14126702=545886c5e2262; expires=Tue, 04-Nov-2014 08:26:53 GMT; Max-Age=1800; path=/; httponly X-Pingback: http://www.funvblog.net/xmlrpc.php X-Powered-By: W3 Total Cache/0.9.4 | clean |
http://104.131.0.199/pagead2.googlesyndication.com/pagead/js/adsbygoogle.js/ | 404 Not Found Content-Length: 22394 Content-Type: text/html | clean |
http://cdn3.funvblog.net/wp-content/plugins/genesis-simple-share-master/lib/sharrre/jquery.sharrre.min.js?ver=0.1.0 | 200 OK Content-Length: 14214 Content-Type: application/x-javascript | clean |
http://pagead2.googlesyndication.com/pagead/show_ads.js | 200 OK Content-Length: 19402 Content-Type: text/javascript | clean |
http://contextual.media.net/nmedianet.js?cid=8CU47TM31 | 200 OK Content-Length: 58572 Content-Type: text/javascript | clean |
http://104.131.0.199//assets.pinterest.com/js/pinit.js/ | HTTP/1.1 301 Moved Permanently Cache-Control: no-cache, must-revalidate, max-age=0 Connection: close Date: Tue, 04 Nov 2014 07:56:56 GMT Pragma: no-cache Location: http://104.131.0.199/assets.pinterest.com/js/pinit.js/ Server: nginx/1.4.6 (Ubuntu) Content-Type: text/html; charset=UTF-8 Expires: Wed, 11 Jan 1984 05:00:00 GMT Set-Cookie: wfvt_14126702=545886c8c52fb; expires=Tue, 04-Nov-2014 08:26:56 GMT; Max-Age=1800; path=/; httponly X-Pingback: http://www.funvblog.net/xmlrpc.php X-Powered-By: W3 Total Cache/0.9.4 | clean |
http://104.131.0.199/assets.pinterest.com/js/pinit.js/ | 404 Not Found Content-Length: 22394 Content-Type: text/html | clean |
http://104.131.0.199//s3.buysellads.com/ac/sitecart.js/ | HTTP/1.1 301 Moved Permanently Cache-Control: no-cache, must-revalidate, max-age=0 Connection: close Date: Tue, 04 Nov 2014 07:56:57 GMT Pragma: no-cache Location: http://104.131.0.199/s3.buysellads.com/ac/sitecart.js/ Server: nginx/1.4.6 (Ubuntu) Content-Type: text/html; charset=UTF-8 Expires: Wed, 11 Jan 1984 05:00:00 GMT Set-Cookie: wfvt_14126702=545886c9d4197; expires=Tue, 04-Nov-2014 08:26:57 GMT; Max-Age=1800; path=/; httponly X-Pingback: http://www.funvblog.net/xmlrpc.php X-Powered-By: W3 Total Cache/0.9.4 | clean |
http://104.131.0.199/s3.buysellads.com/ac/sitecart.js/ | 404 Not Found Content-Length: 22394 Content-Type: text/html | clean |
http://platform.tumblr.com/v1/share.js | 200 OK Content-Length: 1717 Content-Type: application/javascript | clean |
http://resources.infolinks.com/js/infolinks_main.js | 200 OK Content-Length: 2375 Content-Type: text/javascript | clean |
http://s0.wp.com/wp-content/js/devicepx-jetpack.js?ver=201445 | 200 OK Content-Length: 9301 Content-Type: application/x-javascript | clean |
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=104.131.0.199
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://104.131.0.199/
Result: 104.131.0.199 is not infected or malware details are not published yet.
Result: 104.131.0.199 is not infected or malware details are not published yet.