Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: 4story.net.br
Result:
HTTP/1.1 301 Moved Permanently
Connection: close
Date: Sat, 28 Feb 2015 20:34:10 GMT
Location: http://br.4story.gameforge.com/
Server: Apache
Vary: Accept-Encoding
Content-Length: 239
Content-Type: text/html; charset=iso-8859-1
...239 bytes of data.
GET / HTTP/1.1
Host: 4story.net.br
Result:
HTTP/1.1 301 Moved Permanently
Connection: close
Date: Sat, 28 Feb 2015 20:34:10 GMT
Location: http://br.4story.gameforge.com/
Server: Apache
Vary: Accept-Encoding
Content-Length: 239
Content-Type: text/html; charset=iso-8859-1
...239 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: 4story.net.br
Referer: http://www.google.com/search?q=4story.net.br
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: 4story.net.br
Referer: http://www.google.com/search?q=4story.net.br
Result:
The result is similar to the first query. There are no suspicious redirects found.
Scanned pages/files
Request | Server response | Status |
http://4story.net.br/ | HTTP/1.1 301 Moved Permanently Connection: close Date: Sat, 28 Feb 2015 20:34:10 GMT Location: http://br.4story.gameforge.com/ Server: Apache Vary: Accept-Encoding Content-Length: 239 Content-Type: text/html; charset=iso-8859-1 | clean |
http://br.4story.gameforge.com/ | 200 OK Content-Length: 2165 Content-Type: text/html | clean |
http://br.4story.gameforge.com/js/vendor/modernizr-2.6.2.min.js | 200 OK Content-Length: 15414 Content-Type: application/javascript | clean |
http://4story.net.br/js/vendor/jquery-1.10.1.min.js | HTTP/1.1 301 Moved Permanently Connection: close Date: Sat, 28 Feb 2015 20:34:10 GMT Location: http://br.4story.gameforge.com/js/vendor/jquery-1.10.1.min.js Server: Apache Vary: Accept-Encoding Content-Length: 269 Content-Type: text/html; charset=iso-8859-1 | clean |
http://br.4story.gameforge.com/js/vendor/jquery-1.10.1.min.js | 200 OK Content-Length: 93021 Content-Type: application/javascript | clean |
http://4story.net.br/js/cufon-yui.js | HTTP/1.1 301 Moved Permanently Connection: close Date: Sat, 28 Feb 2015 20:34:11 GMT Location: http://br.4story.gameforge.com/js/cufon-yui.js Server: Apache Vary: Accept-Encoding Content-Length: 254 Content-Type: text/html; charset=iso-8859-1 | clean |
http://br.4story.gameforge.com/js/cufon-yui.js | 200 OK Content-Length: 18264 Content-Type: application/javascript | clean |
http://4story.net.br/js/cufon_res.js | HTTP/1.1 301 Moved Permanently Connection: close Date: Sat, 28 Feb 2015 20:34:12 GMT Location: http://br.4story.gameforge.com/js/cufon_res.js Server: Apache Vary: Accept-Encoding Content-Length: 254 Content-Type: text/html; charset=iso-8859-1 | clean |
http://br.4story.gameforge.com/js/cufon_res.js | 200 OK Content-Length: 137448 Content-Type: application/javascript | clean |
http://4story.net.br/js/plugins.js | HTTP/1.1 301 Moved Permanently Connection: close Date: Sat, 28 Feb 2015 20:34:13 GMT Location: http://br.4story.gameforge.com/js/plugins.js Server: Apache Vary: Accept-Encoding Content-Length: 252 Content-Type: text/html; charset=iso-8859-1 | clean |
http://br.4story.gameforge.com/js/plugins.js | 200 OK Content-Length: 733 Content-Type: application/javascript | clean |
http://4story.net.br/js/main.js | HTTP/1.1 301 Moved Permanently Connection: close Date: Sat, 28 Feb 2015 20:34:13 GMT Location: http://br.4story.gameforge.com/js/main.js Server: Apache Vary: Accept-Encoding Content-Length: 249 Content-Type: text/html; charset=iso-8859-1 | clean |
http://br.4story.gameforge.com/js/main.js | 200 OK Content-Length: 988 Content-Type: application/javascript | clean |
http://4story.net.br/test404page.js | HTTP/1.1 301 Moved Permanently Connection: close Date: Sat, 28 Feb 2015 20:34:13 GMT Location: http://br.4story.gameforge.com/test404page.js Server: Apache Vary: Accept-Encoding Content-Length: 253 Content-Type: text/html; charset=iso-8859-1 | clean |
http://br.4story.gameforge.com/test404page.js | 404 Not Found Content-Length: 212 Content-Type: text/html | clean |
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=4story.net.br
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://4story.net.br/
Result: 4story.net.br is not infected or malware details are not published yet.
Result: 4story.net.br is not infected or malware details are not published yet.