Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: b92fm.net
Result:
HTTP/1.1 200 OK
Connection: close
Date: Wed, 28 May 2014 16:09:17 GMT
Server: Apache/2.2.26 (Unix) mod_ssl/2.2.26 OpenSSL/0.9.8e-fips-rhel5 mod_bwlimited/1.4
Content-Type: text/html; charset=UTF-8
X-Pingback: http://b92fm.net/xmlrpc.php
X-Powered-By: PHP/5.2.17
GET / HTTP/1.1
Host: b92fm.net
Result:
HTTP/1.1 200 OK
Connection: close
Date: Wed, 28 May 2014 16:09:17 GMT
Server: Apache/2.2.26 (Unix) mod_ssl/2.2.26 OpenSSL/0.9.8e-fips-rhel5 mod_bwlimited/1.4
Content-Type: text/html; charset=UTF-8
X-Pingback: http://b92fm.net/xmlrpc.php
X-Powered-By: PHP/5.2.17
Second query (visit from search engine):
GET / HTTP/1.1
Host: b92fm.net
Referer: http://www.google.com/search?q=b92fm.net
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: b92fm.net
Referer: http://www.google.com/search?q=b92fm.net
Result:
The result is similar to the first query. There are no suspicious redirects found.
Scanned pages/files
| Request | Server response | Status |
http://www.b92fm.net/ | HTTP/1.1 301 Moved Permanently Connection: close Date: Wed, 28 May 2014 16:09:16 GMT Location: http://b92fm.net/ Server: Apache/2.2.26 (Unix) mod_ssl/2.2.26 OpenSSL/0.9.8e-fips-rhel5 mod_bwlimited/1.4 Content-Length: 0 Content-Type: text/html; charset=UTF-8 X-Pingback: http://b92fm.net/xmlrpc.php X-Powered-By: PHP/5.2.17 | clean |
http://b92fm.net/ | 200 OK Content-Length: 9961 Content-Type: text/html | clean |
http://69.167.146.230//wp-admin/includes/prototype.js/ | 404 Not Found Content-Length: 485 Content-Type: text/html | clean |
http://69.167.146.230/test404page.js | 404 Not Found Content-Length: 468 Content-Type: text/html | clean |
http://del.icio.us/js/playtagger | HTTP/1.1 301 Moved Permanently Connection: Close Date: Wed, 28 May 2014 16:09:19 GMT Location: http://delicious.com/js/playtagger Server: nginx/1.0.11 Content-Length: 185 Content-Type: text/html | clean |
http://delicious.com/js/playtagger | HTTP/1.1 301 Moved Permanently Cache-Control: no-cache Connection: Close Date: Wed, 28 May 2014 16:11:44 GMT Location: https://delicious.com/js/playtagger Server: nginx Content-Length: 178 Content-Type: text/html Expires: Thu, 01 Jan 1970 00:00:01 GMT | clean |
https://delicious.com/js/playtagger | 200 OK Content-Length: 2993 Content-Type: text/html | clean |
https://delicious.com/js/vendor/modernizr/modernizr.js | 200 OK Content-Length: 50144 Content-Type: application/x-javascript | clean |
http://del.icio.us/js/vendor/requirejs/require.js | HTTP/1.1 301 Moved Permanently Connection: Close Date: Wed, 28 May 2014 16:09:22 GMT Location: http://delicious.com/js/vendor/requirejs/require.js Server: nginx/1.0.11 Content-Length: 185 Content-Type: text/html | clean |
http://delicious.com/js/vendor/requirejs/require.js | HTTP/1.1 301 Moved Permanently Cache-Control: max-age=315360000 Connection: Close Date: Wed, 28 May 2014 16:09:23 GMT Location: https://delicious.com/js/vendor/requirejs/require.js Server: nginx Content-Length: 178 Content-Type: text/html Expires: Thu, 31 Dec 2037 23:55:55 GMT | clean |
https://delicious.com/js/vendor/requirejs/require.js | 200 OK Content-Length: 82718 Content-Type: application/x-javascript | clean |
http://cdn.widgetserver.com/syndication/subscriber/InsertWidget.js | 500 Can't connect to cdn.widgetserver.com:80 (Bad hostname) Content-Length: 172 Content-Type: text/plain | clean |
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=b92fm.net
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://b92fm.net/
Result: b92fm.net is not infected or malware details are not published yet.
Result: b92fm.net is not infected or malware details are not published yet.