Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: depravadasblog.com
Result:
HTTP/1.1 301 Moved Permanently
Connection: close
Date: Tue, 16 Sep 2014 09:32:31 GMT
Location: http://www.depravadasblog.com/
Server: Apache
Vary: Accept-Encoding,User-Agent
Content-Length: 0
Content-Type: text/html; charset=UTF-8
X-Pingback: http://www.depravadasblog.com/xmlrpc.php
X-Powered-By: PHP/5.2.17
...0 bytes of data.
GET / HTTP/1.1
Host: depravadasblog.com
Result:
HTTP/1.1 301 Moved Permanently
Connection: close
Date: Tue, 16 Sep 2014 09:32:31 GMT
Location: http://www.depravadasblog.com/
Server: Apache
Vary: Accept-Encoding,User-Agent
Content-Length: 0
Content-Type: text/html; charset=UTF-8
X-Pingback: http://www.depravadasblog.com/xmlrpc.php
X-Powered-By: PHP/5.2.17
...0 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: depravadasblog.com
Referer: http://www.google.com/search?q=depravadasblog.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: depravadasblog.com
Referer: http://www.google.com/search?q=depravadasblog.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Scanned pages/files
| Request | Server response | Status |
http://depravadasblog.com/ | HTTP/1.1 301 Moved Permanently Connection: close Date: Tue, 16 Sep 2014 09:32:31 GMT Location: http://www.depravadasblog.com/ Server: Apache Vary: Accept-Encoding,User-Agent Content-Length: 0 Content-Type: text/html; charset=UTF-8 X-Pingback: http://www.depravadasblog.com/xmlrpc.php X-Powered-By: PHP/5.2.17 | clean |
http://www.depravadasblog.com/ | 200 OK Content-Length: 189522 Content-Type: text/html | clean |
http://www.depravadasblog.com/wp-content/cache/minify/000000/M9bPKixNLarUMYYydHMz04sSS1L1cjPzdAz101N0i0sSi3SBQpl56fpZxUCR4iIA.js | 200 OK Content-Length: 111200 Content-Type: application/javascript | clean |
http://s7.addthis.com/js/250/addthis_widget.js | 200 OK Content-Length: 6875 Content-Type: text/javascript | clean |
http://caseiras.info/adsystem/ad_160x600_1.js | 200 OK Content-Length: 297 Content-Type: application/javascript | clean |
http://caseiras.info/adsystem/msn_disk.js | 200 OK Content-Length: 5996 Content-Type: application/javascript | clean |
http://banners.getiton.com/go/page/js_im_box_v2?plain_text=1&skip_lpo=1&delay=5&theme=facebook&size=square250&find_sex=2&photo=3&explicit=1&no_rating=30&align=left&page=search&pid=g772209-pct.subdepim | 200 OK Content-Length: 5898 Content-Type: text/html | clean |
http://banners.getiton.com/test404page.js | HTTP/1.1 404 Not Found Connection: Keep-Alive Date: Tue, 16 Sep 2014 09:32:38 GMT Location: http://ads.getiton.com/banners/getiton/default.gif Server: Apache Content-Length: 0 Content-Type: text/plain Keep-Alive: timeout=5, max=121 Set-Cookie: banner_user_id=78.158.11.226-1410859958-27077; path=/; domain=.getiton.com; expires=Wed, 17-Sep-2014 09:32:38 GMT Set-Cookie: banner=getiton_none__banner-_cl0; path=/; domain=.getiton.com; expires=Wed, 17-Sep-2014 09:32:38 GMT X-ApacheServer: ki53-33.friendfinderinc.com X-PERF: 0.099045,0.042761,DB_6_0.0419820,CD_11_0.0027770,PK_3_0.0093180,CE_10_0.0022070 | clean |
http://ads.getiton.com/banners/getiton/default.gif | 404 Not Found Content-Length: 225 Content-Type: text/html | clean |
http://ads.getiton.com/test404page.js | 404 Not Found Content-Length: 212 Content-Type: text/html | clean |
http://adspaces.ero-advertising.com/adspace/85409.js | 200 OK Content-Length: 754 Content-Type: application/javascript | clean |
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=depravadasblog.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://depravadasblog.com/
Result: depravadasblog.com is not infected or malware details are not published yet.
Result: depravadasblog.com is not infected or malware details are not published yet.