Malicious/Suspicious Redirects
Request | Server response | Status |
URL: http://howimetyourmotherfans.com/ (imitation of visitor from search engine) GET / HTTP/1.1 Host: howimetyourmotherfans.com Referer: http://www.google.com/search?q=redirect+check1 | HTTP/1.1 302 Moved Temporarily Cache-Control: max-age=86400 Connection: close Date: Wed, 24 Sep 2014 19:50:25 GMT Via: 1.1 varnish Accept-Ranges: bytes Age: 0 Location: https://login.wikifoundry.com/sso.do?lp=Z289aHR0cCUzQSUyRiUyRmhvd2ltZXR5b3VybW90aGVyZmFucy5jb20lMkY Server: nginx/1.4.2 Vary: Accept-Encoding,Cookie Content-Length: 0 Expires: Thu, 25 Sep 2014 19:50:25 GMT P3P: CP=CAO DSP CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT Set-Cookie: wab=joinButton=9; Domain=howimetyourmotherfans.com; Expires=Thu, 24-Sep-2015 19:50:25 GMT; Path=/ Set-Cookie: wpssop=1411588225246; Domain=howimetyourmotherfans.com; Path=/ X-Cache: MISS X-Cacheable: NO:Not Cacheable-1.000 X-Servedby: b X-Varnish: 1117272121 | malicious |
URL: https://login.wikifoundry.com/sso.do?lp=Z289aHR0cCUzQSUyRiUyRmhvd2ltZXR5b3VybW90aGVyZmFucy5jb20lMkY (imitation of visitor from search engine) GET /sso.do?lp=Z289aHR0cCUzQSUyRiUyRmhvd2ltZXR5b3VybW90aGVyZmFucy5jb20lMkY HTTP/1.1 Host: login.wikifoundry.com Referer: http://www.google.com/search?q=redirect+check2 | HTTP/1.1 302 Moved Temporarily Connection: close Date: Wed, 24 Sep 2014 19:50:26 GMT Location: http://howimetyourmotherfans.com/finish?sendTo=http%3A%2F%2Fhowimetyourmotherfans.com%2F&c=none&sso=true Server: nginx/1.4.2 Content-Length: 0 Set-Cookie: JSESSIONID=7DF6D8C7A71F38C5109B032AB4F7E189; Path=/ | suspicious |
Scanned pages/files
Request | Server response | Status |
http://howimetyourmotherfans.com/ | 200 OK Content-Length: 35502 Content-Type: text/html | clean |
http://dmiqhxtnnyjjh.cloudfront.net/www.js?v=20111214172750 | 200 OK Content-Length: 191111 Content-Type: text/plain | clean |
http://dmiqhxtnnyjjh.cloudfront.net/ | 403 Forbidden Content-Length: 231 Content-Type: application/xml | clean |
http://dmiqhxtnnyjjh.cloudfront.net/test404page.js | 403 Forbidden Content-Length: 243 Content-Type: application/xml | clean |
http://howimetyourmotherfans.com//pagead2.googlesyndication.com/pagead/js/adsbygoogle.js/ | 404 Not Found Content-Length: 1463 Content-Type: text/html | clean |
http://static.wikifoundry.com/scripts/wpjsPage/page/p.js?v=20111214172750 | 200 OK Content-Length: 411 Content-Type: text/javascript | clean |
http://s28.sitemeter.com/js/counter.js?site=s28twins1729 | HTTP/1.1 302 Redirect Date: Wed, 24 Sep 2014 19:50:31 GMT Location: http://s28.sitemeter.com/js/counter.asp?site=s28twins1729 Server: Microsoft-IIS/6.0 Content-Length: 180 Content-Type: text/html X-Powered-By: ASP.NET | clean |
http://s28.sitemeter.com/js/counter.asp?site=s28twins1729 | 200 OK Content-Length: 7559 Content-Type: application/x-javascript | clean |
http://s7.addthis.com/js/250/addthis_widget.js?pub=wetpaint1 | 200 OK Content-Length: 6875 Content-Type: text/javascript | clean |
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=howimetyourmotherfans.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://howimetyourmotherfans.com/
Result: howimetyourmotherfans.com is not infected or malware details are not published yet.
Result: howimetyourmotherfans.com is not infected or malware details are not published yet.