Scanned pages/files
| Request | Server response | Status |
http://nacionalcowboy.com/ | HTTP/1.1 301 Moved Permanently Connection: close Date: Tue, 27 Jan 2015 14:59:29 GMT Location: http://www.nacionalcowboy.com/ Server: ghs Content-Length: 227 Content-Type: text/html; charset=UTF-8 Alternate-Protocol: 80:quic,p=0.02 X-Frame-Options: SAMEORIGIN X-XSS-Protection: 1; mode=block | clean |
http://www.nacionalcowboy.com/ | 200 OK Content-Length: 104953 Content-Type: text/html | suspicious |
Hidden iFrame found. size: 0x0 src: http://goo.gl/3fv2ws <iframe frameborder='no' height='0' scrolling='no' src='http://goo.gl/3fv2ws' width='0'> | ||
http://www.nacionalcowboy.com//code.jquery.com/jquery-1.10.2.min.js/ | 404 Not Found Content-Length: 76251 Content-Type: text/html | suspicious |
Hidden iFrame found. size: 0x0 src: http://goo.gl/3fv2ws <iframe frameborder='no' height='0' scrolling='no' src='http://goo.gl/3fv2ws' width='0'> | ||
https://googledrive.com/host/0B_VFL5OZroyqT2VKNEZwcENKR2M | HTTP/1.1 302 Moved Temporarily Cache-Control: no-cache, no-store, max-age=0, must-revalidate Connection: close Date: Tue, 27 Jan 2015 14:59:32 GMT Pragma: no-cache Accept-Ranges: none Location: https://e25960fd6df8e3f45731196dbb68496589391aff.googledrive.com/host/0B_VFL5OZroyqT2VKNEZwcENKR2M Server: GSE Vary: Accept-Encoding Content-Type: text/html; charset=UTF-8 Expires: Fri, 01 Jan 1990 00:00:00 GMT Access-Control-Allow-Credentials: false Access-Control-Allow-Headers: Accept, Accept-Language, Authorization, Cache-Control, Content-Disposition, Content-Encoding, Content-Language, Content-Length, Content-MD5, Content-Range, Content-Type, Date, GData-Version, Host, If-Match, If-Modified-Since, If-None-Match, If-Unmodified-Since, Origin, OriginToken, Pragma, Range, Slug, Transfer-Encoding, X-ClientDetails, X-GData-Client, X-GData-Key, X-Goog-AuthUser, X-Goog-PageId, X-Goog-Encode-Response-If-Executable, X-Goog-Correlation-Id, X-Goog-Request-Info, X-Goog-Experiments, x-goog-iam-role, x-goog-iam-authorization-token, X-Goog-Spatula, X-Goog-Upload-Command, X-Goog-Upload-Content-Disposition, X-Goog-Upload-Content-Length, X-Goog-Upload-Content-Type, X-Goog-Upload-File-Name, X-Goog-Upload-Offset, X-Goog-Upload-Protocol, X-Goog-Visitor-Id, X-HTTP-Method-Override, X-JavaScript-User-Agent, X-Pan-Versionid, X-Origin, X-Referer, X-Upload-Content-Length, X-Upload-Content-Type, X-Use-HTTP-Status-Code-Override, X-YouTube-VVT, X-YouTube-Page-CL, X-YouTube-Page-Timestamp Access-Control-Allow-Methods: GET,OPTIONS Access-Control-Allow-Origin: * Alternate-Protocol: 443:quic,p=0.02 X-Content-Type-Options: nosniff X-XSS-Protection: 1; mode=block | clean |
https://e25960fd6df8e3f45731196dbb68496589391aff.googledrive.com/host/0b_vfl5ozroyqt2vknezwcenkr2m | HTTP/1.1 302 Moved Temporarily Cache-Control: no-cache, no-store, max-age=0, must-revalidate Connection: close Date: Tue, 27 Jan 2015 14:59:32 GMT Pragma: no-cache Accept-Ranges: none Location: https://50afea43ba096219ff1cedab19add7cbd1fbfd53-e25960fd6df8e3f45731196dbb68496589391aff.googledrive.com/host/0b_vfl5ozroyqt2vknezwcenkr2m Server: GSE Vary: Accept-Encoding Content-Type: text/html; charset=UTF-8 Expires: Fri, 01 Jan 1990 00:00:00 GMT Access-Control-Allow-Credentials: false Access-Control-Allow-Headers: Accept, Accept-Language, Authorization, Cache-Control, Content-Disposition, Content-Encoding, Content-Language, Content-Length, Content-MD5, Content-Range, Content-Type, Date, GData-Version, Host, If-Match, If-Modified-Since, If-None-Match, If-Unmodified-Since, Origin, OriginToken, Pragma, Range, Slug, Transfer-Encoding, X-ClientDetails, X-GData-Client, X-GData-Key, X-Goog-AuthUser, X-Goog-PageId, X-Goog-Encode-Response-If-Executable, X-Goog-Correlation-Id, X-Goog-Request-Info, X-Goog-Experiments, x-goog-iam-role, x-goog-iam-authorization-token, X-Goog-Spatula, X-Goog-Upload-Command, X-Goog-Upload-Content-Disposition, X-Goog-Upload-Content-Length, X-Goog-Upload-Content-Type, X-Goog-Upload-File-Name, X-Goog-Upload-Offset, X-Goog-Upload-Protocol, X-Goog-Visitor-Id, X-HTTP-Method-Override, X-JavaScript-User-Agent, X-Pan-Versionid, X-Origin, X-Referer, X-Upload-Content-Length, X-Upload-Content-Type, X-Use-HTTP-Status-Code-Override, X-YouTube-VVT, X-YouTube-Page-CL, X-YouTube-Page-Timestamp Access-Control-Allow-Methods: GET,OPTIONS Access-Control-Allow-Origin: * Alternate-Protocol: 443:quic,p=0.02 X-Content-Type-Options: nosniff X-XSS-Protection: 1; mode=block | clean |
https://50afea43ba096219ff1cedab19add7cbd1fbfd53-e25960fd6df8e3f45731196dbb68496589391aff.googledrive.com/host/0b_vfl5ozroyqt2vknezwcenkr2m | 500 Can't connect to 50afea43ba096219ff1cedab19add7cbd1fbfd53-e25960fd6df8e3f45731196dbb68496589391aff.googledrive.com:443 Content-Length: 274 Content-Type: text/plain | clean |
http://50afea43ba096219ff1cedab19add7cbd1fbfd53-e25960fd6df8e3f45731196dbb68496589391aff.googledrive.com/test404page.js | 500 Can't connect to 50afea43ba096219ff1cedab19add7cbd1fbfd53-e25960fd6df8e3f45731196dbb68496589391aff.googledrive.com:80 Content-Length: 272 Content-Type: text/plain | clean |
https://googledrive.com/host/0B3_e6qoKxLQCWW91ZDJLVExkTFU | HTTP/1.1 302 Moved Temporarily Cache-Control: no-cache, no-store, max-age=0, must-revalidate Connection: close Date: Tue, 27 Jan 2015 14:59:33 GMT Pragma: no-cache Accept-Ranges: none Location: https://79974f5e9e1fd9583d09549b03330c38b2ed561c.googledrive.com/host/0B3_e6qoKxLQCWW91ZDJLVExkTFU Server: GSE Vary: Accept-Encoding Content-Type: text/html; charset=UTF-8 Expires: Fri, 01 Jan 1990 00:00:00 GMT Access-Control-Allow-Credentials: false Access-Control-Allow-Headers: Accept, Accept-Language, Authorization, Cache-Control, Content-Disposition, Content-Encoding, Content-Language, Content-Length, Content-MD5, Content-Range, Content-Type, Date, GData-Version, Host, If-Match, If-Modified-Since, If-None-Match, If-Unmodified-Since, Origin, OriginToken, Pragma, Range, Slug, Transfer-Encoding, X-ClientDetails, X-GData-Client, X-GData-Key, X-Goog-AuthUser, X-Goog-PageId, X-Goog-Encode-Response-If-Executable, X-Goog-Correlation-Id, X-Goog-Request-Info, X-Goog-Experiments, x-goog-iam-role, x-goog-iam-authorization-token, X-Goog-Spatula, X-Goog-Upload-Command, X-Goog-Upload-Content-Disposition, X-Goog-Upload-Content-Length, X-Goog-Upload-Content-Type, X-Goog-Upload-File-Name, X-Goog-Upload-Offset, X-Goog-Upload-Protocol, X-Goog-Visitor-Id, X-HTTP-Method-Override, X-JavaScript-User-Agent, X-Pan-Versionid, X-Origin, X-Referer, X-Upload-Content-Length, X-Upload-Content-Type, X-Use-HTTP-Status-Code-Override, X-YouTube-VVT, X-YouTube-Page-CL, X-YouTube-Page-Timestamp Access-Control-Allow-Methods: GET,OPTIONS Access-Control-Allow-Origin: * Alternate-Protocol: 443:quic,p=0.02 X-Content-Type-Options: nosniff X-XSS-Protection: 1; mode=block | clean |
https://79974f5e9e1fd9583d09549b03330c38b2ed561c.googledrive.com/host/0b3_e6qokxlqcww91zdjlvexktfu | HTTP/1.1 302 Moved Temporarily Cache-Control: no-cache, no-store, max-age=0, must-revalidate Connection: close Date: Tue, 27 Jan 2015 14:59:33 GMT Pragma: no-cache Accept-Ranges: none Location: https://e0c203cf86a959f77f78860fdb6b717b610cc364-79974f5e9e1fd9583d09549b03330c38b2ed561c.googledrive.com/host/0b3_e6qokxlqcww91zdjlvexktfu Server: GSE Vary: Accept-Encoding Content-Type: text/html; charset=UTF-8 Expires: Fri, 01 Jan 1990 00:00:00 GMT Access-Control-Allow-Credentials: false Access-Control-Allow-Headers: Accept, Accept-Language, Authorization, Cache-Control, Content-Disposition, Content-Encoding, Content-Language, Content-Length, Content-MD5, Content-Range, Content-Type, Date, GData-Version, Host, If-Match, If-Modified-Since, If-None-Match, If-Unmodified-Since, Origin, OriginToken, Pragma, Range, Slug, Transfer-Encoding, X-ClientDetails, X-GData-Client, X-GData-Key, X-Goog-AuthUser, X-Goog-PageId, X-Goog-Encode-Response-If-Executable, X-Goog-Correlation-Id, X-Goog-Request-Info, X-Goog-Experiments, x-goog-iam-role, x-goog-iam-authorization-token, X-Goog-Spatula, X-Goog-Upload-Command, X-Goog-Upload-Content-Disposition, X-Goog-Upload-Content-Length, X-Goog-Upload-Content-Type, X-Goog-Upload-File-Name, X-Goog-Upload-Offset, X-Goog-Upload-Protocol, X-Goog-Visitor-Id, X-HTTP-Method-Override, X-JavaScript-User-Agent, X-Pan-Versionid, X-Origin, X-Referer, X-Upload-Content-Length, X-Upload-Content-Type, X-Use-HTTP-Status-Code-Override, X-YouTube-VVT, X-YouTube-Page-CL, X-YouTube-Page-Timestamp Access-Control-Allow-Methods: GET,OPTIONS Access-Control-Allow-Origin: * Alternate-Protocol: 443:quic,p=0.02 X-Content-Type-Options: nosniff X-XSS-Protection: 1; mode=block | clean |
https://e0c203cf86a959f77f78860fdb6b717b610cc364-79974f5e9e1fd9583d09549b03330c38b2ed561c.googledrive.com/host/0b3_e6qokxlqcww91zdjlvexktfu | 500 Can't connect to e0c203cf86a959f77f78860fdb6b717b610cc364-79974f5e9e1fd9583d09549b03330c38b2ed561c.googledrive.com:443 Content-Length: 274 Content-Type: text/plain | clean |
https://sites.google.com/site/jqueryfontsize/text/status.js | HTTP/1.1 302 Moved Temporarily Cache-Control: no-cache, no-store, max-age=0, must-revalidate Connection: close Date: Tue, 27 Jan 2015 14:59:33 GMT Pragma: no-cache Accept-Ranges: none Location: https://sites.google.com/site/jqueryfontsize/text/status.js?attredirects=0 Server: GSE Vary: Accept-Encoding Content-Type: text/html; charset=UTF-8 Expires: Fri, 01 Jan 1990 00:00:00 GMT Last-Modified: Tue, 10 Dec 2013 20:23:48 GMT X-Content-Type-Options: nosniff X-Frame-Options: SAMEORIGIN X-Robots-Tag: noarchive X-XSS-Protection: 1; mode=block | clean |
https://sites.google.com/site/jqueryfontsize/text/status.js?attredirects=0 | HTTP/1.1 302 Moved Temporarily Cache-Control: private, max-age=0 Connection: close Date: Tue, 27 Jan 2015 14:59:33 GMT Accept-Ranges: none Location: https://2d4aed10-a-62cb3a1a-s-sites.googlegroups.com/site/jqueryfontsize/text/status.js?attachauth=ANoY7cpcHaxTCJK98-wcY1uPZCESp4QVe2TkcvPkMjvIEp87_Dww0dNSN0YmqqbP1czpqvUuJCa2RLULgC-14z8YT05fxqADBQPsXZIowM1ZfmnJzT12obbTMD5VgQYG7cv4sQb1Qp18lDchrczpqLxT0F2n2gLuuzKhEEaJ-eG8fpkKxHTKgj3YguAq-klOWWYpyn3Yc0Uv6ISRa7-edwxsAuEIerlhjg%3D%3D&attredirects=0 Server: GSE Vary: Accept-Encoding Content-Type: text/html; charset=UTF-8 Expires: Tue, 27 Jan 2015 14:59:33 GMT Alternate-Protocol: 443:quic,p=0.02 X-Content-Type-Options: nosniff X-Frame-Options: SAMEORIGIN X-XSS-Protection: 1; mode=block | clean |
https://2d4aed10-a-62cb3a1a-s-sites.googlegroups.com/site/jqueryfontsize/text/status.js?attachauth=anoy7cpchaxtcjk98-wcy1upzcesp4qve2tkcvpkmjviep87_dww0dnsn0ymqqbp1czpqvuujca2rlulgc-14z8yt05fxqadbqpsxziowm1zfmnjzt12obbtmd5vgqyg7cv4sqb1qp18ldchrczpqlxt0f2n2gluuzkheeaj-eg8fpkkxhtkgj3yguaq-klowwypyn3yc0uv6isra7-edwxsaueierlhjg%3d%3d&attredirects=0 | HTTP/1.1 302 Moved Temporarily Cache-Control: private, max-age=0 Connection: close Date: Tue, 27 Jan 2015 14:59:33 GMT Accept-Ranges: none Location: https://www.google.com/a/UniversalLogin?service=jotspot&passive=1209600&continue=https://2d4aed10-a-62cb3a1a-s-sites.googlegroups.com/site/jqueryfontsize/text/status.js?attachauth%3Danoy7cpchaxtcjk98-wcy1upzcesp4qve2tkcvpkmjviep87_dww0dnsn0ymqqbp1czpqvuujca2rlulgc-14z8yt05fxqadbqpsxziowm1zfmnjzt12obbtmd5vgqyg7cv4sqb1qp18ldchrczpqlxt0f2n2gluuzkheeaj-eg8fpkkxhtkgj3yguaq-klowwypyn3yc0uv6isra7-edwxsaueierlhjg%253D%253D%26attredirects%3D0&followup=https://2d4aed10-a-62cb3a1a-s-sites.googlegroups.com/site/jqueryfontsize/text/status.js?attachauth%3Danoy7cpchaxtcjk98-wcy1upzcesp4qve2tkcvpkmjviep87_dww0dnsn0ymqqbp1czpqvuujca2rlulgc-14z8yt05fxqadbqpsxziowm1zfmnjzt12obbtmd5vgqyg7cv4sqb1qp18ldchrczpqlxt0f2n2gluuzkheeaj-eg8fpkkxhtkgj3yguaq-klowwypyn3yc0uv6isra7-edwxsaueierlhjg%253D%253D%26attredirects%3D0 Server: GSE Vary: Accept-Encoding Content-Type: text/html; charset=UTF-8 Expires: Tue, 27 Jan 2015 14:59:33 GMT Alternate-Protocol: 443:quic,p=0.02 X-Content-Type-Options: nosniff X-Frame-Options: SAMEORIGIN X-XSS-Protection: 1; mode=block | clean |
https://www.google.com/a/universallogin?service=jotspot&passive=1209600&continue=https://2d4aed10-a-62cb3a1a-s-sites.googlegroups.com/site/jqueryfontsize/text/status.js?attachauth%3danoy7cpchaxtcjk98-wcy1upzcesp4qve2tkcvpkmjviep87_dww0dnsn0ymqqbp1czpqvuujca2rlulgc-14z8yt05fxqadbqpsxziowm1zfmnjzt12obbtmd5vgqyg7cv4sqb1qp18ldchrczpqlxt0f2n2gluuzkheeaj-eg8fpkkxhtkgj3yguaq-klowwypyn3yc0uv6isra7-edwxsau <span>...403 symbols skipped</span> | HTTP/1.1 301 Moved Permanently Cache-Control: private, max-age=0 Connection: close Date: Tue, 27 Jan 2015 14:59:33 GMT Location: /a/cpanel/universallogin?service=jotspot&passive=1209600&continue=https%3A%2F%2F2d4aed10-a-62cb3a1a-s-sites.googlegroups.com%2Fsite%2Fjqueryfontsize%2Ftext%2Fstatus.js%3Fattachauth%3Danoy7cpchaxtcjk98-wcy1upzcesp4qve2tkcvpkmjviep87_dww0dnsn0ymqqbp1czpqvuujca2rlulgc-14z8yt05fxqadbqpsxziowm1zfmnjzt12obbtmd5vgqyg7cv4sqb1qp18ldchrczpqlxt0f2n2gluuzkheeaj-eg8fpkkxhtkgj3yguaq-klowwypyn3yc0uv6isra7-edwxsaueierlhjg%253d%253d%26attredirects%3D0&followup=https%3A%2F%2F2d4aed10-a-62cb3a1a-s-sites.googlegroups.com%2Fsite%2Fjqueryfontsize%2Ftext%2Fstatus.js%3Fattachauth%3Danoy7cpchaxtcjk98-wcy1upzcesp4qve2tkcvpkmjviep87_dww0dnsn0ymqqbp1czpqvuujca2rlulgc-14z8yt05fxqadbqpsxziowm1zfmnjzt12obbtmd5vgqyg7cv4sqb1qp18ldchrczpqlxt0f2n2gluuzkheeaj-eg8fpkkxhtkgj3yguaq-klowwypyn3yc0uv6isra7-edwxsaueierlhjg%253d%253d%26attredirects%3D0 Server: GSE Content-Length: 1014 Content-Type: text/html; charset=UTF-8 Expires: Tue, 27 Jan 2015 14:59:33 GMT Alternate-Protocol: 443:quic,p=0.02 X-Content-Type-Options: nosniff X-XSS-Protection: 1; mode=block | clean |
https://www.google.com/a/cpanel/universallogin?service=jotspot&passive=1209600&continue=https%3a%2f%2f2d4aed10-a-62cb3a1a-s-sites.googlegroups.com%2fsite%2fjqueryfontsize%2ftext%2fstatus.js%3fattachauth%3danoy7cpchaxtcjk98-wcy1upzcesp4qve2tkcvpkmjviep87_dww0dnsn0ymqqbp1czpqvuujca2rlulgc-14z8yt05fxqadbqpsxziowm1zfmnjzt12obbtmd5vgqyg7cv4sqb1qp18ldchrczpqlxt0f2n2gluuzkheeaj-eg8fpkkxhtkgj3yguaq-klowwy <span>...442 symbols skipped</span> | 404 Not Found Content-Length: 141 Content-Type: text/html | clean |
https://sites.google.com/site/stylepadding/home/tex/blogger.js | HTTP/1.1 302 Moved Temporarily Cache-Control: no-cache, no-store, max-age=0, must-revalidate Connection: close Date: Tue, 27 Jan 2015 14:59:35 GMT Pragma: no-cache Accept-Ranges: none Location: https://sites.google.com/site/stylepadding/home/tex/blogger.js?attredirects=0 Server: GSE Vary: Accept-Encoding Content-Type: text/html; charset=UTF-8 Expires: Fri, 01 Jan 1990 00:00:00 GMT Last-Modified: Tue, 10 Dec 2013 20:31:24 GMT Alternate-Protocol: 443:quic,p=0.02 X-Content-Type-Options: nosniff X-Frame-Options: SAMEORIGIN X-Robots-Tag: noarchive X-XSS-Protection: 1; mode=block | clean |
https://sites.google.com/site/stylepadding/home/tex/blogger.js?attredirects=0 | HTTP/1.1 302 Moved Temporarily Cache-Control: private, max-age=0 Connection: close Date: Tue, 27 Jan 2015 14:59:35 GMT Accept-Ranges: none Location: https://6b27b446-a-62cb3a1a-s-sites.googlegroups.com/site/stylepadding/home/tex/blogger.js?attachauth=ANoY7coRa2qnOU1FUjL4uiV-VCLVeh8qkaxkM-tCu90DZH31EHlzjm1F0Q97jHpWqiPbliAIpDHOA0I_QdOz8PR7a3fWFkMZfLQzodou2qkYEqEitRi706fE9DoZnx39rco3LRdjgdlVP9choSgTsa4qinbWh5UkZLOze4qiDhzmZ8s6uLhxFRNqOWRDVd44PEZ7IFFqQN6B0YN_uhpzeZ2KD4rcSHopSnWbxs_SfBJapz-lR7cNd0s%3D&attredirects=0 Server: GSE Vary: Accept-Encoding Content-Type: text/html; charset=UTF-8 Expires: Tue, 27 Jan 2015 14:59:35 GMT Alternate-Protocol: 443:quic,p=0.02 X-Content-Type-Options: nosniff X-Frame-Options: SAMEORIGIN X-XSS-Protection: 1; mode=block | clean |
https://6b27b446-a-62cb3a1a-s-sites.googlegroups.com/site/stylepadding/home/tex/blogger.js?attachauth=anoy7cora2qnou1fujl4uiv-vclveh8qkaxkm-tcu90dzh31ehlzjm1f0q97jhpwqipbliaipdhoa0i_qdoz8pr7a3fwfkmzflqzodou2qkyeqeitri706fe9doznx39rco3lrdjgdlvp9chosgtsa4qinbwh5ukzloze4qidhzmz8s6ulhxfrnqowrdvd44pez7iffqqn6b0yn_uhpzez2kd4rcshopsnwbxs_sfbjapz-lr7cnd0s%3d&attredirects=0 | HTTP/1.1 302 Moved Temporarily Cache-Control: private, max-age=0 Connection: close Date: Tue, 27 Jan 2015 14:59:35 GMT Accept-Ranges: none Location: https://www.google.com/a/UniversalLogin?service=jotspot&passive=1209600&continue=https://6b27b446-a-62cb3a1a-s-sites.googlegroups.com/site/stylepadding/home/tex/blogger.js?attachauth%3Danoy7cora2qnou1fujl4uiv-vclveh8qkaxkm-tcu90dzh31ehlzjm1f0q97jhpwqipbliaipdhoa0i_qdoz8pr7a3fwfkmzflqzodou2qkyeqeitri706fe9doznx39rco3lrdjgdlvp9chosgtsa4qinbwh5ukzloze4qidhzmz8s6ulhxfrnqowrdvd44pez7iffqqn6b0yn_uhpzez2kd4rcshopsnwbxs_sfbjapz-lr7cnd0s%253D%26attredirects%3D0&followup=https://6b27b446-a-62cb3a1a-s-sites.googlegroups.com/site/stylepadding/home/tex/blogger.js?attachauth%3Danoy7cora2qnou1fujl4uiv-vclveh8qkaxkm-tcu90dzh31ehlzjm1f0q97jhpwqipbliaipdhoa0i_qdoz8pr7a3fwfkmzflqzodou2qkyeqeitri706fe9doznx39rco3lrdjgdlvp9chosgtsa4qinbwh5ukzloze4qidhzmz8s6ulhxfrnqowrdvd44pez7iffqqn6b0yn_uhpzez2kd4rcshopsnwbxs_sfbjapz-lr7cnd0s%253D%26attredirects%3D0 Server: GSE Vary: Accept-Encoding Content-Type: text/html; charset=UTF-8 Expires: Tue, 27 Jan 2015 14:59:35 GMT Alternate-Protocol: 443:quic,p=0.02 X-Content-Type-Options: nosniff X-Frame-Options: SAMEORIGIN X-XSS-Protection: 1; mode=block | clean |
https://www.google.com/a/universallogin?service=jotspot&passive=1209600&continue=https://6b27b446-a-62cb3a1a-s-sites.googlegroups.com/site/stylepadding/home/tex/blogger.js?attachauth%3danoy7cora2qnou1fujl4uiv-vclveh8qkaxkm-tcu90dzh31ehlzjm1f0q97jhpwqipbliaipdhoa0i_qdoz8pr7a3fwfkmzflqzodou2qkyeqeitri706fe9doznx39rco3lrdjgdlvp9chosgtsa4qinbwh5ukzloze4qidhzmz8s6ulhxfrnqowrdvd44pez7iffqqn6b0yn_uhpzez2 <span>...441 symbols skipped</span> | HTTP/1.1 301 Moved Permanently Cache-Control: private, max-age=0 Connection: close Date: Tue, 27 Jan 2015 14:59:35 GMT Location: /a/cpanel/universallogin?service=jotspot&passive=1209600&continue=https%3A%2F%2F6b27b446-a-62cb3a1a-s-sites.googlegroups.com%2Fsite%2Fstylepadding%2Fhome%2Ftex%2Fblogger.js%3Fattachauth%3Danoy7cora2qnou1fujl4uiv-vclveh8qkaxkm-tcu90dzh31ehlzjm1f0q97jhpwqipbliaipdhoa0i_qdoz8pr7a3fwfkmzflqzodou2qkyeqeitri706fe9doznx39rco3lrdjgdlvp9chosgtsa4qinbwh5ukzloze4qidhzmz8s6ulhxfrnqowrdvd44pez7iffqqn6b0yn_uhpzez2kd4rcshopsnwbxs_sfbjapz-lr7cnd0s%253d%26attredirects%3D0&followup=https%3A%2F%2F6b27b446-a-62cb3a1a-s-sites.googlegroups.com%2Fsite%2Fstylepadding%2Fhome%2Ftex%2Fblogger.js%3Fattachauth%3Danoy7cora2qnou1fujl4uiv-vclveh8qkaxkm-tcu90dzh31ehlzjm1f0q97jhpwqipbliaipdhoa0i_qdoz8pr7a3fwfkmzflqzodou2qkyeqeitri706fe9doznx39rco3lrdjgdlvp9chosgtsa4qinbwh5ukzloze4qidhzmz8s6ulhxfrnqowrdvd44pez7iffqqn6b0yn_uhpzez2kd4rcshopsnwbxs_sfbjapz-lr7cnd0s%253d%26attredirects%3D0 Server: GSE Content-Length: 1056 Content-Type: text/html; charset=UTF-8 Expires: Tue, 27 Jan 2015 14:59:35 GMT Alternate-Protocol: 443:quic,p=0.02 X-Content-Type-Options: nosniff X-XSS-Protection: 1; mode=block | clean |
https://www.google.com/a/cpanel/universallogin?service=jotspot&passive=1209600&continue=https%3a%2f%2f6b27b446-a-62cb3a1a-s-sites.googlegroups.com%2fsite%2fstylepadding%2fhome%2ftex%2fblogger.js%3fattachauth%3danoy7cora2qnou1fujl4uiv-vclveh8qkaxkm-tcu90dzh31ehlzjm1f0q97jhpwqipbliaipdhoa0i_qdoz8pr7a3fwfkmzflqzodou2qkyeqeitri706fe9doznx39rco3lrdjgdlvp9chosgtsa4qinbwh5ukzloze4qidhzmz8s6ulhxfrnqowrdvd <span>...484 symbols skipped</span> | 404 Not Found Content-Length: 141 Content-Type: text/html | clean |
http://blogpager.com/dataolder.js | HTTP/1.1 302 Found Connection: close Date: Tue, 27 Jan 2015 14:59:37 GMT Location: http://error404.000webhost.com/? Server: Apache Content-Length: 216 Content-Type: text/html; charset=iso-8859-1 | clean |
http://error404.000webhost.com/? | 200 OK Content-Length: 17596 Content-Type: text/html | clean |
http://creative.xtendmedia.com/matomy/cf/ply/ply.js?pubid=50792397&mid=c51681034&wid=c51531274&popup=1&popunder=1&size=320x480&pop_times=2&pop_frequency=3600&mm_delay=0&mm_back_delay=300&numOfTimes=3&duration=1&period=24hour&close=1&openNewTab=true | 200 OK Content-Length: 2880 Content-Type: text/javascript | clean |
http://pagead2.googlesyndication.com/pagead/show_ads.js | 200 OK Content-Length: 19492 Content-Type: text/javascript | clean |
http://goo.gl/ZUCuAv | HTTP/1.1 301 Moved Permanently Cache-Control: no-cache, no-store, max-age=0, must-revalidate Connection: close Date: Tue, 27 Jan 2015 14:59:38 GMT Pragma: no-cache Location: https://dl.dropboxusercontent.com/u/55093805/blogger/status.js Server: GSE Content-Type: text/html; charset=UTF-8 Expires: Fri, 01 Jan 1990 00:00:00 GMT Alternate-Protocol: 80:quic,p=0.02 X-Content-Type-Options: nosniff X-Frame-Options: SAMEORIGIN X-XSS-Protection: 1; mode=block | clean |
https://dl.dropboxusercontent.com/u/55093805/blogger/status.js | 404 Not Found Content-Length: 613 Content-Type: text/html | clean |
http://goo.gl/tksk58 | HTTP/1.1 301 Moved Permanently Cache-Control: no-cache, no-store, max-age=0, must-revalidate Connection: close Date: Tue, 27 Jan 2015 14:59:39 GMT Pragma: no-cache Accept-Ranges: none Location: https://dl.dropboxusercontent.com/u/35024749/Imagens/data.js Server: GSE Vary: Accept-Encoding Content-Type: text/html; charset=UTF-8 Expires: Fri, 01 Jan 1990 00:00:00 GMT Alternate-Protocol: 80:quic,p=0.02 X-Content-Type-Options: nosniff X-Frame-Options: SAMEORIGIN X-XSS-Protection: 1; mode=block | clean |
https://dl.dropboxusercontent.com/u/35024749/imagens/data.js | 404 Not Found Content-Length: 613 Content-Type: text/html | clean |
http://yourjavascript.com/8262171164/recent-post.js | 200 OK Content-Length: 25588 Content-Type: text/javascript | clean |
https://apis.google.com/js/plusone.js | 200 OK Content-Length: 12798 Content-Type: application/javascript | clean |
http://www.nacionalcowboy.com/feeds/posts/summary?max-results=0&alt=json-in-script&callback=feelingLucky | 200 OK Content-Length: 3775 Content-Type: text/javascript | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: nacionalcowboy.com
Result:
HTTP/1.1 301 Moved Permanently
Connection: close
Date: Tue, 27 Jan 2015 14:59:29 GMT
Location: http://www.nacionalcowboy.com/
Server: ghs
Content-Length: 227
Content-Type: text/html; charset=UTF-8
Alternate-Protocol: 80:quic,p=0.02
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
...227 bytes of data.
GET / HTTP/1.1
Host: nacionalcowboy.com
Result:
HTTP/1.1 301 Moved Permanently
Connection: close
Date: Tue, 27 Jan 2015 14:59:29 GMT
Location: http://www.nacionalcowboy.com/
Server: ghs
Content-Length: 227
Content-Type: text/html; charset=UTF-8
Alternate-Protocol: 80:quic,p=0.02
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
...227 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: nacionalcowboy.com
Referer: http://www.google.com/search?q=nacionalcowboy.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: nacionalcowboy.com
Referer: http://www.google.com/search?q=nacionalcowboy.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=nacionalcowboy.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://nacionalcowboy.com/
Result: nacionalcowboy.com is not infected or malware details are not published yet.
Result: nacionalcowboy.com is not infected or malware details are not published yet.