Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: nbcdirect.com
Result:
HTTP/1.1 301 Moved Permanently
Cache-Control: max-age=60
Connection: close
Date: Thu, 25 Sep 2014 17:45:34 GMT
Location: http://www.nbc.com/Video/
Server: Apache/2.2.0 (Unix) mod_ssl/2.2.0 OpenSSL/0.9.7a DAV/2 PHP/5.1.6
Content-Length: 233
Content-Type: text/html; charset=iso-8859-1
Expires: Thu, 25 Sep 2014 17:46:34 GMT
Set-Cookie: pers_cookie_insert_nbc.com_static_prod_80=1807864384.20480.0000; expires=Thu, 25-Sep-2014 21:45:34 GMT; path=/
...233 bytes of data.
GET / HTTP/1.1
Host: nbcdirect.com
Result:
HTTP/1.1 301 Moved Permanently
Cache-Control: max-age=60
Connection: close
Date: Thu, 25 Sep 2014 17:45:34 GMT
Location: http://www.nbc.com/Video/
Server: Apache/2.2.0 (Unix) mod_ssl/2.2.0 OpenSSL/0.9.7a DAV/2 PHP/5.1.6
Content-Length: 233
Content-Type: text/html; charset=iso-8859-1
Expires: Thu, 25 Sep 2014 17:46:34 GMT
Set-Cookie: pers_cookie_insert_nbc.com_static_prod_80=1807864384.20480.0000; expires=Thu, 25-Sep-2014 21:45:34 GMT; path=/
...233 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: nbcdirect.com
Referer: http://www.google.com/search?q=nbcdirect.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: nbcdirect.com
Referer: http://www.google.com/search?q=nbcdirect.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Scanned pages/files
Request | Server response | Status |
http://nbcdirect.com/ | HTTP/1.1 301 Moved Permanently Cache-Control: max-age=60 Connection: close Date: Thu, 25 Sep 2014 17:45:34 GMT Location: http://www.nbc.com/Video/ Server: Apache/2.2.0 (Unix) mod_ssl/2.2.0 OpenSSL/0.9.7a DAV/2 PHP/5.1.6 Content-Length: 233 Content-Type: text/html; charset=iso-8859-1 Expires: Thu, 25 Sep 2014 17:46:34 GMT Set-Cookie: pers_cookie_insert_nbc.com_static_prod_80=1807864384.20480.0000; expires=Thu, 25-Sep-2014 21:45:34 GMT; path=/ | clean |
http://www.nbc.com/video/ | HTTP/1.1 301 Moved Permanently Cache-Control: public, max-age=278 Connection: close Date: Thu, 25 Sep 2014 17:45:34 GMT ETag: "1411666662-0" Location: http://www.nbc.com/video Server: nginx Content-Encoding: gzip Content-Length: 27 Content-Type: text/html Expires: Thu, 25 Sep 2014 17:50:12 GMT Last-Modified: Thu, 25 Sep 2014 17:37:42 +0000 Access-Control-Allow-Origin: * X-Age: 472 X-AH-Environment: prod X-Cache-Hits: 2 X-Drupal-Cache: MISS X-Request-ID: v-a71be548-44da-11e4-a2f5-12313d1414dc X-Varnish: 1086666095 1086663011 | clean |
http://www.nbc.com/video | 200 OK Content-Length: 56297 Content-Type: text/html | clean |
http://www.nbc.com/sites/nbcunbc/libraries/modernizr/modernizr.min.js?ncgtjx | 200 OK Content-Length: 12434 Content-Type: application/javascript | clean |
http://www.nbc.com/sites/nbcunbc/files/files/js/js_kVYWTHdR7U-OXxgtblXdNWJLvM1wkytLQcFEhHDAsIY.js | 200 OK Content-Length: 108416 Content-Type: text/javascript | clean |
http://nbcdirect.com//www.nbcudigitaladops.com/hosted/global_header.js/ | 403 Forbidden Content-Length: 251 Content-Type: text/html | clean |
http://nbcdirect.com/test404page.js | HTTP/1.1 301 Moved Permanently Cache-Control: max-age=60 Connection: close Date: Thu, 25 Sep 2014 17:45:39 GMT Location: http://www.nbc.com/Video/ Server: Apache/2.2.0 (Unix) mod_ssl/2.2.0 OpenSSL/0.9.7a DAV/2 PHP/5.1.6 Content-Length: 233 Content-Type: text/html; charset=iso-8859-1 Expires: Thu, 25 Sep 2014 17:46:39 GMT Set-Cookie: pers_cookie_insert_nbc.com_static_prod_80=1807864384.20480.0000; expires=Thu, 25-Sep-2014 21:45:39 GMT; path=/ | clean |
http://www.nbc.com/test404page.js | 404 Not Found Content-Length: 10462 Content-Type: text/html | clean |
http://www.nbc.com/sites/nbcunbc/files/files/js/js_B3Z_c9FetlBJ-n9aOQcbBVsT9a3ta9FFbfI5eHFXCcM.js | 200 OK Content-Length: 5579 Content-Type: text/javascript | clean |
http://www.nbc.com/sites/nbcunbc/files/files/js/js_ESYxUeXeAiMRBw9DGnSxCHYEHxb-AiUlwE8dN-D5GNo.js | 200 OK Content-Length: 4971 Content-Type: text/javascript | clean |
http://nbcdirect.com/sites/nbcunbc/modules/custom/features/nbc_analytics/js/s_code_h25.js?ncgtjx | 403 Forbidden Content-Length: 270 Content-Type: text/html | clean |
http://cdn.gigya.com/JS/socialize.js?apikey=2_hal5ikuv_4ajvvN9jBCJBm3YVc37tz238I_0SOekB6mrKJjn_s-2Euw1ABuJJ-Zl | 200 OK Content-Length: 138504 Content-Type: text/javascript | clean |
http://www.nbc.com/sites/nbcunbc/files/files/js/js_PdiuypZMI8o81AYEdTHwjRslVPEF69JFzr7Y9sMWt4s.js | 200 OK Content-Length: 2976 Content-Type: text/javascript | clean |
http://nbcdirect.com//embed.api.tv/lib/acomplete/1.1/build/ramp-ac-standalone.min.js/ | 403 Forbidden Content-Length: 265 Content-Type: text/html | clean |
http://nbcdirect.com//www.nbcudigitaladops.com/hosted/global.js/ | HTTP/1.1 301 Moved Permanently Cache-Control: max-age=60 Connection: close Date: Thu, 25 Sep 2014 17:45:42 GMT Location: http://www.nbc.com/Video/ Server: Apache/2.2.0 (Unix) mod_ssl/2.2.0 OpenSSL/0.9.7a DAV/2 PHP/5.1.6 Content-Length: 233 Content-Type: text/html; charset=iso-8859-1 Expires: Thu, 25 Sep 2014 17:46:42 GMT Set-Cookie: pers_cookie_insert_nbc.com_static_prod_80=1807864384.20480.0000; expires=Thu, 25-Sep-2014 21:45:42 GMT; path=/ | clean |
http://www.nbc.com/sites/nbcunbc/files/files/js/js_4VqLwfP7NwEhAZaXWapg9DdO_xhxb2FKWOWm2952ct8.js | 200 OK Content-Length: 171316 Content-Type: text/javascript | clean |
http://www.nbc.com/sites/nbcunbc/files/files/js/js_108HiXZ23chcTKkq0E_ZoH0MbPL1lg4uJCc-TAm8u74.js | 200 OK Content-Length: 6890 Content-Type: text/javascript | clean |
http://www.nbc.com/sites/nbcunbc/files/files/js/js_6HN4uraWOpL6VKT_P4I3Msf9DOczek-GONnT0N-jtDY.js | 200 OK Content-Length: 59060 Content-Type: text/javascript | clean |
http://www.nbc.com/sites/nbcunbc/files/files/js/js_LsfA0CIwfB3kCXnHQHdf4d9A9Rz39S7bMtVuqzPNL4A.js | 200 OK Content-Length: 113542 Content-Type: text/javascript | clean |
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=nbcdirect.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://nbcdirect.com/
Result: nbcdirect.com is not infected or malware details are not published yet.
Result: nbcdirect.com is not infected or malware details are not published yet.