Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: radiolab.net.br
Result:
HTTP/1.1 301 Moved Permanently
Connection: close
Date: Wed, 04 Mar 2015 17:04:14 GMT
Location: http://radiolab.blog.br/
Server: nginx
Vary: Cookie
Content-Type: text/html; charset=utf-8
X-Ac: 3.lhr _sat
GET / HTTP/1.1
Host: radiolab.net.br
Result:
HTTP/1.1 301 Moved Permanently
Connection: close
Date: Wed, 04 Mar 2015 17:04:14 GMT
Location: http://radiolab.blog.br/
Server: nginx
Vary: Cookie
Content-Type: text/html; charset=utf-8
X-Ac: 3.lhr _sat
Second query (visit from search engine):
GET / HTTP/1.1
Host: radiolab.net.br
Referer: http://www.google.com/search?q=radiolab.net.br
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: radiolab.net.br
Referer: http://www.google.com/search?q=radiolab.net.br
Result:
The result is similar to the first query. There are no suspicious redirects found.
Scanned pages/files
Request | Server response | Status |
http://www.radiolab.net.br/ | HTTP/1.1 301 Moved Permanently Connection: close Date: Wed, 04 Mar 2015 17:04:14 GMT Location: http://radiolab.net.br/ Server: nginx Content-Length: 178 Content-Type: text/html X-Ac: 3.lhr _sat | clean |
http://radiolab.net.br/ | HTTP/1.1 301 Moved Permanently Connection: close Date: Wed, 04 Mar 2015 17:04:14 GMT Location: http://radiolab.blog.br/ Server: nginx Vary: Cookie Content-Type: text/html; charset=utf-8 X-Ac: 3.lhr _sat | clean |
http://radiolab.blog.br/ | 200 OK Content-Length: 79440 Content-Type: text/html | clean |
https://r-login.wordpress.com/remote-login.php?action=js&host=radiolab.blog.br&id=14483000&t=1425488655&back=http%3A%2F%2Fradiolab.blog.br%2F | 200 OK Content-Length: 0 Content-Type: text/javascript | clean |
https://s0.wp.com/_static/??-eJyFkVFOAzEMRC9E6m0FEj+Is2x23eCQ2CF2uoLTkwItCxT1K5HzJjMaw1LcJGzIBlEhi6eErinWMfSZI97LJuoNdI54Sm1GPYLxpWF9/TquAi5TqKPhJhOf4JVrEbWMqt3ywutPK+ID4XIVi2hlnJ5dRaW3P7/6JMGV1AKxQr8HnKWZ20tKssBCc0D7rcntrPgEFPzIc+mhjwzj9BHjPPMiplbHUrBeKkjLdxf/N7umTknsCXtbUJoH35AF1vK+tb671DWP+WF7Owx399vdsIvvVPi3Zg== | 200 OK Content-Length: 173386 Content-Type: application/x-javascript | clean |
http://www.radiolab.net.br//0.gravatar.com/js/gprofiles.js?ver=201510x/ | 404 Not Found Content-Length: 564 Content-Type: text/html | clean |
http://www.radiolab.net.br/test404page.js | 404 Not Found Content-Length: 564 Content-Type: text/html | clean |
https://s2.wp.com/wp-content/mu-plugins/gravatar-hovercards/wpgroho.js?m=1380573781g | 200 OK Content-Length: 582 Content-Type: application/x-javascript | clean |
https://s2.wp.com/_static/??/wp-content/js/jquery/jquery.autoresize.js,/wp-content/mu-plugins/highlander-comments/script.js?m=1424115551j | 200 OK Content-Length: 41938 Content-Type: application/x-javascript | clean |
https://s0.wp.com/_static/??-eJyNUdFuwyAM/KERtCrT+jLtW4hxVzPAGYZm+fvRaI3Sqkn7hM++Ox22HnoFHDPGrJ1oiycC7H8bJy96MQpF9b58URRN8UCR8jgXG1w5csrAFuVs7n4KprGBETw+LRJPtTryoOb+hhYDO9J5uHof8h3m3sC3eo59xaIIvvxHDWjJoMcwyRZAmWiriRkxNYHiQ22dLfE9fokWkwAnXHOssGTya+OufrjjuCq/DXSO70nuhpHhwJ1DyLe7uyzuVG/I2ohgngQT7hOKbGwbTOIi6OfzXBpV8xk+Xttdu9u3b+979weTVwpw | 200 OK Content-Length: 303070 Content-Type: application/x-javascript | clean |
http://platform.twitter.com/widgets.js?ver=20111117 | 200 OK Content-Length: 115360 Content-Type: application/javascript | clean |
https://s0.wp.com/_static/??-eJyVy7EOQEAMANAfUnViYBDfgmsupepyivh7VpMY3/DwjDCuaqSGyw5R9sC6oZ1sRgkG6cd54OQhMqHSQYnUs4Z82jL8c+P3YyEPoRehdL31rG5pXVXUTVO70k03DU5D1g== | 200 OK Content-Length: 6951 Content-Type: application/x-javascript | clean |
http://www.radiolab.net.br//stats.wp.com/w.js?43/ | 404 Not Found Content-Length: 564 Content-Type: text/html | clean |
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=radiolab.net.br
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://radiolab.net.br/
Result: radiolab.net.br is not infected or malware details are not published yet.
Result: radiolab.net.br is not infected or malware details are not published yet.