Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: renovables.tulider.net
Result:
HTTP/1.1 200 OK
Connection: close
Date: Tue, 15 Dec 2015 19:06:41 GMT
Server: Apache/2.2.9 (Debian) mod_ssl/2.2.9 OpenSSL/0.9.8g
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Link: <http://renovables.tulider.net/?rest_route=/>; rel="https://api.w.org/"
Set-Cookie: wfvt_1033058549=567064c19f995; expires=Tue, 15-Dec-2015 19:36:41 GMT; path=/; httponly
GET / HTTP/1.1
Host: renovables.tulider.net
Result:
HTTP/1.1 200 OK
Connection: close
Date: Tue, 15 Dec 2015 19:06:41 GMT
Server: Apache/2.2.9 (Debian) mod_ssl/2.2.9 OpenSSL/0.9.8g
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Link: <http://renovables.tulider.net/?rest_route=/>; rel="https://api.w.org/"
Set-Cookie: wfvt_1033058549=567064c19f995; expires=Tue, 15-Dec-2015 19:36:41 GMT; path=/; httponly
Second query (visit from search engine):
GET / HTTP/1.1
Host: renovables.tulider.net
Referer: http://www.google.com/search?q=renovables.tulider.net
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: renovables.tulider.net
Referer: http://www.google.com/search?q=renovables.tulider.net
Result:
The result is similar to the first query. There are no suspicious redirects found.
Scanned pages/files
| Request | Server response | Status |
http://renovables.tulider.net/ | 200 OK Content-Length: 127748 Content-Type: text/html | clean |
http://renovables.tulider.net/wp-includes/js/jquery/jquery.js?ver=3cd9730f79136db58f2142e7e00f36c6 | 200 OK Content-Length: 95977 Content-Type: application/javascript | clean |
http://renovables.tulider.net/wp-includes/js/jquery/jquery-migrate.min.js?ver=3cd9730f79136db58f2142e7e00f36c6 | 200 OK Content-Length: 7200 Content-Type: application/javascript | clean |
http://renovables.tulider.net/wp-content/themes/graphene/js/jquery.tools.min.js?ver=3cd9730f79136db58f2142e7e00f36c6 | 200 OK Content-Length: 11032 Content-Type: application/javascript | clean |
http://renovables.tulider.net/wp-content/themes/graphene/js/graphene.js?ver=3cd9730f79136db58f2142e7e00f36c6 | 200 OK Content-Length: 8446 Content-Type: application/javascript | clean |
http://renovables.tulider.net//pagead2.googlesyndication.com/pagead/js/adsbygoogle.js/ | HTTP/1.1 301 Moved Permanently Connection: close Date: Tue, 15 Dec 2015 19:06:43 GMT Location: http://renovables.tulider.net/pagead2.googlesyndication.com/pagead/js/adsbygoogle.js/ Server: Apache/2.2.9 (Debian) mod_ssl/2.2.9 OpenSSL/0.9.8g Vary: Accept-Encoding Content-Length: 0 Content-Type: text/html; charset=UTF-8 Set-Cookie: wfvt_1033058549=567064c33891f; expires=Tue, 15-Dec-2015 19:36:43 GMT; path=/; httponly | clean |
http://renovables.tulider.net/pagead2.googlesyndication.com/pagead/js/adsbygoogle.js/ | 200 OK Content-Length: 127803 Content-Type: text/html | clean |
http://renovables.tulider.net//translate.google.com/translate_a/element.js?cb=initializeGoogleTranslateElement/ | HTTP/1.1 301 Moved Permanently Connection: close Date: Tue, 15 Dec 2015 19:06:44 GMT Location: http://renovables.tulider.net/translate.google.com/translate_a/element.js/?cb=initializeGoogleTranslateElement/ Server: Apache/2.2.9 (Debian) mod_ssl/2.2.9 OpenSSL/0.9.8g Vary: Accept-Encoding Content-Length: 0 Content-Type: text/html; charset=UTF-8 Set-Cookie: wfvt_1033058549=567064c42bfb0; expires=Tue, 15-Dec-2015 19:36:44 GMT; path=/; httponly | clean |
http://renovables.tulider.net/translate.google.com/translate_a/element.js/?cb=initializegoogletranslateelement/ | 200 OK Content-Length: 127836 Content-Type: text/html | clean |
http://renovables.tulider.net/wp-content/plugins/wp-email/email-js.js?ver=3cd9730f79136db58f2142e7e00f36c6 | 200 OK Content-Length: 4494 Content-Type: application/javascript | clean |
http://renovables.tulider.net/wp-content/plugins/wp-top-5-social-sharing/lib/js/site.js?ver=3cd9730f79136db58f2142e7e00f36c6 | 200 OK Content-Length: 1201 Content-Type: application/javascript | clean |
http://renovables.tulider.net/wp-includes/js/wp-embed.min.js?ver=3cd9730f79136db58f2142e7e00f36c6 | 200 OK Content-Length: 1518 Content-Type: application/javascript | clean |
http://renovables.tulider.net/?feed=rss2 | 200 OK Content-Length: 81909 Content-Type: application/rss+xml | clean |
http://renovables.tulider.net/?p=934 | 200 OK Content-Length: 66289 Content-Type: text/html | clean |
http://renovables.tulider.net/?page_id=446 | 200 OK Content-Length: 60059 Content-Type: text/html | clean |
http://renovables.tulider.net/?page_id=571 | 200 OK Content-Length: 61258 Content-Type: text/html | clean |
http://renovables.tulider.net/?page_id=296 | 200 OK Content-Length: 61728 Content-Type: text/html | clean |
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=renovables.tulider.net
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://renovables.tulider.net/
Result: renovables.tulider.net is not infected or malware details are not published yet.
Result: renovables.tulider.net is not infected or malware details are not published yet.