Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: tombobblender.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Thu, 24 Jul 2014 09:49:20 GMT
Via: 1.1 vhost.phx2.nearlyfreespeech.net:3128 (squid/2.7.STABLE7)
Accept-Ranges: bytes
ETag: "466f-4fbe96ba33285"
Server: Apache
Content-Length: 18031
Content-Type: text/html; charset=UTF-8
Last-Modified: Mon, 16 Jun 2014 00:50:58 GMT
...18031 bytes of data.
GET / HTTP/1.1
Host: tombobblender.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Thu, 24 Jul 2014 09:49:20 GMT
Via: 1.1 vhost.phx2.nearlyfreespeech.net:3128 (squid/2.7.STABLE7)
Accept-Ranges: bytes
ETag: "466f-4fbe96ba33285"
Server: Apache
Content-Length: 18031
Content-Type: text/html; charset=UTF-8
Last-Modified: Mon, 16 Jun 2014 00:50:58 GMT
...18031 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: tombobblender.com
Referer: http://www.google.com/search?q=tombobblender.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: tombobblender.com
Referer: http://www.google.com/search?q=tombobblender.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Scanned pages/files
Request | Server response | Status |
http://tombobblender.com/ | 200 OK Content-Length: 18031 Content-Type: text/html | clean |
http://ajax.googleapis.com/ajax/libs/jquery/1.10.2/jquery.min.js | 200 OK Content-Length: 93100 Content-Type: text/javascript | clean |
http://tombobblender.com/mariopaint/mariopaint.html | 200 OK Content-Length: 3730 Content-Type: text/html | clean |
http://tombobblender.com/index.html | 200 OK Content-Length: 18031 Content-Type: text/html | clean |
http://tombobblender.com/wiki/Stream_FAQ | 200 OK Content-Length: 20864 Content-Type: text/html | clean |
http://www.tombobblender.com/w/load.php?debug=false&lang=en&modules=startup&only=scripts&skin=vector&* | 200 OK Content-Length: 12773 Content-Type: text/javascript | clean |
http://tombobblender.com/wiki/ | HTTP/1.1 301 Moved Permanently Cache-Control: private, must-revalidate, max-age=0 Connection: close Date: Thu, 24 Jul 2014 09:49:28 GMT Via: 1.1 vhost.phx2.nearlyfreespeech.net:3128 (squid/2.7.STABLE7) Location: http://www.tombobblender.com/wiki/Main_Page Server: Apache Vary: Accept-Encoding,Cookie Content-Length: 0 Content-Type: text/html; charset=utf-8 Expires: Thu, 01 Jan 1970 00:00:00 GMT Last-Modified: Thu, 24 Jul 2014 09:49:28 GMT X-Content-Type-Options: nosniff | clean |
http://www.tombobblender.com/wiki/main_page | HTTP/1.1 301 Moved Permanently Cache-Control: private, must-revalidate, max-age=0 Connection: close Date: Thu, 24 Jul 2014 09:49:29 GMT Via: 1.1 vhost.phx2.nearlyfreespeech.net:3128 (squid/2.7.STABLE7) Location: http://www.tombobblender.com/wiki/Main_page Server: Apache Vary: Accept-Encoding,Cookie Content-Length: 0 Content-Type: text/html; charset=utf-8 Expires: Thu, 01 Jan 1970 00:00:00 GMT Last-Modified: Thu, 24 Jul 2014 09:49:29 GMT X-Content-Type-Options: nosniff | clean |
http://www.tombobblender.com/test404page.js | 404 Not Found Content-Length: 1230 Content-Type: text/html | clean |
http://www.tombobblender.com/ | 200 OK Content-Length: 18031 Content-Type: text/html | clean |
http://www.tombobblender.com/mariopaint/mariopaint.html | 200 OK Content-Length: 3730 Content-Type: text/html | clean |
http://www.tombobblender.com/index.html | 200 OK Content-Length: 18031 Content-Type: text/html | clean |
http://www.tombobblender.com/wiki/Stream_FAQ | 200 OK Content-Length: 20864 Content-Type: text/html | clean |
http://www.tombobblender.com/wiki/ | HTTP/1.1 301 Moved Permanently Cache-Control: private, must-revalidate, max-age=0 Connection: close Date: Thu, 24 Jul 2014 09:49:35 GMT Via: 1.1 vhost.phx1.nearlyfreespeech.net:3128 (squid/2.7.STABLE7) Location: http://www.tombobblender.com/wiki/Main_Page Server: Apache Vary: Accept-Encoding,Cookie Content-Length: 0 Content-Type: text/html; charset=utf-8 Expires: Thu, 01 Jan 1970 00:00:00 GMT Last-Modified: Thu, 24 Jul 2014 09:49:35 GMT X-Content-Type-Options: nosniff | clean |
http://www.tombobblender.com/w/index.php?title=Stream_FAQ&oldid=23310 | 200 OK Content-Length: 21788 Content-Type: text/html | clean |
http://www.tombobblender.com/wiki/User:TomBobBlender | 200 OK Content-Length: 14432 Content-Type: text/html | clean |
http://www.tombobblender.com/w/index.php?title=User:TomBobBlender&oldid=67 | 200 OK Content-Length: 15375 Content-Type: text/html | clean |
http://www.tombobblender.com/w/index.php?title=User_talk:TomBobBlender&action=edit&redlink=1 | HTTP/1.1 302 Moved Temporarily Cache-Control: private, must-revalidate, max-age=0 Connection: close Date: Thu, 24 Jul 2014 09:49:40 GMT Via: 1.1 vhost.phx1.nearlyfreespeech.net:3128 (squid/2.7.STABLE7) Location: http://www.tombobblender.com/wiki/User_talk:TomBobBlender Server: Apache Vary: Accept-Encoding,Cookie Content-Length: 0 Content-Type: text/html; charset=utf-8 Expires: Thu, 01 Jan 1970 00:00:00 GMT X-Content-Type-Options: nosniff | clean |
http://www.tombobblender.com/wiki/user_talk:tombobblender | HTTP/1.1 301 Moved Permanently Cache-Control: private, must-revalidate, max-age=0 Connection: close Date: Thu, 24 Jul 2014 09:49:41 GMT Via: 1.1 vhost.phx1.nearlyfreespeech.net:3128 (squid/2.7.STABLE7) Location: http://www.tombobblender.com/wiki/User_talk:Tombobblender Server: Apache Vary: Accept-Encoding,Cookie Content-Length: 0 Content-Type: text/html; charset=utf-8 Expires: Thu, 01 Jan 1970 00:00:00 GMT Last-Modified: Thu, 24 Jul 2014 09:49:41 GMT X-Content-Type-Options: nosniff | clean |
http://www.tombobblender.com/wiki/Special:Contributions/TomBobBlender | 200 OK Content-Length: 54396 Content-Type: text/html | clean |
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=tombobblender.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://tombobblender.com/
Result: tombobblender.com is not infected or malware details are not published yet.
Result: tombobblender.com is not infected or malware details are not published yet.