Scanned pages/files
| Request | Server response | Status |
http://andrewbennett.net/ | HTTP/1.1 302 Object moved Cache-Control: private Connection: close Date: Fri, 19 Sep 2014 07:27:28 GMT Location: http://www.andrewbennett.co.uk Server: Microsoft-IIS/6.0 Content-Length: 151 Content-Type: text/html X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET X-Server: ash02 | clean |
http://www.andrewbennett.co.uk/ | HTTP/1.1 200 OK Connection: close Date: Fri, 19 Sep 2014 07:27:26 GMT Accept-Ranges: bytes ETag: "f1-4e892eca5ca00" Server: Apache/2.4.7 (Ubuntu) Vary: Accept-Encoding Content-Length: 241 Content-Type: text/html Last-Modified: Sat, 12 Oct 2013 22:40:40 GMT | clean |
http://uk.linkedin.com/in/andrewgbennett | 200 OK Content-Length: 45529 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) LI.Controls.addControl('control-http-12248-exec-13563254-1','ToggleClass',{classname:'view-all-skills',on:'#profile-skills'}); Antivirus reports:
| ||
http://static.licdn.com:80/scds/common/u/lib/fizzy/fz-1.3.6-min.js | 200 OK Content-Length: 27495 Content-Type: text/javascript | clean |
http://s.c.lnkd.licdn.com/scds/concat/common/js?h=1m0lwtkp5q4cnlfkz0y4hchy4&fc=2 | 200 OK Content-Length: 3234 Content-Type: text/javascript | clean |
http://s.c.lnkd.licdn.com/scds/concat/common/js?h=3nuvxgwg15rbghxm1gpzfbya2-35e6ug1j754avohmn1bzmucat-mv3v66b8q0h1hvgvd3yfjv5f-14k913qahq3mh0ac0lh0twk9v-dfoaudjrk6rbf82f45bz5crwi-62og8s54488owngg0s7escdit-c8ha6zrgpgcni7poa5ctye7il-djim7uyllidc9gta745y2wo5m-51dv6schthjydhvcv6rxvospp-d7z5zqt26qe7ht91f8494hqx5-e9rsfv7b5gx0bk0tln31dx3sq-2r5gveucqe4lsolc3n0oljsn1-8v2hz0euzy8m1tk5d6tfrn6j-b88qxy99s08xoe <span>...276 symbols skipped</span> | 200 OK Content-Length: 269981 Content-Type: text/javascript | clean |
http://s.c.lnkd.licdn.com/scds/concat/common/js?h=4zslye83akez5s4mf91hrq425-95d8d303rtd0n9wj4dcjbnh2c&fc=2 | 200 OK Content-Length: 2254 Content-Type: text/javascript | clean |
https://www.linkedin.com/uas/authping?url=http%3A%2F%2Fuk%2Elinkedin%2Ecom%2Fin%2Fandrewgbennett | 200 OK Content-Length: 0 Content-Type: text/javascript | clean |
http://s.c.lnkd.licdn.com/scds/concat/common/js?h=d43qahhuvg0j5mlh4c2m9sipk-ew7wxbzv14lsc4vzkh2xrbzqn-dp1os5pzpoyifn8ljtjpfxrz-e17zy6z51dugr6fy4su92o7de-eq875keqggun9hoxzfhbanjes&fc=2 | 200 OK Content-Length: 17345 Content-Type: text/javascript | clean |
http://andrewbennett.net/home?trk=hb_logo | HTTP/1.1 302 Object moved Cache-Control: private Connection: close Date: Fri, 19 Sep 2014 07:27:33 GMT Location: http://www.andrewbennett.co.uk/home?trk=hb_logo Server: Microsoft-IIS/6.0 Content-Length: 168 Content-Type: text/html X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET X-Server: sjl03 | clean |
http://www.andrewbennett.co.uk/home?trk=hb_logo | 404 Not Found Content-Length: 290 Content-Type: text/html | clean |
http://www.andrewbennett.co.uk/test404page.js | 404 Not Found Content-Length: 300 Content-Type: text/html | clean |
http://andrewbennett.net/company/intergenerational-foundation?trk=ppro_cprof | HTTP/1.1 302 Object moved Cache-Control: private Connection: close Date: Fri, 19 Sep 2014 07:27:34 GMT Location: http://www.andrewbennett.co.uk/company/intergenerational-foundation?trk=ppro_cprof Server: Microsoft-IIS/6.0 Content-Length: 203 Content-Type: text/html X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET X-Server: sjl07 | clean |
http://www.andrewbennett.co.uk/company/intergenerational-foundation?trk=ppro_cprof | 404 Not Found Content-Length: 322 Content-Type: text/html | clean |
http://andrewbennett.net/company/nominet-uk?trk=ppro_cprof | HTTP/1.1 302 Object moved Cache-Control: private Connection: close Date: Fri, 19 Sep 2014 07:27:34 GMT Location: http://www.andrewbennett.co.uk/company/nominet-uk?trk=ppro_cprof Server: Microsoft-IIS/6.0 Content-Length: 185 Content-Type: text/html X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET X-Server: ash02 | clean |
http://www.andrewbennett.co.uk/company/nominet-uk?trk=ppro_cprof | 404 Not Found Content-Length: 304 Content-Type: text/html | clean |
http://andrewbennett.net/redir/redirect?url=http%3A%2F%2Fwww%2Eandrewbennett%2Etel&urlhash=A4tb | HTTP/1.1 302 Object moved Cache-Control: private Connection: close Date: Fri, 19 Sep 2014 07:27:35 GMT Location: http://www.andrewbennett.co.uk/redir/redirect?url=http://www.andrewbennett.tel&urlhash=A4tb Server: Microsoft-IIS/6.0 Content-Length: 212 Content-Type: text/html X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET X-Server: sjl07 | clean |
http://www.andrewbennett.co.uk/redir/redirect?url=http://www.andrewbennett.tel&urlhash=a4tb | 404 Not Found Content-Length: 300 Content-Type: text/html | clean |
http://andrewbennett.net/redir/redirect?url=http%3A%2F%2Fwww%2Ewhois-search%2Ecom&urlhash=qkVi | HTTP/1.1 302 Object moved Cache-Control: private Connection: close Date: Fri, 19 Sep 2014 07:27:36 GMT Location: http://www.andrewbennett.co.uk/redir/redirect?url=http://www.whois-search.com&urlhash=qkVi Server: Microsoft-IIS/6.0 Content-Length: 211 Content-Type: text/html X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET X-Server: sjl04 | clean |
http://www.andrewbennett.co.uk/redir/redirect?url=http://www.whois-search.com&urlhash=qkvi | 404 Not Found Content-Length: 300 Content-Type: text/html | clean |
http://andrewbennett.net/company/netistrar-ltd?trk=ppro_cprof | HTTP/1.1 302 Object moved Cache-Control: private Connection: close Date: Fri, 19 Sep 2014 07:27:36 GMT Location: http://www.andrewbennett.co.uk/company/netistrar-ltd?trk=ppro_cprof Server: Microsoft-IIS/6.0 Content-Length: 188 Content-Type: text/html X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET X-Server: sjl04 | clean |
http://www.andrewbennett.co.uk/company/netistrar-ltd?trk=ppro_cprof | 404 Not Found Content-Length: 307 Content-Type: text/html | clean |
http://andrewbennett.net/company/webfusion?trk=ppro_cprof | HTTP/1.1 302 Object moved Cache-Control: private Connection: close Date: Fri, 19 Sep 2014 07:27:37 GMT Location: http://www.andrewbennett.co.uk/company/webfusion?trk=ppro_cprof Server: Microsoft-IIS/6.0 Content-Length: 184 Content-Type: text/html X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET X-Server: sjl08 | clean |
http://www.andrewbennett.co.uk/company/webfusion?trk=ppro_cprof | 404 Not Found Content-Length: 303 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: andrewbennett.net
Result:
HTTP/1.1 302 Object moved
Cache-Control: private
Connection: close
Date: Fri, 19 Sep 2014 07:27:28 GMT
Location: http://www.andrewbennett.co.uk
Server: Microsoft-IIS/6.0
Content-Length: 151
Content-Type: text/html
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
X-Server: ash02
...151 bytes of data.
GET / HTTP/1.1
Host: andrewbennett.net
Result:
HTTP/1.1 302 Object moved
Cache-Control: private
Connection: close
Date: Fri, 19 Sep 2014 07:27:28 GMT
Location: http://www.andrewbennett.co.uk
Server: Microsoft-IIS/6.0
Content-Length: 151
Content-Type: text/html
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
X-Server: ash02
...151 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: andrewbennett.net
Referer: http://www.google.com/search?q=andrewbennett.net
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: andrewbennett.net
Referer: http://www.google.com/search?q=andrewbennett.net
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=andrewbennett.net
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://andrewbennett.net/
Result: andrewbennett.net is not infected or malware details are not published yet.
Result: andrewbennett.net is not infected or malware details are not published yet.