Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=city.waverlyia.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://city.waverlyia.com/
Result: The website is marked by Yandex as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Yandex as suspicious. - visiting this web site may harm your computer.
Details are available here.
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: city.waverlyia.com
Result:
HTTP/1.1 200 OK
Cache-Control: no-cache
Connection: close
Date: Mon, 30 Jun 2014 09:12:02 GMT
Pragma: no-cache
Server: Apache/2.2.3 (CentOS)
Content-Type: text/html; charset=utf-8
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Set-Cookie: secureliveBL=bl%3A0%2C; expires=Mon, 30-Jun-2014 09:12:02 GMT; path=/
Set-Cookie: securelive=tt%3AIncorrect+account+password.%2Ctl%3A0%2C; expires=Tue, 01-Jul-2014 09:12:02 GMT; path=/
Set-Cookie: 60431b33e85a63bb1804ef411ff8b6e8=68e3a1d3aa81090529790671b848b918; path=/
GET / HTTP/1.1
Host: city.waverlyia.com
Result:
HTTP/1.1 200 OK
Cache-Control: no-cache
Connection: close
Date: Mon, 30 Jun 2014 09:12:02 GMT
Pragma: no-cache
Server: Apache/2.2.3 (CentOS)
Content-Type: text/html; charset=utf-8
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Set-Cookie: secureliveBL=bl%3A0%2C; expires=Mon, 30-Jun-2014 09:12:02 GMT; path=/
Set-Cookie: securelive=tt%3AIncorrect+account+password.%2Ctl%3A0%2C; expires=Tue, 01-Jul-2014 09:12:02 GMT; path=/
Set-Cookie: 60431b33e85a63bb1804ef411ff8b6e8=68e3a1d3aa81090529790671b848b918; path=/
Second query (visit from search engine):
GET / HTTP/1.1
Host: city.waverlyia.com
Referer: http://www.google.com/search?q=city.waverlyia.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: city.waverlyia.com
Referer: http://www.google.com/search?q=city.waverlyia.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Scanned pages/files
Request | Server response | Status |
http://city.waverlyia.com/ | 200 OK Content-Length: 24401 Content-Type: text/html | clean |
http://city.waverlyia.com/cache/template/gzip.php?mootools-core-0cd3367b.js | 200 OK Content-Length: 95138 Content-Type: application/x-javascript | clean |
http://city.waverlyia.com/cache/template/gzip.php?core-31511e2c.js | 200 OK Content-Length: 4707 Content-Type: application/x-javascript | clean |
http://city.waverlyia.com/cache/template/gzip.php?mootools-more-68f3d280.js | 200 OK Content-Length: 234332 Content-Type: application/x-javascript | clean |
http://city.waverlyia.com//components/com_gcalendar/libraries/jquery/jquery.min.js/ | 404 Not Found Content-Length: 337 Content-Type: text/html | clean |
http://city.waverlyia.com/test404page.js | 404 Not Found Content-Length: 295 Content-Type: text/html | clean |
http://city.waverlyia.com/cache/template/gzip.php?caption-ff6d7d75.js | 200 OK Content-Length: 657 Content-Type: application/x-javascript | clean |
http://city.waverlyia.com/cache/template/gzip.php?widgetkit-5f18ecb2-df137fcc.js | 200 OK Content-Length: 20744 Content-Type: application/x-javascript | clean |
http://city.waverlyia.com/cache/template/gzip.php?template-9b1d0d02.js | 200 OK Content-Length: 14235 Content-Type: application/x-javascript | clean |
http://city.waverlyia.com/templates/yoo_shelf/warp/js/search.js | 200 OK Content-Length: 4285 Content-Type: application/x-javascript | clean |