Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: webmicke.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Thu, 09 Apr 2015 04:43:21 GMT
Server: nginx/1.6.3
Content-Type: text/html
GET / HTTP/1.1
Host: webmicke.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Thu, 09 Apr 2015 04:43:21 GMT
Server: nginx/1.6.3
Content-Type: text/html
Second query (visit from search engine):
GET / HTTP/1.1
Host: webmicke.com
Referer: http://www.google.com/search?q=webmicke.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: webmicke.com
Referer: http://www.google.com/search?q=webmicke.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Scanned pages/files
| Request | Server response | Status |
http://goodness-direct.co.uk/ | HTTP/1.1 301 Moved Permanently Connection: close Date: Tue, 02 Sep 2014 21:02:17 GMT Location: http://www.goodnessdirect.co.uk/blog/ Server: Apache Vary: Accept-Encoding Content-Length: 245 Content-Type: text/html; charset=iso-8859-1 | malicious |
http://www.goodnessdirect.co.uk/blog/ | 200 OK Content-Length: 116968 Content-Type: text/html | clean |
http://www.goodnessdirect.co.uk/blog/wp-includes/js/jquery/jquery.js?ver=1.11.0 | 200 OK Content-Length: 96402 Content-Type: application/javascript | clean |
http://www.goodnessdirect.co.uk/blog/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.2.1 | 200 OK Content-Length: 7200 Content-Type: application/javascript | clean |
http://www.goodnessdirect.co.uk/blog/wp-content/plugins/jetpack/_inc/postmessage.js?ver=3.1.1 | 200 OK Content-Length: 19615 Content-Type: application/javascript | clean |
http://www.goodnessdirect.co.uk/blog/wp-content/plugins/jetpack/_inc/jquery.inview.js?ver=3.1.1 | 200 OK Content-Length: 5590 Content-Type: application/javascript | clean |
http://www.goodnessdirect.co.uk/blog/wp-content/plugins/jetpack/_inc/jquery.jetpack-resize.js?ver=3.1.1 | 200 OK Content-Length: 8104 Content-Type: application/javascript | clean |
http://www.goodnessdirect.co.uk/blog/wp-content/plugins/jetpack/_inc/spin.js?ver=1.3 | 200 OK Content-Length: 10197 Content-Type: application/javascript | clean |
http://www.goodnessdirect.co.uk/blog/wp-content/plugins/jetpack/_inc/jquery.spin.js?ver=1.3 | 200 OK Content-Length: 3330 Content-Type: application/javascript | clean |
http://www.goodnessdirect.co.uk/blog/wp-content/plugins/google-analyticator/external-tracking.min.js?ver=6.4.7.3 | 200 OK Content-Length: 1190 Content-Type: application/javascript | clean |
http://www.goodnessdirect.co.uk/blog/wp-content/themes/coraline/inc/jquery.js | 200 OK Content-Length: 246600 Content-Type: application/javascript | clean |
http://www.goodnessdirect.co.uk/blog/wp-content/plugins/jetpack/modules/infinite-scroll/infinity.js?ver=20140523 | 200 OK Content-Length: 19412 Content-Type: application/javascript | clean |
http://www.goodnessdirect.co.uk/blog/wp-content/plugins/jetpack/modules/shortcodes/js/jquery.cycle.js?ver=2.9999.8 | 200 OK Content-Length: 52470 Content-Type: application/javascript | clean |
http://www.goodnessdirect.co.uk/blog/wp-content/plugins/jetpack/modules/shortcodes/js/slideshow-shortcode.js?ver=20121214.1 | 200 OK Content-Length: 5554 Content-Type: application/javascript | clean |
http://s0.wp.com/wp-content/js/devicepx-jetpack.js?ver=201436 | 200 OK Content-Length: 9301 Content-Type: application/x-javascript | clean |
http://s.gravatar.com/js/gprofiles.js?ver=2014Sepaa | 200 OK Content-Length: 21442 Content-Type: application/x-javascript | clean |
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=goodness-direct.co.uk
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://goodness-direct.co.uk/
Result: goodness-direct.co.uk is not infected or malware details are not published yet.
Result: goodness-direct.co.uk is not infected or malware details are not published yet.