Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: h-s.co.uk
Result:
HTTP/1.1 200 OK
Cache-Control: private
Date: Wed, 10 Sep 2014 03:23:28 GMT
Server: Microsoft-IIS/6.0
Content-Length: 23105
Content-Type: text/html
Set-Cookie: HSShoplang=numLanguageID=1; expires=Thu, 10-Sep-2015 03:23:26 GMT; path=/
Set-Cookie: HSShop=numCurrencyID=1; path=/
Set-Cookie: ASPSESSIONIDASDSBTRS=FJPOCPBDPIIEHENIPPCHDMNA; path=/
X-Powered-By: ASP.NET
...23105 bytes of data.
GET / HTTP/1.1
Host: h-s.co.uk
Result:
HTTP/1.1 200 OK
Cache-Control: private
Date: Wed, 10 Sep 2014 03:23:28 GMT
Server: Microsoft-IIS/6.0
Content-Length: 23105
Content-Type: text/html
Set-Cookie: HSShoplang=numLanguageID=1; expires=Thu, 10-Sep-2015 03:23:26 GMT; path=/
Set-Cookie: HSShop=numCurrencyID=1; path=/
Set-Cookie: ASPSESSIONIDASDSBTRS=FJPOCPBDPIIEHENIPPCHDMNA; path=/
X-Powered-By: ASP.NET
...23105 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: h-s.co.uk
Referer: http://www.google.com/search?q=h-s.co.uk
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: h-s.co.uk
Referer: http://www.google.com/search?q=h-s.co.uk
Result:
The result is similar to the first query. There are no suspicious redirects found.
Scanned pages/files
| Request | Server response | Status |
http://h-s.co.uk/ | 200 OK Content-Length: 23105 Content-Type: text/html | clean |
http://www.h-s.co.uk/js/global.js | 200 OK Content-Length: 8157 Content-Type: application/x-javascript | clean |
http://h-s.co.uk/special_offers_and_sale_items | 200 OK Content-Length: 28671 Content-Type: text/html | clean |
http://h-s.co.uk/wedding_gift_ideas | 200 OK Content-Length: 38983 Content-Type: text/html | clean |
http://h-s.co.uk/wedding_gift_ideas/sets_of_pewter_hip_flasks_with_free_engaving | 200 OK Content-Length: 102769 Content-Type: text/html | clean |
http://h-s.co.uk/wedding_gift_ideas/sets_of_pocket_watches_with_free_engraving | 200 OK Content-Length: 87929 Content-Type: text/html | clean |
http://h-s.co.uk/wedding_gift_ideas/paperweights_encapsulating_real_flowers | 200 OK Content-Length: 39735 Content-Type: text/html | clean |
http://h-s.co.uk/wedding_gift_ideas/carriage_clocks | 200 OK Content-Length: 43608 Content-Type: text/html | clean |
http://h-s.co.uk/wedding_gift_ideas/silver_photo_frames | 200 OK Content-Length: 31262 Content-Type: text/html | clean |
http://h-s.co.uk/wedding_gift_ideas/silver_place_settings | 200 OK Content-Length: 25466 Content-Type: text/html | clean |
http://h-s.co.uk/wedding_gift_ideas/wedding_cufflinks | 200 OK Content-Length: 28024 Content-Type: text/html | clean |
http://h-s.co.uk/wedding_gift_ideas/pewter_quaichs | 200 OK Content-Length: 35465 Content-Type: text/html | clean |
http://h-s.co.uk/pocket_watches_and_clocks | 200 OK Content-Length: 27801 Content-Type: text/html | clean |
http://h-s.co.uk/pocket_watches_and_clocks/gold_silver_chrome_plated_pocket_watches | 200 OK Content-Length: 21338 Content-Type: text/html | clean |
http://h-s.co.uk/pocket_watches_and_clocks/sterling_silver_and_solid_gold_pocket_watches | 200 OK Content-Length: 56209 Content-Type: text/html | clean |
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=h-s.co.uk
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://h-s.co.uk/
Result: h-s.co.uk is not infected or malware details are not published yet.
Result: h-s.co.uk is not infected or malware details are not published yet.