Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: happyhourdowntownla.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Fri, 10 Oct 2014 02:25:51 GMT
Accept-Ranges: bytes
ETag: "6c29259-127ba-b1064e00"
Server: Apache/2.2.3 (CentOS)
Content-Length: 75706
Content-Type: text/html; charset=UTF-8
Last-Modified: Mon, 23 Jun 2014 07:21:28 GMT
...75706 bytes of data.
GET / HTTP/1.1
Host: happyhourdowntownla.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Fri, 10 Oct 2014 02:25:51 GMT
Accept-Ranges: bytes
ETag: "6c29259-127ba-b1064e00"
Server: Apache/2.2.3 (CentOS)
Content-Length: 75706
Content-Type: text/html; charset=UTF-8
Last-Modified: Mon, 23 Jun 2014 07:21:28 GMT
...75706 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: happyhourdowntownla.com
Referer: http://www.google.com/search?q=happyhourdowntownla.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: happyhourdowntownla.com
Referer: http://www.google.com/search?q=happyhourdowntownla.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Scanned pages/files
| Request | Server response | Status |
http://happyhourdowntownla.com/ | 200 OK Content-Length: 75706 Content-Type: text/html | clean |
http://happyhourdowntownla.com/static/js/analytics.js | 404 Not Found Content-Length: 308 Content-Type: text/html | clean |
http://happyhourdowntownla.com/test404page.js | 404 Not Found Content-Length: 300 Content-Type: text/html | clean |
http://www.kingsky.info/engcl82.js | 200 OK Content-Length: 550 Content-Type: application/x-javascript | clean |
http://happyhourdowntownla.com/wp-includes/js/jquery/jquery.js?ver=1.7.1 | 200 OK Content-Length: 94181 Content-Type: application/x-javascript | clean |
http://happyhourdowntownla.com/wp-content/themes/DesignStyle/lib/js/superfish.js?ver=3.3.1 | 200 OK Content-Length: 4066 Content-Type: application/x-javascript | clean |
http://happyhourdowntownla.com/wp-content/plugins/get-post-list-with-thumbnails/ajaxhandlergplwt.js | 200 OK Content-Length: 1522 Content-Type: application/x-javascript | clean |
http://happyhourdowntownla.com/wp-content/themes/DesignStyle/includes/featuredposts/scripts/jquery.cycle.all.js | 200 OK Content-Length: 51772 Content-Type: application/x-javascript | clean |
http://pagead2.googlesyndication.com/pagead/show_ads.js | 200 OK Content-Length: 21308 Content-Type: text/javascript | clean |
http://happyhourdowntownla.com/wp-content/plugins/pinterest-pin-it-button/js/pin-it-button-user-selects-image.js | 200 OK Content-Length: 676 Content-Type: application/x-javascript | clean |
http://happyhourdowntownla.com/wp-content/plugins/pinterest-pin-it-button/js/pin-it-button-user-selects-image-assets.js | 200 OK Content-Length: 1850 Content-Type: application/x-javascript | clean |
http://platform.twitter.com/widgets.js?ver=23 | 200 OK Content-Length: 105935 Content-Type: application/javascript | clean |
http://happyhourdowntownla.com/wp-content/plugins/wp-slimstat/wp-slimstat.js?ver=3.3.1 | 200 OK Content-Length: 7003 Content-Type: application/x-javascript | clean |
http://happyhourdowntownla.com/wp-includes/js/hoverIntent.js?ver=20090102 | 200 OK Content-Length: 1626 Content-Type: application/x-javascript | clean |
http://happyhourdowntownla.com/wp-content/plugins/wp-email/email-js.js?ver=2.50 | 200 OK Content-Length: 4976 Content-Type: application/x-javascript | clean |
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=happyhourdowntownla.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://happyhourdowntownla.com/
Result: happyhourdowntownla.com is not infected or malware details are not published yet.
Result: happyhourdowntownla.com is not infected or malware details are not published yet.