Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: haytour.info
Result:
HTTP/1.1 200 OK
Connection: close
Date: Thu, 17 Jul 2014 20:28:12 GMT
Server: Apache
Content-Type: text/html; charset=UTF-8
Set-Cookie: __utmfr=648; expires=Thu, 24-Jul-2014 20:28:12 GMT; path=/
Set-Cookie: _icl_current_language=en; expires=Fri, 18-Jul-2014 20:28:12 GMT; path=/
X-Powered-By: PHP/5.2.17
GET / HTTP/1.1
Host: haytour.info
Result:
HTTP/1.1 200 OK
Connection: close
Date: Thu, 17 Jul 2014 20:28:12 GMT
Server: Apache
Content-Type: text/html; charset=UTF-8
Set-Cookie: __utmfr=648; expires=Thu, 24-Jul-2014 20:28:12 GMT; path=/
Set-Cookie: _icl_current_language=en; expires=Fri, 18-Jul-2014 20:28:12 GMT; path=/
X-Powered-By: PHP/5.2.17
Second query (visit from search engine):
GET / HTTP/1.1
Host: haytour.info
Referer: http://www.google.com/search?q=haytour.info
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: haytour.info
Referer: http://www.google.com/search?q=haytour.info
Result:
The result is similar to the first query. There are no suspicious redirects found.
Scanned pages/files
Request | Server response | Status |
http://www.haytour.info/ | HTTP/1.1 301 Moved Permanently Connection: close Date: Thu, 17 Jul 2014 20:28:11 GMT Location: http://haytour.info/ Server: Apache Content-Length: 0 Content-Type: text/html; charset=UTF-8 Set-Cookie: __utmfr=394; expires=Thu, 24-Jul-2014 20:28:11 GMT; path=/ Set-Cookie: _icl_current_language=en; expires=Fri, 18-Jul-2014 20:28:11 GMT; path=/ X-Powered-By: PHP/5.2.17 | clean |
http://haytour.info/ | 200 OK Content-Length: 32511 Content-Type: text/html | clean |
http://haytour.info/wp-content/themes/main/js/jquery-1.8.3.min.js | 200 OK Content-Length: 93636 Content-Type: application/x-javascript | clean |
http://haytour.info/wp-content/plugins/styles-with-shortcodes//js/sws_frontend.js | 200 OK Content-Length: 530 Content-Type: application/x-javascript | clean |
http://haytour.info/wp-content/plugins/jquery-vertical-accordion-menu/js/jquery.hoverIntent.minified.js | 200 OK Content-Length: 1614 Content-Type: application/x-javascript | clean |
http://haytour.info/wp-content/plugins/jquery-vertical-accordion-menu/js/jquery.cookie.js | 200 OK Content-Length: 4341 Content-Type: application/x-javascript | clean |
http://haytour.info/wp-content/plugins/jquery-vertical-accordion-menu/js/jquery.dcjqaccordion.2.9.js | 200 OK Content-Length: 6982 Content-Type: application/x-javascript | clean |
http://haytour.info/wp-content/plugins/wp-forecast/wpf_update.js | 403 Forbidden Content-Length: 365 Content-Type: text/html | clean |
http://haytour.info/test404page.js | 404 Not Found Content-Length: 1363 Content-Type: text/html | clean |
http://haytour.info/wp-content/themes/main/js/jquery.tools.tabs.min.js | 200 OK Content-Length: 4045 Content-Type: application/x-javascript | clean |
http://haytour.info/wp-content/themes/main/js/jquery.colorbox.js | 200 OK Content-Length: 26016 Content-Type: application/x-javascript | clean |
http://haytour.info/wp-includes/js/swfobject.js | 200 OK Content-Length: 10231 Content-Type: application/x-javascript | clean |
http://haytour.info/wp-content/themes/main/js/jquery.nav.js | 200 OK Content-Length: 6682 Content-Type: application/x-javascript | clean |
http://haytour.info/wp-content/themes/main/js/custom.js | 200 OK Content-Length: 29143 Content-Type: application/x-javascript | clean |
http://haytour.info/wp-content/themes/main/js/jquery.easing.1.3.js | 200 OK Content-Length: 8097 Content-Type: application/x-javascript | clean |
http://haytour.info/wp-content/themes/main/js/jquery.kwicks.min.js | 200 OK Content-Length: 6027 Content-Type: application/x-javascript | clean |
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=haytour.info
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://haytour.info/
Result: haytour.info is not infected or malware details are not published yet.
Result: haytour.info is not infected or malware details are not published yet.