Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: himtimes.com
Result:
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Thu, 29 Jan 2015 23:11:35 GMT
Pragma: no-cache
Server: nginx/1.6.2
Content-Type: text/html; charset=UTF-8
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Set-Cookie: PHPSESSID=4cc48f5f02212958bff172e16d97e064; path=/
Set-Cookie: wfvt_2188125180=54cabe2777c67; expires=Thu, 29-Jan-2015 23:41:35 GMT; path=/; httponly
X-Powered-By: PHP/5.4.36
GET / HTTP/1.1
Host: himtimes.com
Result:
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Thu, 29 Jan 2015 23:11:35 GMT
Pragma: no-cache
Server: nginx/1.6.2
Content-Type: text/html; charset=UTF-8
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Set-Cookie: PHPSESSID=4cc48f5f02212958bff172e16d97e064; path=/
Set-Cookie: wfvt_2188125180=54cabe2777c67; expires=Thu, 29-Jan-2015 23:41:35 GMT; path=/; httponly
X-Powered-By: PHP/5.4.36
Second query (visit from search engine):
GET / HTTP/1.1
Host: himtimes.com
Referer: http://www.google.com/search?q=himtimes.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: himtimes.com
Referer: http://www.google.com/search?q=himtimes.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Scanned pages/files
| Request | Server response | Status |
http://himtimes.com/ | 200 OK Content-Length: 50432 Content-Type: text/html | clean |
http://himtimes.com/wp-includes/js/jquery/jquery.js | 200 OK Content-Length: 95807 Content-Type: application/javascript | clean |
http://himtimes.com/wp-includes/js/jquery/jquery-migrate.min.js | 200 OK Content-Length: 7200 Content-Type: application/javascript | clean |
http://himtimes.com/wp-content/plugins/facebook-page-photo-gallery/js/prettyPhoto/jquery.prettyPhoto.js | 200 OK Content-Length: 25542 Content-Type: application/javascript | clean |
http://himtimes.com/wp-content/plugins/facebook-page-photo-gallery/js/fppg.js | 200 OK Content-Length: 4866 Content-Type: application/javascript | clean |
http://himtimes.com/wp-content/plugins/advanced-social-widget/js/advanced-social-widget.js | 200 OK Content-Length: 1217 Content-Type: application/javascript | clean |
http://himtimes.com/wp-content/themes/wp-prosper-20/js/flexslider.js | 200 OK Content-Length: 27245 Content-Type: application/javascript | clean |
http://himtimes.com/wp-content/themes/wp-prosper-20/js/external.js | 200 OK Content-Length: 354 Content-Type: application/javascript | clean |
http://himtimes.com/wp-content/themes/wp-prosper-20/js/suckerfish.js | 200 OK Content-Length: 397 Content-Type: application/javascript | clean |
http://himtimes.com/wp-content/themes/wp-prosper-20/js/suckerfish-cat.js | 200 OK Content-Length: 397 Content-Type: application/javascript | clean |
http://himtimes.com//pagead2.googlesyndication.com/pagead/js/adsbygoogle.js/ | HTTP/1.1 301 Moved Permanently Cache-Control: no-cache, must-revalidate, max-age=0 Connection: close Date: Thu, 29 Jan 2015 23:11:43 GMT Pragma: no-cache Location: http://himtimes.com/pagead2.googlesyndication.com/pagead/js/adsbygoogle.js/ Server: nginx/1.6.2 Content-Length: 0 Content-Type: text/html; charset=UTF-8 Expires: Wed, 11 Jan 1984 05:00:00 GMT Set-Cookie: PHPSESSID=ebaa690ee97bfc34ae94a77a5d1e8cfd; path=/ Set-Cookie: wfvt_2188125180=54cabe2fbb6f6; expires=Thu, 29-Jan-2015 23:41:43 GMT; path=/; httponly X-Powered-By: PHP/5.4.36 | clean |
http://himtimes.com/pagead2.googlesyndication.com/pagead/js/adsbygoogle.js/ | 404 Not Found Content-Length: 35660 Content-Type: text/html | clean |
http://connect.facebook.net/en_US/all.js | 200 OK Content-Length: 161854 Content-Type: application/x-javascript | clean |
http://platform.twitter.com/widgets.js | 200 OK Content-Length: 113648 Content-Type: application/javascript | clean |
http://apis.google.com/js/plusone.js | 200 OK Content-Length: 12775 Content-Type: application/javascript | clean |
http://platform.linkedin.com/in.js | 200 OK Content-Length: 3768 Content-Type: text/javascript | clean |
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=himtimes.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://himtimes.com/
Result: himtimes.com is not infected or malware details are not published yet.
Result: himtimes.com is not infected or malware details are not published yet.