Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: hopewe.com
Result:
HTTP/1.1 301 Moved Permanently
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Tue, 03 Mar 2015 21:32:12 GMT
Pragma: no-cache
Location: http://www.hopewe.com/
Server: nginx admin
Content-Length: 0
Content-Type: text/html; charset=UTF-8
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Set-Cookie: PHPSESSID=0e1cbe3fb6f14b64fb2c360ee51eae49; path=/
Strict-Transport-Security: âmax-age=31536000â³
X-Cache: HIT from Backend
X-Pingback: http://www.hopewe.com/xmlrpc.php
X-Powered-By: PHP/5.4.29
...0 bytes of data.
GET / HTTP/1.1
Host: hopewe.com
Result:
HTTP/1.1 301 Moved Permanently
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Tue, 03 Mar 2015 21:32:12 GMT
Pragma: no-cache
Location: http://www.hopewe.com/
Server: nginx admin
Content-Length: 0
Content-Type: text/html; charset=UTF-8
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Set-Cookie: PHPSESSID=0e1cbe3fb6f14b64fb2c360ee51eae49; path=/
Strict-Transport-Security: âmax-age=31536000â³
X-Cache: HIT from Backend
X-Pingback: http://www.hopewe.com/xmlrpc.php
X-Powered-By: PHP/5.4.29
...0 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: hopewe.com
Referer: http://www.google.com/search?q=hopewe.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: hopewe.com
Referer: http://www.google.com/search?q=hopewe.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Scanned pages/files
| Request | Server response | Status |
http://hopewe.com/ | HTTP/1.1 301 Moved Permanently Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Connection: close Date: Tue, 03 Mar 2015 21:32:12 GMT Pragma: no-cache Location: http://www.hopewe.com/ Server: nginx admin Content-Length: 0 Content-Type: text/html; charset=UTF-8 Expires: Thu, 19 Nov 1981 08:52:00 GMT Set-Cookie: PHPSESSID=0e1cbe3fb6f14b64fb2c360ee51eae49; path=/ Strict-Transport-Security: âmax-age=31536000â³ X-Cache: HIT from Backend X-Pingback: http://www.hopewe.com/xmlrpc.php X-Powered-By: PHP/5.4.29 | clean |
http://www.hopewe.com/ | 200 OK Content-Length: 91340 Content-Type: text/html | clean |
http://www.hopewe.com/wp-includes/js/jquery/jquery.js | 200 OK Content-Length: 95807 Content-Type: application/javascript | clean |
http://www.hopewe.com/wp-includes/js/jquery/jquery-migrate.min.js | 200 OK Content-Length: 7200 Content-Type: application/javascript | clean |
http://xslt.alexa.com/site_stats/js/t/a?url=hopewe.com | 200 OK Content-Length: 3153 Content-Type: application/x-javascript | clean |
http://www.hopewe.com/wp-content/themes/WPgrosir/js/jquery.tools.min.js | 200 OK Content-Length: 142002 Content-Type: application/javascript | clean |
http://www.hopewe.com/wp-content/themes/WPgrosir/js/jquery.carouFredSel-5.6.1-packed.js | 200 OK Content-Length: 32288 Content-Type: application/javascript | clean |
http://www.hopewe.com/wp-content/themes/WPgrosir/js/jquery.jqzoom-core.js | 200 OK Content-Length: 31322 Content-Type: application/javascript | clean |
http://www.hopewe.com/wp-content/themes/WPgrosir/js/jcart.js | 200 OK Content-Length: 8787 Content-Type: application/javascript | clean |
http://www.hopewe.com/wp-content/themes/WPgrosir/js/jquery.chained.js | 200 OK Content-Length: 2849 Content-Type: application/javascript | clean |
http://www.hopewe.com/wp-content/themes/WPgrosir/js/core.js | 200 OK Content-Length: 5701 Content-Type: application/javascript | clean |
http://www.hopewe.com/wp-content/themes/WPgrosir/js/jquery.cookie.js | 200 OK Content-Length: 1828 Content-Type: application/javascript | clean |
http://hopewe.com/ymsgr:sendIM?fruitplant2012 | HTTP/1.1 301 Moved Permanently Cache-Control: no-cache, must-revalidate, max-age=0 Connection: close Date: Tue, 03 Mar 2015 21:32:30 GMT Pragma: no-cache Location: http://www.hopewe.com/ymsgr:sendIM?fruitplant2012 Server: nginx admin Content-Length: 0 Content-Type: text/html; charset=UTF-8 Expires: Wed, 11 Jan 1984 05:00:00 GMT Set-Cookie: PHPSESSID=4a950a20a5ccbdee1b7a6d5ac3838faa; path=/ Strict-Transport-Security: âmax-age=31536000â³ X-Cache: HIT from Backend X-Pingback: http://www.hopewe.com/xmlrpc.php X-Powered-By: PHP/5.4.29 | clean |
http://www.hopewe.com/ymsgr:sendim?fruitplant2012 | 404 Not Found Content-Length: 24532 Content-Type: text/html | clean |
http://www.hopewe.com/obat-pelangsing-badan-cepat/ | 200 OK Content-Length: 46498 Content-Type: text/html | clean |
http://www.hopewe.com/pembesar-payudara-cepat-kapsul-cream-vakum-alat-pembesar-payudara/ | 200 OK Content-Length: 31176 Content-Type: text/html | clean |
http://www.hopewe.com/obat-vakum-oil-alat-pembesar-penis-pria-cepat-permanen/ | 200 OK Content-Length: 52311 Content-Type: text/html | clean |
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=hopewe.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://hopewe.com/
Result: hopewe.com is not infected or malware details are not published yet.
Result: hopewe.com is not infected or malware details are not published yet.