Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: luvemorleavem.com
Result:
HTTP/1.1 301 Moved Permanently
Connection: close
Date: Wed, 18 Jun 2014 02:42:20 GMT
Location: http://www.luvemorleavem.com/
Server: Apache
Content-Length: 237
Content-Type: text/html; charset=iso-8859-1
...237 bytes of data.
GET / HTTP/1.1
Host: luvemorleavem.com
Result:
HTTP/1.1 301 Moved Permanently
Connection: close
Date: Wed, 18 Jun 2014 02:42:20 GMT
Location: http://www.luvemorleavem.com/
Server: Apache
Content-Length: 237
Content-Type: text/html; charset=iso-8859-1
...237 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: luvemorleavem.com
Referer: http://www.google.com/search?q=luvemorleavem.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: luvemorleavem.com
Referer: http://www.google.com/search?q=luvemorleavem.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Scanned pages/files
Request | Server response | Status |
http://luvemorleavem.com/ | HTTP/1.1 301 Moved Permanently Connection: close Date: Wed, 18 Jun 2014 02:42:20 GMT Location: http://www.luvemorleavem.com/ Server: Apache Content-Length: 237 Content-Type: text/html; charset=iso-8859-1 | clean |
http://www.luvemorleavem.com/ | 200 OK Content-Length: 11785 Content-Type: text/html | clean |
http://www.luvemorleavem.com/files/includes/elements-default.js | 200 OK Content-Length: 1682 Content-Type: application/javascript | clean |
http://cdn.wibiya.com/Toolbars/dir_0000/Toolbar_344/Loader_344.js | 403 Forbidden Content-Length: 326 Content-Type: text/html | clean |
http://cdn.wibiya.com/test404page.js | 403 Forbidden Content-Length: 326 Content-Type: text/html | clean |
http://cdn.widgetserver.com/syndication/subscriber/InsertWidget.js | 500 Can't connect to cdn.widgetserver.com:80 (Bad hostname) Content-Length: 172 Content-Type: text/plain | clean |
http://luvemorleavem.com/files/includes/scripts-thumbseed2.js-sid-449-amp-textlocation-1-amp-thumbnailsize-0-amp-width-310-amp-height-200-amp-title-related-videos-amp-headertextcolor-.js | HTTP/1.1 301 Moved Permanently Connection: close Date: Wed, 18 Jun 2014 02:42:22 GMT Location: http://www.luvemorleavem.com/files/includes/scripts-thumbseed2.js-sid-449-amp-textlocation-1-amp-thumbnailsize-0-amp-width-310-amp-height-200-amp-title-related-videos-amp-headertextcolor-.js Server: Apache Content-Length: 398 Content-Type: text/html; charset=iso-8859-1 | clean |
http://www.luvemorleavem.com/files/includes/scripts-thumbseed2.js-sid-449-amp-textlocation-1-amp-thumbnailsize-0-amp-width-310-amp-height-200-amp-title-related-videos-amp-headertextcolor-.js | 200 OK Content-Length: 123333 Content-Type: application/javascript | clean |
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=luvemorleavem.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://luvemorleavem.com/
Result: luvemorleavem.com is not infected or malware details are not published yet.
Result: luvemorleavem.com is not infected or malware details are not published yet.