Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: silverseek.com
Result:
GET / HTTP/1.1
Host: silverseek.com
Result:
Second query (visit from search engine):
GET / HTTP/1.1
Host: silverseek.com
Referer: http://www.google.com/search?q=silverseek.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: silverseek.com
Referer: http://www.google.com/search?q=silverseek.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Scanned pages/files
Request | Server response | Status |
http://www.medehealth.com.au/ | HTTP/1.1 301 Moved Permanently Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Connection: close Date: Tue, 03 Jun 2014 14:26:20 GMT Pragma: no-cache Age: 0 Location: http://medehealth.com.au/ Vary: User-Agent Content-Type: text/html; charset=UTF-8 Expires: Thu, 19 Nov 1981 08:52:00 GMT Set-Cookie: PHPSESSID=0grf6imnmcl9bfvkpklvaomeu0; path=/ Set-Cookie: wfvt_212386383=538ddb071fe6e; expires=Tue, 03-Jun-2014 14:56:15 GMT; path=/; httponly X-Backend: wpaas_web_003 X-Cache: uncached X-Cacheable: NO:Not Cacheable X-Pingback: http://medehealth.com.au/xmlrpc.php | clean |
http://medehealth.com.au/ | 200 OK Content-Length: 40851 Content-Type: text/html | clean |
http://medehealth.com.au/wp-includes/js/jquery/jquery.js?ver=1.11.0 | 200 OK Content-Length: 96402 Content-Type: application/javascript | clean |
http://medehealth.com.au/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.2.1 | 200 OK Content-Length: 7200 Content-Type: application/javascript | clean |
http://medehealth.com.au/wp-content/plugins/LayerSlider/static/js/layerslider.kreaturamedia.jquery.js?ver=5.1.1 | HTTP/1.1 302 Found Connection: close Date: Tue, 03 Jun 2014 14:26:19 GMT Age: 35723 Location: http://quantsa.ru/?pw Content-Type: text/html; charset=iso-8859-1 X-Backend: wpaas_web_016 X-Cache: cached X-Cacheable: YES | clean |
http://quantsa.ru/?pw | HTTP/1.1 302 Moved Temporarily Cache-Control: max-age=0 Connection: close Date: Tue, 03 Jun 2014 14:26:30 GMT Pragma: no-cache Location: http://dinttitguqsp.eu/e/2055 Server: nginx Content-Length: 0 Content-Type: text/html; charset=utf-8 Expires: Thu, 21 Jul 1977 07:30:00 GMT Last-Modified: Tue, 03 Jun 2014 14:26:30 GMT Set-Cookie: 11e51=a%3A3%3A%7Bs%3A6%3A%22groups%22%3Ba%3A1%3A%7Bi%3A1%3Bi%3A1401805590%3B%7Ds%3A7%3A%22streams%22%3Ba%3A1%3A%7Bi%3A3%3Bi%3A1401805590%3B%7Ds%3A4%3A%22time%22%3Bi%3A1401805590%3B%7D; expires=Fri, 04-Jul-2014 14:26:30 GMT; path=/; domain=.quantsa.ru X-Powered-By: PHP/5.3.28 | clean |
http://dinttitguqsp.eu/e/2055 | HTTP/1.1 302 Found Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Connection: close Date: Tue, 03 Jun 2014 14:26:20 GMT Pragma: no-cache Location: http://fola.in/l/JOVVeu67MPZHUI5zfBP1awdJEt7 Server: nginx Content-Type: text/html; charset=utf-8 Expires: Thu, 19 Nov 1981 08:52:00 GMT Set-Cookie: phpsid=4ioi5a05himmqno3upgutrf537; path=/ X-Powered-By: PHP/5.3.10-1ubuntu3.4 | malicious |
http://fola.in/l/jovveu67mpzhui5zfbp1awdjet7 | HTTP/1.1 302 Moved Temporarily Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Connection: close Date: Tue, 03 Jun 2014 14:26:21 GMT Pragma: no-cache Location: /e/2 Server: nginx Content-Type: text/html; charset=utf-8 Expires: Thu, 19 Nov 1981 08:52:00 GMT Set-Cookie: phpsid=o5b24vm35j5g2f12csjhfonu76; path=/ X-Powered-By: PHP/5.3.10-1ubuntu3.4 | clean |
http://fola.in/e/2 | HTTP/1.1 302 Found Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Connection: close Date: Tue, 03 Jun 2014 14:26:21 GMT Pragma: no-cache Location: http://fola.in/l/KnDJbGKYvAqkKvv52FIRfxRTZXp Server: nginx Content-Type: text/html; charset=utf-8 Expires: Thu, 19 Nov 1981 08:52:00 GMT Set-Cookie: phpsid=k3q5uhf41ujqmf42cejkl35p03; path=/ X-Powered-By: PHP/5.3.10-1ubuntu3.4 | clean |
http://fola.in/l/kndjbgkyvaqkkvv52firfxrtzxp | HTTP/1.1 302 Moved Temporarily Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Connection: close Date: Tue, 03 Jun 2014 14:26:21 GMT Pragma: no-cache Location: /e/2 Server: nginx Content-Type: text/html; charset=utf-8 Expires: Thu, 19 Nov 1981 08:52:00 GMT Set-Cookie: phpsid=6mg1eeqg8gc1te7kqrij2ksjb7; path=/ X-Powered-By: PHP/5.3.10-1ubuntu3.4 | clean |
http://fola.in/test404page.js | 404 Not Found Content-Length: 13 Content-Type: text/html | clean |
http://medehealth.com.au/wp-content/plugins/LayerSlider/static/js/greensock.js?ver=1.11.2 | 200 OK Content-Length: 52295 Content-Type: application/javascript | clean |
http://medehealth.com.au/wp-content/plugins/LayerSlider/static/js/layerslider.transitions.js?ver=5.1.1 | 200 OK Content-Length: 21095 Content-Type: application/javascript | clean |
http://medehealth.com.au/wp-content/plugins/revslider/rs-plugin/js/jquery.themepunch.plugins.min.js?rev=4.3.6&ver=3.9.1 | 200 OK Content-Length: 85185 Content-Type: application/javascript | clean |
http://medehealth.com.au/wp-content/plugins/revslider/rs-plugin/js/jquery.themepunch.revolution.min.js?rev=4.3.6&ver=3.9.1 | 200 OK Content-Length: 100511 Content-Type: application/javascript | clean |
http://medehealth.com.au/wp-content/themes/medehealth/js/modernizr.js?ver=4.1.2 | HTTP/1.1 302 Found Connection: close Date: Tue, 03 Jun 2014 14:26:32 GMT Age: 32659 Location: http://quantsa.ru/?pw Content-Type: text/html; charset=iso-8859-1 X-Backend: wpaas_web_016 X-Cache: cached X-Cacheable: YES | clean |
http://medehealth.com.au/wp-content/themes/medehealth/js/svg-icons.js?ver=4.1.2 | HTTP/1.1 302 Found Connection: close Date: Tue, 03 Jun 2014 14:26:26 GMT Age: 35837 Location: http://quantsa.ru/?pw Content-Type: text/html; charset=iso-8859-1 X-Backend: wpaas_web_016 X-Cache: cached X-Cacheable: YES | clean |
http://medehealth.com.au/wp-content/plugins/google-analyticator/external-tracking.min.js?ver=6.4.7.3 | 200 OK Content-Length: 1190 Content-Type: application/javascript | clean |
http://medehealth.com.au/wp-content/themes/medehealth/assets/js/adapt.min.js | 200 OK Content-Length: 821 Content-Type: application/javascript | clean |
http://medehealth.com.au/wp-content/plugins/wysija-newsletters/js/validate/languages/jquery.validationEngine-en.js?ver=2.6.6 | 200 OK Content-Length: 11225 Content-Type: application/javascript | clean |
http://medehealth.com.au/wp-content/plugins/wysija-newsletters/js/validate/jquery.validationEngine.js?ver=2.6.6 | 200 OK Content-Length: 71745 Content-Type: application/javascript | clean |
http://medehealth.com.au/wp-content/plugins/wysija-newsletters/js/front-subscribers.js?ver=2.6.6 | 200 OK Content-Length: 3171 Content-Type: application/javascript | clean |
http://medehealth.com.au/wp-content/plugins/contact-form-7/includes/js/jquery.form.min.js?ver=3.50.0-2014.02.05 | 200 OK Content-Length: 16305 Content-Type: application/javascript | clean |
http://medehealth.com.au/wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=3.8.1 | 200 OK Content-Length: 9630 Content-Type: application/javascript | clean |
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=medehealth.com.au
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://medehealth.com.au/
Result: medehealth.com.au is not infected or malware details are not published yet.
Result: medehealth.com.au is not infected or malware details are not published yet.