Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: nurser.org
Result:
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Sat, 13 Sep 2014 17:27:24 GMT
Pragma: no-cache
Server: Apache/2.4.10 (Unix) OpenSSL/1.0.1e-fips mod_bwlimited/1.4
Content-Type: text/html; charset=UTF-8
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Set-Cookie: PHPSESSID=4e035635d4a2c7c19afadb95d9e5b1f3; path=/
X-Frame-Options: GOFORIT
X-Pingback: http://nurser.org/xmlrpc.php
X-Powered-By: PHP/5.4.32
GET / HTTP/1.1
Host: nurser.org
Result:
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Sat, 13 Sep 2014 17:27:24 GMT
Pragma: no-cache
Server: Apache/2.4.10 (Unix) OpenSSL/1.0.1e-fips mod_bwlimited/1.4
Content-Type: text/html; charset=UTF-8
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Set-Cookie: PHPSESSID=4e035635d4a2c7c19afadb95d9e5b1f3; path=/
X-Frame-Options: GOFORIT
X-Pingback: http://nurser.org/xmlrpc.php
X-Powered-By: PHP/5.4.32
Second query (visit from search engine):
GET / HTTP/1.1
Host: nurser.org
Referer: http://www.google.com/search?q=nurser.org
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: nurser.org
Referer: http://www.google.com/search?q=nurser.org
Result:
The result is similar to the first query. There are no suspicious redirects found.
Scanned pages/files
| Request | Server response | Status |
http://www.nurser.org/ | HTTP/1.1 301 Moved Permanently Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Connection: close Date: Sat, 13 Sep 2014 17:27:23 GMT Pragma: no-cache Location: http://nurser.org/ Server: Apache/2.4.10 (Unix) OpenSSL/1.0.1e-fips mod_bwlimited/1.4 Content-Length: 0 Content-Type: text/html; charset=UTF-8 Expires: Thu, 19 Nov 1981 08:52:00 GMT Set-Cookie: PHPSESSID=4318f4945808261a861f0a23e0de1d0c; path=/ X-Frame-Options: GOFORIT X-Pingback: http://nurser.org/xmlrpc.php X-Powered-By: PHP/5.4.32 | clean |
http://nurser.org/ | 200 OK Content-Length: 89502 Content-Type: text/html | clean |
http://nurser.org/wp-includes/js/jquery/jquery.js?ver=1.10.2 | 200 OK Content-Length: 93085 Content-Type: application/javascript | clean |
http://nurser.org/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.2.1 | 200 OK Content-Length: 7200 Content-Type: application/javascript | clean |
http://nurser.org/wp-content/plugins/sick-network-child/js/tracker.js?ver=3.8.1 | 200 OK Content-Length: 1670 Content-Type: application/javascript | clean |
http://nurser.org/wp-content/themes/twentyfourteen/js/functions.js?ver=20131209 | 200 OK Content-Length: 3380 Content-Type: application/javascript | clean |
http://www.nurser.org/?pagenum=1 | HTTP/1.1 301 Moved Permanently Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Connection: close Date: Sat, 13 Sep 2014 17:27:28 GMT Pragma: no-cache Location: http://nurser.org/?pagenum=1 Server: Apache/2.4.10 (Unix) OpenSSL/1.0.1e-fips mod_bwlimited/1.4 Content-Length: 0 Content-Type: text/html; charset=UTF-8 Expires: Thu, 19 Nov 1981 08:52:00 GMT Set-Cookie: PHPSESSID=686de5f197608aba31bf3c842ff4dc5f; path=/ X-Frame-Options: GOFORIT X-Pingback: http://nurser.org/xmlrpc.php X-Powered-By: PHP/5.4.32 | clean |
http://nurser.org/?pagenum=1 | 200 OK Content-Length: 89532 Content-Type: text/html | clean |
http://nurser.org/category/treatment | 404 Not Found Content-Length: 447 Content-Type: text/html | clean |
http://nurser.org/test404page.js | 404 Not Found Content-Length: 443 Content-Type: text/html | clean |
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=nurser.org
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://nurser.org/
Result: nurser.org is not infected or malware details are not published yet.
Result: nurser.org is not infected or malware details are not published yet.