Scanned pages/files
Request | Server response | Status |
http://storysacks.spc.org/ | 200 OK Content-Length: 62333 Content-Type: text/html | suspicious |
Page code contains blacklisted domain: absolutehealth.co.nz <script type="text/javascript" src="http://absolutehealth.co.nz/email/040922/ydx3yg9r.php"></script><!DOCTYPE html> <!--[if IE 6]> <html id="ie6" lang="en-US"> <![endif]--> <!--[if IE 7]> <html id="ie7" lang="en-US"> <![endif]--> <!--[if IE 8]> <html id="ie8" lang="en-US"> <![endif]--> <!--[if !(IE 6) | !(IE 7) | !(IE 8) ]><!--> <html lang="en-US"> <!--<![end ...[4076 bytes skipped]... | ||
http://absolutehealth.co.nz/email/040922/ydx3yg9r.php | HTTP/1.1 302 Found Connection: close Date: Sun, 21 Dec 2014 22:16:52 GMT Location: http://www.absolutehealth.co.nz/email/040922/ydx3yg9r.php Server: Apache/1.3.33 Built by www.zeffie.com (Unix) Chili!Soft-ASP/3.6.2 mod_ssl/2.8.22 OpenSSL/0.9.7e PHP/4.4.4 mod_auth_pam_external/0.1 FrontPage/4.0.4.3 mod_perl/1.29 Content-Type: text/html; charset=iso-8859-1 | clean |
http://www.absolutehealth.co.nz/email/040922/ydx3yg9r.php | 200 OK Content-Length: 1 Content-Type: text/html | clean |
http://www.absolutehealth.co.nz/test404page.js | 404 Not Found Content-Length: 645 Content-Type: text/html | clean |
http://storysacks.spc.org/wp-includes/js/jquery/jquery.js?ver=1.10.2 | 200 OK Content-Length: 93085 Content-Type: application/javascript | clean |
http://storysacks.spc.org/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.2.1 | 200 OK Content-Length: 7200 Content-Type: application/javascript | clean |
http://storysacks.spc.org/wp-content/plugins/wp-miniaudioplayer/js/jquery.jplayer.min.js?ver=2.1.0 | 200 OK Content-Length: 49042 Content-Type: application/javascript | clean |
http://storysacks.spc.org/wp-content/plugins/wp-miniaudioplayer/js/jquery.mb.miniPlayer.js?ver=1.4.6 | 200 OK Content-Length: 42219 Content-Type: application/javascript | clean |
http://storysacks.spc.org/wp-content/plugins/weblibrarian/js/front.js?ver=3.2.9.9 | 200 OK Content-Length: 1785 Content-Type: application/javascript | clean |
http://89.161.215.28/nn8khgvb.php | 200 OK Content-Length: 1 Content-Type: text/html | clean |
http://s0.wp.com/wp-content/js/devicepx-jetpack.js?ver=201451 | 200 OK Content-Length: 9301 Content-Type: application/x-javascript | clean |
http://s.gravatar.com/js/gprofiles.js?ver=2014Decaa | 200 OK Content-Length: 21442 Content-Type: application/x-javascript | clean |
http://storysacks.spc.org/wp-content/plugins/jetpack/modules/wpgroho.js?ver=3.8.5 | 200 OK Content-Length: 930 Content-Type: application/javascript | clean |
http://stats.wordpress.com/e-201451.js | 200 OK Content-Length: 2332 Content-Type: application/x-javascript | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: storysacks.spc.org
Result:
HTTP/1.1 200 OK
Connection: close
Date: Sun, 21 Dec 2014 22:16:47 GMT
Server: Apache/2.2.29 (Unix) mod_ssl/2.2.29 OpenSSL/1.0.1e-fips DAV/2 mod_mono/2.6.3 mod_jk/1.2.37 mod_bwlimited/1.4 mod_perl/2.0.8 Perl/v5.10.1
Content-Type: text/html
X-Powered-By: PHP/5.4.35
GET / HTTP/1.1
Host: storysacks.spc.org
Result:
HTTP/1.1 200 OK
Connection: close
Date: Sun, 21 Dec 2014 22:16:47 GMT
Server: Apache/2.2.29 (Unix) mod_ssl/2.2.29 OpenSSL/1.0.1e-fips DAV/2 mod_mono/2.6.3 mod_jk/1.2.37 mod_bwlimited/1.4 mod_perl/2.0.8 Perl/v5.10.1
Content-Type: text/html
X-Powered-By: PHP/5.4.35
Second query (visit from search engine):
GET / HTTP/1.1
Host: storysacks.spc.org
Referer: http://www.google.com/search?q=storysacks.spc.org
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: storysacks.spc.org
Referer: http://www.google.com/search?q=storysacks.spc.org
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=storysacks.spc.org
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://storysacks.spc.org/
Result: storysacks.spc.org is not infected or malware details are not published yet.
Result: storysacks.spc.org is not infected or malware details are not published yet.