Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: utilitysoft.com
Result:
HTTP/1.1 301 Moved Permanently
Connection: close
Date: Sat, 04 Oct 2014 14:51:28 GMT
Location: http://utilitysoft.com/m2
Server: Apache/2.2.29 (Unix) mod_ssl/2.2.29 OpenSSL/0.9.8e-fips-rhel5 mod_bwlimited/1.4 PHP/5.3.29
Content-Length: 382
Content-Type: text/html; charset=iso-8859-1
...382 bytes of data.
GET / HTTP/1.1
Host: utilitysoft.com
Result:
HTTP/1.1 301 Moved Permanently
Connection: close
Date: Sat, 04 Oct 2014 14:51:28 GMT
Location: http://utilitysoft.com/m2
Server: Apache/2.2.29 (Unix) mod_ssl/2.2.29 OpenSSL/0.9.8e-fips-rhel5 mod_bwlimited/1.4 PHP/5.3.29
Content-Length: 382
Content-Type: text/html; charset=iso-8859-1
...382 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: utilitysoft.com
Referer: http://www.google.com/search?q=utilitysoft.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: utilitysoft.com
Referer: http://www.google.com/search?q=utilitysoft.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Scanned pages/files
Request | Server response | Status |
http://utilitysoft.com/ | HTTP/1.1 301 Moved Permanently Connection: close Date: Sat, 04 Oct 2014 14:51:28 GMT Location: http://utilitysoft.com/m2 Server: Apache/2.2.29 (Unix) mod_ssl/2.2.29 OpenSSL/0.9.8e-fips-rhel5 mod_bwlimited/1.4 PHP/5.3.29 Content-Length: 382 Content-Type: text/html; charset=iso-8859-1 | clean |
http://utilitysoft.com/m2 | HTTP/1.1 301 Moved Permanently Connection: close Date: Sat, 04 Oct 2014 14:51:29 GMT Location: http://utilitysoft.com/m2/ Server: Apache/2.2.29 (Unix) mod_ssl/2.2.29 OpenSSL/0.9.8e-fips-rhel5 mod_bwlimited/1.4 PHP/5.3.29 Content-Length: 383 Content-Type: text/html; charset=iso-8859-1 | clean |
http://utilitysoft.com/m2/ | 200 OK Content-Length: 23329 Content-Type: text/html | clean |
http://utilitysoft.com/m2/wp-includes/js/jquery/jquery.js?ver=1.7.1 | 200 OK Content-Length: 93889 Content-Type: application/javascript | clean |
http://utilitysoft.com/m2/wp-content/plugins/m-vslider/js/rslider.js | 200 OK Content-Length: 4266 Content-Type: application/javascript | clean |
http://utilitysoft.com/m2/wp-content/plugins/contact-form-7/jquery.form.js?ver=2.96 | 200 OK Content-Length: 29139 Content-Type: application/javascript | clean |
http://utilitysoft.com/m2/wp-content/plugins/contact-form-7/scripts.js?ver=3.1.1 | 200 OK Content-Length: 6208 Content-Type: application/javascript | clean |
http://utilitysoft.com/m2/wp-includes/js/jquery/ui/jquery.ui.core.min.js?ver=1.8.16 | 200 OK Content-Length: 4365 Content-Type: application/javascript | clean |
http://utilitysoft.com/m2/wp-includes/js/jquery/ui/jquery.ui.widget.min.js?ver=1.8.16 | 200 OK Content-Length: 3303 Content-Type: application/javascript | clean |
http://utilitysoft.com/m2/wp-includes/js/jquery/ui/jquery.ui.tabs.min.js?ver=1.8.16 | 200 OK Content-Length: 11632 Content-Type: application/javascript | clean |
http://utilitysoft.com/m2/blog-whats-new/ | 200 OK Content-Length: 46447 Content-Type: text/html | clean |
http://utilitysoft.com/m2/software/ | 200 OK Content-Length: 26812 Content-Type: text/html | clean |
http://utilitysoft.com/m2/point-of-sale-hardware/ | 200 OK Content-Length: 26765 Content-Type: text/html | clean |
http://utilitysoft.com/m2/35-2/ | 200 OK Content-Length: 25380 Content-Type: text/html | clean |
http://utilitysoft.com/m2/about-us/ | 200 OK Content-Length: 23515 Content-Type: text/html | clean |
http://utilitysoft.com/Restaurant_POS_Setup.PNG | 200 OK Content-Length: 281377 Content-Type: image/png | clean |
http://utilitysoft.com/test404page.js | 404 Not Found Content-Length: 480 Content-Type: text/html | clean |
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=utilitysoft.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://utilitysoft.com/
Result: utilitysoft.com is not infected or malware details are not published yet.
Result: utilitysoft.com is not infected or malware details are not published yet.