Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: warmandwonderfulweekdayweddings.com.au
Result:
HTTP/1.1 200 OK
Connection: close
Date: Sun, 05 Oct 2014 01:51:36 GMT
Accept-Ranges: bytes
ETag: "11a884d-10bf2-500f50071d180"
Server: Apache/2.4.10 (Unix) OpenSSL/0.9.8e-fips-rhel5 mod_bwlimited/1.4
Content-Length: 68594
Content-Type: text/html
Last-Modified: Tue, 19 Aug 2014 05:45:58 GMT
...68594 bytes of data.
GET / HTTP/1.1
Host: warmandwonderfulweekdayweddings.com.au
Result:
HTTP/1.1 200 OK
Connection: close
Date: Sun, 05 Oct 2014 01:51:36 GMT
Accept-Ranges: bytes
ETag: "11a884d-10bf2-500f50071d180"
Server: Apache/2.4.10 (Unix) OpenSSL/0.9.8e-fips-rhel5 mod_bwlimited/1.4
Content-Length: 68594
Content-Type: text/html
Last-Modified: Tue, 19 Aug 2014 05:45:58 GMT
...68594 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: warmandwonderfulweekdayweddings.com.au
Referer: http://www.google.com/search?q=warmandwonderfulweekdayweddings.com.au
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: warmandwonderfulweekdayweddings.com.au
Referer: http://www.google.com/search?q=warmandwonderfulweekdayweddings.com.au
Result:
The result is similar to the first query. There are no suspicious redirects found.
Scanned pages/files
Request | Server response | Status |
http://warmandwonderfulweekdayweddings.com.au/ | 200 OK Content-Length: 68594 Content-Type: text/html | clean |
http://warmandwonderfulweekdayweddings.com.au/javascripts.js | 200 OK Content-Length: 79 Content-Type: application/javascript | clean |
http://warmandwonderfulweekdayweddings.com.au/pop-closeup.js | 200 OK Content-Length: 1202 Content-Type: application/javascript | clean |
http://warmandwonderfulweekdayweddings.com.au/mouseover.js | 200 OK Content-Length: 558 Content-Type: application/javascript | clean |
http://warmandwonderfulweekdayweddings.com.au/menu.js | 200 OK Content-Length: 2044 Content-Type: application/javascript | clean |
http://warmandwonderfulweekdayweddings.com.au/header.js | 200 OK Content-Length: 1305 Content-Type: application/javascript | clean |
http://localtimes.info/clock.php?cp3_Hex=FFB200&cp2_Hex=FFFFFF&cp1_Hex=08727A&fwdt=240&ham=0&hbg=1&hfg=0&sid=0&mon=0&wek=0&wkf=0&sep=0&continent=Oceania&country=Australia&province=Queensland&city=Brisbane&widget_number=1100 | 200 OK Content-Length: 1353 Content-Type: application/x-javascript | clean |
http://warmandwonderfulweekdayweddings.com.au/sidebar.js | 200 OK Content-Length: 3529 Content-Type: application/javascript | clean |
http://warmandwonderfulweekdayweddings.com.au/copyright.js | 200 OK Content-Length: 291 Content-Type: application/javascript | clean |
http://warmandwonderfulweekdayweddings.com.au/privacy.js | 200 OK Content-Length: 247 Content-Type: application/javascript | clean |
http://warmandwonderfulweekdayweddings.com.au/sitemap.htm | 200 OK Content-Length: 10848 Content-Type: text/html | clean |
http://warmandwonderfulweekdayweddings.com.au/index.html | 200 OK Content-Length: 68594 Content-Type: text/html | clean |
http://warmandwonderfulweekdayweddings.com.au/file:///C:/Users/Jenny/CELEBRANT%20-%20Websites%20-%20Current/Website-WARM&WONDERFUL/Warm-files/compare.htm | 404 Not Found Content-Length: 420 Content-Type: text/html | clean |
http://warmandwonderfulweekdayweddings.com.au/test404page.js | 404 Not Found Content-Length: 331 Content-Type: text/html | clean |
http://warmandwonderfulweekdayweddings.com.au/elopement_weddings.htm | 200 OK Content-Length: 15699 Content-Type: text/html | clean |
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=warmandwonderfulweekdayweddings.com.au
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://warmandwonderfulweekdayweddings.com.au/
Result: warmandwonderfulweekdayweddings.com.au is not infected or malware details are not published yet.
Result: warmandwonderfulweekdayweddings.com.au is not infected or malware details are not published yet.