Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: whatsyourdeal.com
Result:
GET / HTTP/1.1
Host: whatsyourdeal.com
Result:
Second query (visit from search engine):
GET / HTTP/1.1
Host: whatsyourdeal.com
Referer: http://www.google.com/search?q=whatsyourdeal.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: whatsyourdeal.com
Referer: http://www.google.com/search?q=whatsyourdeal.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Scanned pages/files
| Request | Server response | Status |
http://www.whatsyourdeal.com/ | 200 OK Content-Length: 42624 Content-Type: text/html | clean |
http://www.whatsyourdeal.com/funclib.js | 200 OK Content-Length: 13017 Content-Type: application/x-javascript | clean |
http://www.whatsyourdeal.com/scripts/img-swapper.js | 200 OK Content-Length: 1087 Content-Type: application/x-javascript | clean |
http://www.whatsyourdeal.com/scripts/AC_RunActiveContent.js | 200 OK Content-Length: 9658 Content-Type: application/x-javascript | clean |
http://www.whatsyourdeal.com/spry/SpryAccordion.js | 200 OK Content-Length: 14397 Content-Type: application/x-javascript | clean |
http://www.whatsyourdeal.com/scripts/AC_ActiveX.js | 200 OK Content-Length: 2057 Content-Type: application/x-javascript | clean |
http://web.archive.org/web/20110718035236js_/http://www.whatsyourdeal.com/swfobject.js | HTTP/1.1 302 Moved Temporarily Connection: close Date: Sun, 05 Oct 2014 04:52:34 GMT Location: /web/20110718035209js_/http://www.whatsyourdeal.com/swfobject.js Server: Tengine/2.0.3 Content-Type: application/x-javascript Link: <http://www.whatsyourdeal.com/swfobject.js>; rel="original" Set-Cookie: wayback_server=59; Domain=archive.org; Path=/; Expires=Tue, 04-Nov-14 04:52:34 GMT; Set-Cookie: wb_total_perf=33; Expires=Sun, 05-Oct-2014 04:53:34 GMT; Path=/web/20110718035236js_/http://www.whatsyourdeal.com/swfobject.js X-Archive-Playback: 0 X-Archive-Wayback-Perf: [IndexLoad: 31, IndexQueryTotal: 31, Total: 33] X-Page-Cache: MISS | clean |
http://web.archive.org/web/20110718035209js_/http://www.whatsyourdeal.com/swfobject.js | 200 OK Content-Length: 10551 Content-Type: application/x-javascript | clean |
http://www.whatsyourdeal.com/scripts/loginlib.js | 200 OK Content-Length: 5220 Content-Type: application/x-javascript | clean |
http://www.whatsyourdeal.com/online-stores.html | 200 OK Content-Length: 22149 Content-Type: text/html | clean |
http://www.whatsyourdeal.com/categories.php | 200 OK Content-Length: 14792 Content-Type: text/html | clean |
http://www.whatsyourdeal.com/online-coupons-all.html | 200 OK Content-Length: 28398 Content-Type: text/html | clean |
http://www.whatsyourdeal.com/scripts/jquery.js | 200 OK Content-Length: 92641 Content-Type: application/x-javascript | clean |
http://www.whatsyourdeal.com/clearance.php | 200 OK Content-Length: 222508 Content-Type: text/html | clean |
http://www.whatsyourdeal.com/grocery-coupons/ | HTTP/1.1 301 Moved Permanently Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Connection: close Date: Sun, 05 Oct 2014 04:52:53 GMT Pragma: no-cache Location: http://whatsyourdeal.com/grocery-coupons/ Server: Apache/2.2 Content-Length: 0 Content-Type: text/html; charset=UTF-8 Expires: Thu, 19 Nov 1981 08:52:00 GMT Set-Cookie: X-Mapping-kgmggapi=B6CE370DC17B3AB3605A5E9686EA0427; path=/ Set-Cookie: PHPSESSID=mquv529bhtetn3d93l3i7fr0i5; path=/ X-Pingback: http://whatsyourdeal.com/grocery-coupons/xmlrpc.php | clean |
http://whatsyourdeal.com/grocery-coupons/ | 200 OK Content-Length: 125245 Content-Type: text/html | clean |
http://whatsyourdeal.com/grocery-coupons/wp-includes/js/jquery/jquery.js?ver=1.11.0 | 200 OK Content-Length: 96402 Content-Type: application/x-javascript | clean |
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=whatsyourdeal.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://whatsyourdeal.com/
Result: whatsyourdeal.com is not infected or malware details are not published yet.
Result: whatsyourdeal.com is not infected or malware details are not published yet.