Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: wwgc.org
Result:
HTTP/1.1 301 Moved Permanently
Date: Mon, 29 Sep 2014 22:34:49 GMT
Location: http://www.willowwaterhole.org/
Server: Microsoft-IIS/7.5
Content-Length: 154
Content-Type: text/html; charset=UTF-8
X-Powered-By: ASP.NET
...154 bytes of data.
GET / HTTP/1.1
Host: wwgc.org
Result:
HTTP/1.1 301 Moved Permanently
Date: Mon, 29 Sep 2014 22:34:49 GMT
Location: http://www.willowwaterhole.org/
Server: Microsoft-IIS/7.5
Content-Length: 154
Content-Type: text/html; charset=UTF-8
X-Powered-By: ASP.NET
...154 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: wwgc.org
Referer: http://www.google.com/search?q=wwgc.org
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: wwgc.org
Referer: http://www.google.com/search?q=wwgc.org
Result:
The result is similar to the first query. There are no suspicious redirects found.
Scanned pages/files
| Request | Server response | Status |
http://wwgc.org/ | HTTP/1.1 301 Moved Permanently Date: Mon, 29 Sep 2014 22:34:49 GMT Location: http://www.willowwaterhole.org/ Server: Microsoft-IIS/7.5 Content-Length: 154 Content-Type: text/html; charset=UTF-8 X-Powered-By: ASP.NET | clean |
http://www.willowwaterhole.org/ | 200 OK Content-Length: 39073 Content-Type: text/html | clean |
http://www.willowwaterhole.org//use.typekit.net/ik/6613f9ZRDdkT0wqEOm-DRolGkJxDICBnd0xmwH3nxZCfeTj2fFHN4UJLFRbh52jhWD9DjAJUw2SuZQsKw26oFQbXZQbhF2StZyTUiaiaO1iTdeUziaiyiemk-eNCZPozScSCih8CdeNaihBXZW4GdhU8OcNkZkUkZAtldA8Xjhy8de3lZ1sCwkoDSWmyScmDSeBRZPoRdhXCHKokZAtldA8Xjhy8de3lZ1sCwkoDSWmyScmDSeBRZPoRdhXK2YgkdayTdAIldcNhjPJPjAszjc9lZhBkjAuzdcblSY4zH6qJ73IbMg6gJMJ7fbKzMsMMeMb6MKG4f5J7IMMjMkMfH6qJK6IbM <span>...245 symbols skipped</span> | 404 Not Found Content-Length: 29658 Content-Type: text/html | clean |
https://static.squarespace.com/static/ta/52a74d9ae4b0253945d2aee9/865/scripts/combo/?site.js&helpers.js&sticky.js | 200 OK Content-Length: 12323 Content-Type: application/javascript | clean |
http://www.willowwaterhole.org/whoweare/ | 200 OK Content-Length: 39331 Content-Type: text/html | clean |
http://www.willowwaterhole.org/what-we-do/ | 200 OK Content-Length: 35696 Content-Type: text/html | clean |
http://www.willowwaterhole.org/projects/ | 200 OK Content-Length: 32767 Content-Type: text/html | clean |
http://www.willowwaterhole.org/news/ | 200 OK Content-Length: 31995 Content-Type: text/html | clean |
http://www.willowwaterhole.org/events/ | 200 OK Content-Length: 52249 Content-Type: text/html | clean |
http://www.willowwaterhole.org/contact/ | 200 OK Content-Length: 37930 Content-Type: text/html | clean |
http://www.willowwaterhole.org/take-action/ | 200 OK Content-Length: 39159 Content-Type: text/html | clean |
http://www.willowwaterhole.org/s/Tribute_Form.pdf | HTTP/1.1 302 Found Connection: close Date: Mon, 29 Sep 2014 22:34:40 GMT ETag: W/"5e2f525aa8a34f8313c3f481d0aee53a" Location: http://static.squarespace.com/static/53ab1075e4b089544e46478f/t/53d1462ce4b0ec2e7fcc4677/1406223916667/Tribute_Form.pdf Content-Type: application/octet-stream Expires: Thu, 01 Jan 1970 00:00:00 GMT Set-Cookie: JSESSIONID=10e62mn7ytj6h11d5syq9w8zjs;Path=/;HttpOnly Set-Cookie: crumb=6664acc8ce;Path=/ Set-Cookie: SS_MID=81b1196d-0ee4-4ca0-9e07-ac62593032e5i0oe92x1;Path=/;Domain=.willowwaterhole.org;Expires=Thu, 26-Sep-2024 22:34:40 GMT X-ContextId: o0YcRadv/I0uRPKVC X-PC-Hit: false X-PC-Key: uYh9tHByuqXEIg4pS3DSsbYA4qk-ren-mitchell-ftl3 X-ServedBy: ny1-prod6-web034.int.peer1.squarespace.net X-Via: 1.1 nyc-echo05.int.peer1.squarespace.net | clean |
http://static.squarespace.com/static/53ab1075e4b089544e46478f/t/53d1462ce4b0ec2e7fcc4677/1406223916667/tribute_form.pdf | 200 OK Content-Length: 69071 Content-Type: application/pdf | clean |
http://static.squarespace.com/test404page.js | 404 Not Found Content-Length: 1951 Content-Type: text/html | clean |
http://static.squarespace.com//static.squarespace.com/universal/scripts-compressed/common-60a6ce53cded767b049ce295e614f4e6-min.js/ | 404 Not Found Content-Length: 1951 Content-Type: text/html | clean |
http://static.squarespace.com//static.squarespace.com/universal/scripts-compressed/dialog-e661e9447018f366ae3fe6a7fbd4c731-min.js/ | 404 Not Found Content-Length: 1951 Content-Type: text/html | clean |
http://static.squarespace.com//static.squarespace.com/universal/scripts-compressed/system-page-2ebac7aa2171ecf20f35aefc5c77aee1-min.js/ | 404 Not Found Content-Length: 1951 Content-Type: text/html | clean |
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=wwgc.org
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://wwgc.org/
Result: wwgc.org is not infected or malware details are not published yet.
Result: wwgc.org is not infected or malware details are not published yet.