Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: yallabye.ws
Result:
HTTP/1.1 200 OK
Connection: close
Date: Fri, 10 Oct 2014 01:35:45 GMT
Server: Apache/2.2.23 (Unix) mod_ssl/2.2.23 OpenSSL/1.0.1e-fips mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635
Content-Type: text/html; charset=UTF-8
X-Pingback: http://yallabye.ws/xmlrpc.php
X-Powered-By: PHP/5.2.17
GET / HTTP/1.1
Host: yallabye.ws
Result:
HTTP/1.1 200 OK
Connection: close
Date: Fri, 10 Oct 2014 01:35:45 GMT
Server: Apache/2.2.23 (Unix) mod_ssl/2.2.23 OpenSSL/1.0.1e-fips mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635
Content-Type: text/html; charset=UTF-8
X-Pingback: http://yallabye.ws/xmlrpc.php
X-Powered-By: PHP/5.2.17
Second query (visit from search engine):
GET / HTTP/1.1
Host: yallabye.ws
Referer: http://www.google.com/search?q=yallabye.ws
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: yallabye.ws
Referer: http://www.google.com/search?q=yallabye.ws
Result:
The result is similar to the first query. There are no suspicious redirects found.
Scanned pages/files
Request | Server response | Status |
http://yallabye.ws/ | 200 OK Content-Length: 12219 Content-Type: text/html | clean |
http://ajax.googleapis.com/ajax/libs/jquery/1.7.2/jquery.min.js | 200 OK Content-Length: 94840 Content-Type: text/javascript | clean |
http://yallabye.ws/feed/ | 200 OK Content-Length: 9192 Content-Type: text/xml | clean |
http://yallabye.ws/test404page.js | HTTP/1.1 301 Moved Permanently Connection: close Date: Fri, 10 Oct 2014 01:35:48 GMT Location: http://yallabye.ws Server: Apache/2.2.23 (Unix) mod_ssl/2.2.23 OpenSSL/1.0.1e-fips mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635 Content-Length: 0 Content-Type: text/html; charset=UTF-8 X-Pingback: http://yallabye.ws/xmlrpc.php X-Powered-By: PHP/5.2.17 | clean |
http://yallabye.ws/6/paula-patton-talks-about-robin-thickes-anatomy-blurred-lines-brag-is-accurate/ | 200 OK Content-Length: 11743 Content-Type: text/html | clean |
http://yallabye.ws/4/this-dynamic-robot-duo-is-making-solar-power-cheap-as-hell/ | 200 OK Content-Length: 9036 Content-Type: text/html | clean |
http://yallabye.ws/category/systematic/ | 200 OK Content-Length: 12506 Content-Type: text/html | clean |
http://yallabye.ws/4/this-dynamic-robot-duo-is-making-solar-power-cheap-as-hell/feed/ | 200 OK Content-Length: 913 Content-Type: text/xml | clean |
http://yallabye.ws/4/this-dynamic-robot-duo-is-making-solar-power-cheap-as-hell/trackback/ | HTTP/1.1 302 Moved Temporarily Connection: close Date: Fri, 10 Oct 2014 01:35:51 GMT Location: http://yallabye.ws/4/this-dynamic-robot-duo-is-making-solar-power-cheap-as-hell/ Server: Apache/2.2.23 (Unix) mod_ssl/2.2.23 OpenSSL/1.0.1e-fips mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635 Content-Length: 0 Content-Type: text/html; charset=UTF-8 Link: <http://yallabye.ws/?p=4>; rel=shortlink X-Pingback: http://yallabye.ws/xmlrpc.php X-Powered-By: PHP/5.2.17 | clean |
http://yallabye.ws/wp-login.php?redirect_to=http%3A%2F%2Fyallabye.ws%2F4%2Fthis-dynamic-robot-duo-is-making-solar-power-cheap-as-hell%2F | 200 OK Content-Length: 2321 Content-Type: text/html | clean |
http://yallabye.ws/wp-login.php?action=register | HTTP/1.1 302 Moved Temporarily Cache-Control: no-cache, must-revalidate, max-age=0 Connection: close Date: Fri, 10 Oct 2014 01:35:52 GMT Pragma: no-cache Location: http://yallabye.ws/wp-signup.php Server: Apache/2.2.23 (Unix) mod_ssl/2.2.23 OpenSSL/1.0.1e-fips mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635 Content-Length: 0 Content-Type: text/html; charset=UTF-8 Expires: Wed, 11 Jan 1984 05:00:00 GMT Last-Modified: Fri, 10 Oct 2014 01:35:53 GMT Set-Cookie: wordpress_test_cookie=WP+Cookie+check; path=/; domain=.yallabye.ws X-Frame-Options: SAMEORIGIN X-Powered-By: PHP/5.2.17 | clean |
http://yallabye.ws/wp-signup.php | 200 OK Content-Length: 4321 Content-Type: text/html | clean |
http://yallabye.ws/wp-login.php?action=lostpassword | 200 OK Content-Length: 1890 Content-Type: text/html | clean |
http://yallabye.ws/wp-login.php | 200 OK Content-Length: 2269 Content-Type: text/html | clean |
http://yallabye.ws/6/paula-patton-talks-about-robin-thickes-anatomy-blurred-lines-brag-is-accurate/feed/ | 200 OK Content-Length: 1006 Content-Type: text/xml | clean |
http://yallabye.ws/6/paula-patton-talks-about-robin-thickes-anatomy-blurred-lines-brag-is-accurate/trackback/ | HTTP/1.1 302 Moved Temporarily Connection: close Date: Fri, 10 Oct 2014 01:35:55 GMT Location: http://yallabye.ws/6/paula-patton-talks-about-robin-thickes-anatomy-blurred-lines-brag-is-accurate/ Server: Apache/2.2.23 (Unix) mod_ssl/2.2.23 OpenSSL/1.0.1e-fips mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635 Content-Length: 0 Content-Type: text/html; charset=UTF-8 Link: <http://yallabye.ws/?p=6>; rel=shortlink X-Pingback: http://yallabye.ws/xmlrpc.php X-Powered-By: PHP/5.2.17 | clean |
http://yallabye.ws/wp-login.php?redirect_to=http%3A%2F%2Fyallabye.ws%2F6%2Fpaula-patton-talks-about-robin-thickes-anatomy-blurred-lines-brag-is-accurate%2F | 200 OK Content-Length: 2340 Content-Type: text/html | clean |
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=yallabye.ws
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://yallabye.ws/
Result: yallabye.ws is not infected or malware details are not published yet.
Result: yallabye.ws is not infected or malware details are not published yet.