Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: 7879.ru
Result:
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Wed, 04 Mar 2015 08:09:22 GMT
Pragma: no-cache
Server: nginx/1.4.1
Content-Type: text/html; charset=utf-8
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Set-Cookie: PHPSESSID=20b0988ab678186010554d9b3bf97f50; path=/
Set-Cookie: YII_CSRF_TOKEN=b60dcaa92643b48864dd74388b9b2c70fe266137; path=/
X-Powered-By: PHP/5.2.17
GET / HTTP/1.1
Host: 7879.ru
Result:
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Wed, 04 Mar 2015 08:09:22 GMT
Pragma: no-cache
Server: nginx/1.4.1
Content-Type: text/html; charset=utf-8
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Set-Cookie: PHPSESSID=20b0988ab678186010554d9b3bf97f50; path=/
Set-Cookie: YII_CSRF_TOKEN=b60dcaa92643b48864dd74388b9b2c70fe266137; path=/
X-Powered-By: PHP/5.2.17
Second query (visit from search engine):
GET / HTTP/1.1
Host: 7879.ru
Referer: http://www.google.com/search?q=7879.ru
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: 7879.ru
Referer: http://www.google.com/search?q=7879.ru
Result:
The result is similar to the first query. There are no suspicious redirects found.
Scanned pages/files
| Request | Server response | Status |
http://7879.ru/ | 200 OK Content-Length: 27027 Content-Type: text/html | clean |
http://7879.ru/assets/196b954e/jquery.min.js | 200 OK Content-Length: 93636 Content-Type: application/javascript | clean |
http://7879.ru/assets/196b954e/jui/js/jquery-ui.min.js | 200 OK Content-Length: 237802 Content-Type: application/javascript | clean |
http://7879.ru/themes/classic/js/jquery.multiselect.min.js | 200 OK Content-Length: 13394 Content-Type: application/javascript | clean |
http://7879.ru/assets/4d0b440c/jquery.fancybox-1.3.4.pack.js | 200 OK Content-Length: 15071 Content-Type: application/javascript | clean |
http://7879.ru/assets/4d0b440c/jquery.mousewheel-3.0.4.pack.js | 200 OK Content-Length: 1907 Content-Type: application/javascript | clean |
http://7879.ru/min/serve/g?g=a765a1bed3ac79406d8cf20c6ebc89e6&lm=1425448492 | 200 OK Content-Length: 18322 Content-Type: application/x-javascript | clean |
http://7879.ru/themes/classic/js/slider/jquery.nivo.slider.pack.js | 200 OK Content-Length: 11500 Content-Type: application/javascript | clean |
http://7879.ru/min/serve/g?g=22017a7e5e9c09951abbdff6c148254d&lm=1422558214 | 200 OK Content-Length: 4006 Content-Type: application/x-javascript | clean |
http://7879.ru/guestad/add | 200 OK Content-Length: 31192 Content-Type: text/html | clean |
http://7879.ru/min/serve/g?g=26f1d5c74390b65fb89d76a574655dc2&lm=1423160996 | 200 OK Content-Length: 18650 Content-Type: application/x-javascript | clean |
http://7879.ru/contact-us | 200 OK Content-Length: 26788 Content-Type: text/html | clean |
http://7879.ru/min/serve/g?g=737dfe5fb9095cbfeb50b84413d2bd51&lm=1422899522 | 200 OK Content-Length: 17718 Content-Type: application/x-javascript | clean |
http://download.skype.com/share/skypebuttons/js/skypeCheck.js | 200 OK Content-Length: 21434 Content-Type: application/x-javascript | clean |
http://7879.ru/booking/request | 200 OK Content-Length: 32998 Content-Type: text/html | clean |
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=7879.ru
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://7879.ru/
Result: 7879.ru is not infected or malware details are not published yet.
Result: 7879.ru is not infected or malware details are not published yet.