Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: ardapey.com
Result:
HTTP/1.1 200 OK
Cache-Control: post-check=0, pre-check=0
Connection: close
Date: Fri, 22 Aug 2014 04:25:23 GMT
Pragma: no-cache
Server: Apache
Content-Type: text/html; charset=utf-8
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Fri, 22 Aug 2014 04:25:23 GMT
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Set-Cookie: 2bf80387fb5d111b618972663bb58449=cf0e8978480d1ee2b17356a4d7741b6a; path=/
X-Powered-By: PHP/5.2.17
GET / HTTP/1.1
Host: ardapey.com
Result:
HTTP/1.1 200 OK
Cache-Control: post-check=0, pre-check=0
Connection: close
Date: Fri, 22 Aug 2014 04:25:23 GMT
Pragma: no-cache
Server: Apache
Content-Type: text/html; charset=utf-8
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Fri, 22 Aug 2014 04:25:23 GMT
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Set-Cookie: 2bf80387fb5d111b618972663bb58449=cf0e8978480d1ee2b17356a4d7741b6a; path=/
X-Powered-By: PHP/5.2.17
Second query (visit from search engine):
GET / HTTP/1.1
Host: ardapey.com
Referer: http://www.google.com/search?q=ardapey.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: ardapey.com
Referer: http://www.google.com/search?q=ardapey.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Scanned pages/files
Request | Server response | Status |
http://ardapey.com/ | 200 OK Content-Length: 55118 Content-Type: text/html | clean |
http://ardapey.com/media/system/js/caption.js | 200 OK Content-Length: 1721 Content-Type: application/javascript | clean |
http://ardapey.com/plugins/content/ja_tabs/ja.tabs.js | 200 OK Content-Length: 15124 Content-Type: application/javascript | clean |
http://ardapey.com/plugins/system/rokbox/rokbox.js | 200 OK Content-Length: 22076 Content-Type: application/javascript | clean |
http://ardapey.com/plugins/system/rokbox/themes/light/rokbox-config.js | 200 OK Content-Length: 2598 Content-Type: application/javascript | clean |
http://www.ardapey.com/modules/mod_yoo_carousel/mod_yoo_carousel.js | 200 OK Content-Length: 2444 Content-Type: application/javascript | clean |
http://www.ardapey.com/modules/mod_yj_pop_login/src/yj_login_pop.js | 200 OK Content-Length: 1522 Content-Type: application/javascript | clean |
http://www.ardapey.com/plugins/system/emiIE6warning/ie6_script_other.js | 200 OK Content-Length: 2456 Content-Type: application/javascript | clean |
http://ardapey.com/templates/arda-pey/lib/scripts/template_scripts.js | 200 OK Content-Length: 4001 Content-Type: application/javascript | clean |
http://ardapey.com/templates/arda-pey/lib/scripts/menu.php?style=moomenu&width=1&height=1&opacity=1&animation=1&speed=500 | 200 OK Content-Length: 2625 Content-Type: text/javascript | clean |
http://ardapey.com/live_help/livehelp_js.php?eo=1&department=1&serversession=1&pingtimes=15&creditline=N | 200 OK Content-Length: 26929 Content-Type: text/html | clean |
http://ardapey.com/test404page.js | HTTP/1.1 301 Moved Permanently Connection: close Date: Fri, 22 Aug 2014 04:25:26 GMT Location: /٠دÛر-عا٠Ù/سÙابÙ-ØرÙÙ-اÛ-٠دÛرعا٠Ù/js Server: Apache Content-Length: 0 Content-Type: text/html P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM" Set-Cookie: 2bf80387fb5d111b618972663bb58449=efcdd2d8933cb77e4bb816682bc10be1; path=/ X-Powered-By: PHP/5.2.17 | clean |
http://ardapey.com/Ù
دÛر-عاÙ
Ù/سÙابÙ-ØرÙÙ-اÛ-Ù
دÛرعاÙ
Ù/js | 200 OK Content-Length: 42530 Content-Type: text/html | clean |
http://www.ardapey.com/media/system/js/validate.js | 200 OK Content-Length: 4246 Content-Type: application/javascript | clean |
http://ardapey.com/templates/arda-pey/Scripts/jquery-1.7.js | 200 OK Content-Length: 94840 Content-Type: application/javascript | clean |
http://ardapey.com/Ù
عرÙÛ/دربارÙ-Ù
ا | 200 OK Content-Length: 39853 Content-Type: text/html | clean |
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=ardapey.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://ardapey.com/
Result: ardapey.com is not infected or malware details are not published yet.
Result: ardapey.com is not infected or malware details are not published yet.