Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: booksharks.ru
Result:
HTTP/1.1 200 OK
Connection: close
Date: Wed, 04 Mar 2015 14:06:12 GMT
Server: nginx
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Set-Cookie: ci_session=a%3A4%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%22b221688b3b8482193fc54080099b88cb%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A13%3A%2278.158.11.226%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A50%3A%22Mozilla%2F4.0+%28compatible%3B+MSIE+8.0%3B+Windows+NT+5.1%29%22%3Bs%3A13%3A%22last_activity%22%3Bs%3A10%3A%221425477972%22%3B%7D7d1c6558a60992569dc3f9e754fe697d; expires=Wed, 11-Mar-2015 14:06:12 GMT; Max-Age=604800; path=/
X-Powered-By: PHP/5.5.9-1ubuntu4.4
GET / HTTP/1.1
Host: booksharks.ru
Result:
HTTP/1.1 200 OK
Connection: close
Date: Wed, 04 Mar 2015 14:06:12 GMT
Server: nginx
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Set-Cookie: ci_session=a%3A4%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%22b221688b3b8482193fc54080099b88cb%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A13%3A%2278.158.11.226%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A50%3A%22Mozilla%2F4.0+%28compatible%3B+MSIE+8.0%3B+Windows+NT+5.1%29%22%3Bs%3A13%3A%22last_activity%22%3Bs%3A10%3A%221425477972%22%3B%7D7d1c6558a60992569dc3f9e754fe697d; expires=Wed, 11-Mar-2015 14:06:12 GMT; Max-Age=604800; path=/
X-Powered-By: PHP/5.5.9-1ubuntu4.4
Second query (visit from search engine):
GET / HTTP/1.1
Host: booksharks.ru
Referer: http://www.google.com/search?q=booksharks.ru
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: booksharks.ru
Referer: http://www.google.com/search?q=booksharks.ru
Result:
The result is similar to the first query. There are no suspicious redirects found.
Scanned pages/files
Request | Server response | Status |
http://booksharks.ru/ | 200 OK Content-Length: 10395 Content-Type: text/html | clean |
http://booksharks.ru/assets/plugins/jquery-1.10.2.min.js | 200 OK Content-Length: 93111 Content-Type: application/x-javascript | clean |
http://booksharks.ru/assets/plugins/jquery-migrate-1.2.1.min.js | 200 OK Content-Length: 7200 Content-Type: application/x-javascript | clean |
http://booksharks.ru/assets/plugins/bootstrap/js/bootstrap.min.js | 200 OK Content-Length: 27726 Content-Type: application/x-javascript | clean |
http://booksharks.ru/assets/plugins/bootstrap-hover-dropdown/twitter-bootstrap-hover-dropdown.min.js | 200 OK Content-Length: 1425 Content-Type: application/x-javascript | clean |
http://booksharks.ru/assets/plugins/jquery-slimscroll/jquery.slimscroll.min.js | 200 OK Content-Length: 4711 Content-Type: application/x-javascript | clean |
http://booksharks.ru/assets/plugins/jquery.blockui.min.js | 200 OK Content-Length: 9595 Content-Type: application/x-javascript | clean |
http://booksharks.ru/assets/plugins/jquery.cookie.min.js | 200 OK Content-Length: 1301 Content-Type: application/x-javascript | clean |
http://booksharks.ru/assets/plugins/uniform/jquery.uniform.min.js | 200 OK Content-Length: 8308 Content-Type: application/x-javascript | clean |
http://booksharks.ru/assets/plugins/jquery-validation/dist/jquery.validate.min.js | 200 OK Content-Length: 21933 Content-Type: application/x-javascript | clean |
http://booksharks.ru/assets/plugins/select2/select2.min.js | 200 OK Content-Length: 57660 Content-Type: application/x-javascript | clean |
http://booksharks.ru/assets/scripts/app.js | 200 OK Content-Length: 38056 Content-Type: application/x-javascript | clean |
http://booksharks.ru/assets/scripts/login-soft.js | 200 OK Content-Length: 8405 Content-Type: application/x-javascript | clean |
http://booksharks.ru/test404page.js | 404 Not Found Content-Length: 564 Content-Type: text/html | clean |
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=booksharks.ru
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://booksharks.ru/
Result: booksharks.ru is not infected or malware details are not published yet.
Result: booksharks.ru is not infected or malware details are not published yet.