Scanned pages/files
| Request | Server response | Status |
http://bpimoldova.com/ | HTTP/1.1 302 Moved Temporarily Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Connection: close Date: Mon, 08 Sep 2014 22:50:22 GMT Pragma: no-cache Location: http://bpimoldova.com/pages/exclusive-investments.php Server: nginx/1.7.4 Content-Length: 0 Content-Type: text/html; charset=UTF-8 Expires: Thu, 19 Nov 1981 08:52:00 GMT Set-Cookie: wb_9271_session_id=b90270fd07d1d98ce8666eac52987258; path=/ | clean |
http://bpimoldova.com/pages/exclusive-investments.php | 200 OK Content-Length: 17537 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) arr_img1 = new Array();arr_img1[1]='21_1.jpg';arr_img1[2]='21_2.jpg'; Antivirus reports:
| ||
http://bpimoldova.com/templates/bpi/js/AC_RunActiveContent.js | 200 OK Content-Length: 8029 Content-Type: application/javascript | clean |
http://bpimoldova.com/modules/droplets/js/mdcr.js | 200 OK Content-Length: 662 Content-Type: application/javascript | clean |
http://bpimoldova.com/pages/about-us.php | 200 OK Content-Length: 13169 Content-Type: text/html | clean |
http://bpimoldova.com/pages/real-estate-investments.php | HTTP/1.1 302 Moved Temporarily Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Connection: close Date: Mon, 08 Sep 2014 22:50:24 GMT Pragma: no-cache Location: http://bpimoldova.com/pages/real-estate-investments/rental.php Server: nginx/1.7.4 Content-Length: 0 Content-Type: text/html; charset=UTF-8 Expires: Thu, 19 Nov 1981 08:52:00 GMT Set-Cookie: wb_9271_session_id=a7880719b63a7b06bd8aa4140cb2d4dc; path=/ | clean |
http://bpimoldova.com/pages/real-estate-investments/rental.php | 200 OK Content-Length: 26800 Content-Type: text/html | clean |
http://bpimoldova.com/pages/real-estate-investments/selling.php | 200 OK Content-Length: 14651 Content-Type: text/html | clean |
http://bpimoldova.com/pages/real-estate-investments/buying.php | 200 OK Content-Length: 12912 Content-Type: text/html | clean |
http://bpimoldova.com/pages/useful-links.php | 200 OK Content-Length: 10916 Content-Type: text/html | clean |
http://bpimoldova.com/pages/contact-us.php | 200 OK Content-Length: 12357 Content-Type: text/html | clean |
http://bpimoldova.com/test404page.js | 404 Not Found Content-Length: 292 Content-Type: text/html | clean |
http://bpimoldova.com/pages/catalog/real-estate-investments/rental/16.php | 200 OK Content-Length: 16620 Content-Type: text/html | clean |
http://bpimoldova.com/pages/real-estate-investments/rental.php?property_type_id=Residential Apartment | 200 OK Content-Length: 19379 Content-Type: text/html | clean |
http://bpimoldova.com/pages/catalog/real-estate-investments/rental/17.php | 200 OK Content-Length: 17282 Content-Type: text/html | clean |
http://bpimoldova.com/pages/catalog/real-estate-investments/rental/ | 403 Forbidden Content-Length: 327 Content-Type: text/html | clean |
http://bpimoldova.com/pages/catalog/real-estate-investments/rental/18.php | 200 OK Content-Length: 18235 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: bpimoldova.com
Result:
HTTP/1.1 302 Moved Temporarily
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Mon, 08 Sep 2014 22:50:22 GMT
Pragma: no-cache
Location: http://bpimoldova.com/pages/exclusive-investments.php
Server: nginx/1.7.4
Content-Length: 0
Content-Type: text/html; charset=UTF-8
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Set-Cookie: wb_9271_session_id=b90270fd07d1d98ce8666eac52987258; path=/
...0 bytes of data.
GET / HTTP/1.1
Host: bpimoldova.com
Result:
HTTP/1.1 302 Moved Temporarily
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Mon, 08 Sep 2014 22:50:22 GMT
Pragma: no-cache
Location: http://bpimoldova.com/pages/exclusive-investments.php
Server: nginx/1.7.4
Content-Length: 0
Content-Type: text/html; charset=UTF-8
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Set-Cookie: wb_9271_session_id=b90270fd07d1d98ce8666eac52987258; path=/
...0 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: bpimoldova.com
Referer: http://www.google.com/search?q=bpimoldova.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: bpimoldova.com
Referer: http://www.google.com/search?q=bpimoldova.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=bpimoldova.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://bpimoldova.com/
Result: bpimoldova.com is not infected or malware details are not published yet.
Result: bpimoldova.com is not infected or malware details are not published yet.