Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: carscanner.ru
Result:
HTTP/1.1 301 Moved Permanently
Connection: close
Date: Thu, 09 Oct 2014 19:37:36 GMT
Location: http://www.carscanner.ru/
Server: nginx/1.2.1
Content-Type: text/html; charset=iso-8859-1
GET / HTTP/1.1
Host: carscanner.ru
Result:
HTTP/1.1 301 Moved Permanently
Connection: close
Date: Thu, 09 Oct 2014 19:37:36 GMT
Location: http://www.carscanner.ru/
Server: nginx/1.2.1
Content-Type: text/html; charset=iso-8859-1
Second query (visit from search engine):
GET / HTTP/1.1
Host: carscanner.ru
Referer: http://www.google.com/search?q=carscanner.ru
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: carscanner.ru
Referer: http://www.google.com/search?q=carscanner.ru
Result:
The result is similar to the first query. There are no suspicious redirects found.
Scanned pages/files
Request | Server response | Status |
http://carscanner.ru/ | HTTP/1.1 301 Moved Permanently Connection: close Date: Thu, 09 Oct 2014 19:37:36 GMT Location: http://www.carscanner.ru/ Server: nginx/1.2.1 Content-Type: text/html; charset=iso-8859-1 | clean |
http://www.carscanner.ru/ | 200 OK Content-Length: 228577 Content-Type: text/html | clean |
http://ajax.googleapis.com/ajax/libs/jquery/1.10.2/jquery.min.js | 200 OK Content-Length: 93100 Content-Type: text/javascript | clean |
http://carscanner.ru/media/system/js/mootools4.js | 200 OK Content-Length: 150812 Content-Type: application/x-javascript | clean |
http://carscanner.ru/plugins/content/avreloaded/silverlight.js | 200 OK Content-Length: 8093 Content-Type: application/x-javascript | clean |
http://carscanner.ru/plugins/content/avreloaded/wmvplayer.js | 200 OK Content-Length: 16476 Content-Type: application/x-javascript | clean |
http://carscanner.ru/plugins/content/avreloaded/swfobject.js | 200 OK Content-Length: 12254 Content-Type: application/x-javascript | clean |
http://carscanner.ru/plugins/content/avreloaded/avreloaded.js | 200 OK Content-Length: 2359 Content-Type: application/x-javascript | clean |
http://www.carscanner.ru/components/com_virtuemart/fetchscript.php?gzip=0&subdir[0]=/themes/carscanner&file[0]=theme.js&subdir[1]=/js&file[1]=sleight.js&subdir[2]=/js/mootools&file[2]=mootools-release-1.11.js&subdir[3]=/js/mootools&file[3]=mooPrompt.js | 200 OK Content-Length: 56480 Content-Type: text/javascript | clean |
http://www.carscanner.ru/modules/mod_swmenufree/jquery.corner.js | 200 OK Content-Length: 11267 Content-Type: application/x-javascript | clean |
http://www.carscanner.ru/modules/mod_swmenufree/DropDownMenuX_Packed.js | 200 OK Content-Length: 12687 Content-Type: application/x-javascript | clean |
http://carscanner.ru/templates/carscanner/scripts/lib.min.js | 200 OK Content-Length: 50756 Content-Type: application/x-javascript | clean |
http://carscanner.ru/templates/carscanner/scripts/jquery.jcarousellite.js | 200 OK Content-Length: 13970 Content-Type: application/x-javascript | clean |
http://carscanner.ru/templates/carscanner/scripts/eqal_column.js | 200 OK Content-Length: 337 Content-Type: application/x-javascript | clean |
http://carscanner.ru/templates/carscanner/scripts/dev.js | 200 OK Content-Length: 128 Content-Type: application/x-javascript | clean |
http://counter.rambler.ru/top100.jcn?2747730 | 200 OK Content-Length: 6853 Content-Type: application/x-javascript | clean |
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=carscanner.ru
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://carscanner.ru/
Result: carscanner.ru is not infected or malware details are not published yet.
Result: carscanner.ru is not infected or malware details are not published yet.