Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: foto-rdm.ru
Result:
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Fri, 10 Oct 2014 21:27:24 GMT
Pragma: no-cache
Server: nginx/0.7.67
Vary: Accept-Encoding
Content-Type: text/html; charset=windows-1251
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Last-Modified: Fri, 10 Oct 2014 21:27:24 GMT
Set-Cookie: osCsid=18d1a077bf2b0b3e315705f486a5edbe; path=/; domain=www.foto-rdm.ru
X-Powered-By: PHP/5.3.3-7+squeeze19
GET / HTTP/1.1
Host: foto-rdm.ru
Result:
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Fri, 10 Oct 2014 21:27:24 GMT
Pragma: no-cache
Server: nginx/0.7.67
Vary: Accept-Encoding
Content-Type: text/html; charset=windows-1251
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Last-Modified: Fri, 10 Oct 2014 21:27:24 GMT
Set-Cookie: osCsid=18d1a077bf2b0b3e315705f486a5edbe; path=/; domain=www.foto-rdm.ru
X-Powered-By: PHP/5.3.3-7+squeeze19
Second query (visit from search engine):
GET / HTTP/1.1
Host: foto-rdm.ru
Referer: http://www.google.com/search?q=foto-rdm.ru
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: foto-rdm.ru
Referer: http://www.google.com/search?q=foto-rdm.ru
Result:
The result is similar to the first query. There are no suspicious redirects found.
Scanned pages/files
Request | Server response | Status |
http://foto-rdm.ru/ | 200 OK Content-Length: 52422 Content-Type: text/html | clean |
http://foto-rdm.ru/includes/YAHOO.js | 200 OK Content-Length: 1560 Content-Type: application/x-javascript | clean |
http://foto-rdm.ru/includes/treeview.js | 200 OK Content-Length: 39835 Content-Type: application/x-javascript | clean |
http://foto-rdm.ru/includes/loadNodes.js | 200 OK Content-Length: 2494 Content-Type: application/x-javascript | clean |
http://foto-rdm.ru/information.php?pages_id=8 | 200 OK Content-Length: 37520 Content-Type: text/html | clean |
http://foto-rdm.ru/old/ | 200 OK Content-Length: 57891 Content-Type: text/html | clean |
http://www.foto-rdm.ru/includes/YAHOO.js | 200 OK Content-Length: 1560 Content-Type: application/x-javascript | clean |
http://www.foto-rdm.ru/includes/treeview.js | 200 OK Content-Length: 39835 Content-Type: application/x-javascript | clean |
http://www.foto-rdm.ru/includes/loadNodes.js | 200 OK Content-Length: 2494 Content-Type: application/x-javascript | clean |
http://foto-rdm.ru/old/topic/kak-sdelat-trafaret-dlya-brovey | 200 OK Content-Length: 66377 Content-Type: text/html | clean |
http://foto-rdm.ru/old/topic/ | 200 OK Content-Length: 54801 Content-Type: text/html | clean |
http://foto-rdm.ru/old/entry/kak-sdelat-hoduli-svoimi-rukami | 200 OK Content-Length: 59295 Content-Type: text/html | clean |
http://foto-rdm.ru/old/entry/ | 200 OK Content-Length: 55107 Content-Type: text/html | clean |
http://foto-rdm.ru/old/topic/na-kakom-sroke-delayut-dopler | 200 OK Content-Length: 41800 Content-Type: text/html | clean |
http://foto-rdm.ru/old/images/na-kakom-sroke-delayut-dopler-9557-large.jpg | 200 OK Content-Length: 49139 Content-Type: image/jpeg | clean |
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=foto-rdm.ru
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://foto-rdm.ru/
Result: foto-rdm.ru is not infected or malware details are not published yet.
Result: foto-rdm.ru is not infected or malware details are not published yet.