Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: golgotha.ru
Result:
HTTP/1.1 200 OK
Connection: close
Date: Fri, 05 Sep 2014 00:19:21 GMT
Server: nginx/1.4.4
Content-Type: text/html; charset=UTF-8
X-Pingback: http://golgotha.ru/xmlrpc.php
X-Powered-By: PHP/5.2.17-pl0-gentoo
GET / HTTP/1.1
Host: golgotha.ru
Result:
HTTP/1.1 200 OK
Connection: close
Date: Fri, 05 Sep 2014 00:19:21 GMT
Server: nginx/1.4.4
Content-Type: text/html; charset=UTF-8
X-Pingback: http://golgotha.ru/xmlrpc.php
X-Powered-By: PHP/5.2.17-pl0-gentoo
Second query (visit from search engine):
GET / HTTP/1.1
Host: golgotha.ru
Referer: http://www.google.com/search?q=golgotha.ru
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: golgotha.ru
Referer: http://www.google.com/search?q=golgotha.ru
Result:
The result is similar to the first query. There are no suspicious redirects found.
Scanned pages/files
| Request | Server response | Status |
http://golgotha.ru/ | 200 OK Content-Length: 39425 Content-Type: text/html | clean |
http://golgotha.ru/wp-includes/js/jquery/jquery.js?ver=1.8.3 | 200 OK Content-Length: 93658 Content-Type: application/x-javascript | clean |
http://golgotha.ru/wp-includes/js/utils.min.js?ver=3.5.1 | 200 OK Content-Length: 1855 Content-Type: application/x-javascript | clean |
http://golgotha.ru/wp-content/plugins/smooth-slider/js/jcycle.js?ver=2.4 | 200 OK Content-Length: 51965 Content-Type: application/x-javascript | clean |
http://golgotha.ru/wp-content/plugins/wp-miniaudioplayer/js/jquery.jplayer.min.js?ver=2.1.0 | 200 OK Content-Length: 49042 Content-Type: application/x-javascript | clean |
http://golgotha.ru/wp-content/plugins/wp-miniaudioplayer/js/jquery.mb.miniPlayer.js?ver=1.4.4 | 200 OK Content-Length: 42241 Content-Type: application/x-javascript | clean |
http://golgotha.ru/wp-includes/js/comment-reply.min.js?ver=3.5.1 | 200 OK Content-Length: 786 Content-Type: application/x-javascript | clean |
http://golgotha.ru/wp-content/plugins/share-buttons/js/share-buttons.js?ver=3.5.1 | 500 timeout Content-Length: 30 Content-Type: text/plain | clean |
http://golgotha.ru/test404page.js | 404 Not Found Content-Length: 29998 Content-Type: text/html | clean |
https://apis.google.com/js/plusone.js?ver=3.5.1 | 200 OK Content-Length: 12403 Content-Type: application/javascript | clean |
http://vkontakte.ru/js/api/share.js?11&ver=3.5.1 | 200 OK Content-Length: 10156 Content-Type: application/x-javascript | clean |
http://userapi.com/js/api/openapi.js?34&ver=3.5.1 | 200 OK Content-Length: 64013 Content-Type: application/x-javascript | clean |
http://stg.odnoklassniki.ru/share/odkl_share.js?ver=3.5.1 | 200 OK Content-Length: 12312 Content-Type: application/x-javascript | clean |
http://golgotha.ru/wp-content/plugins/share-buttons/js/odkl_init.js?ver=3.5.1 | 200 OK Content-Length: 28 Content-Type: application/x-javascript | clean |
http://cdn.connect.mail.ru/js/share/2/share.js?ver=3.5.1 | 200 OK Content-Length: 11486 Content-Type: application/x-javascript | clean |
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=golgotha.ru
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://golgotha.ru/
Result: golgotha.ru is not infected or malware details are not published yet.
Result: golgotha.ru is not infected or malware details are not published yet.