Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=novinvest53.ru
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://novinvest53.ru/
Result: The website is marked by Yandex as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Yandex as suspicious. - visiting this web site may harm your computer.
Details are available here.
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: novinvest53.ru
Result:
HTTP/1.1 200 OK
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Sat, 20 Sep 2014 16:31:32 GMT
ETag: "1411230691"
Server: nginx/1.6.0
Vary: Accept-Encoding
Content-Language: ru
Content-Type: text/html; charset=utf-8
Expires: Sun, 19 Nov 1978 05:00:00 GMT
Last-Modified: Sat, 20 Sep 2014 16:31:31 +0000
X-Generator: Drupal 7 (http://drupal.org)
X-Powered-By: PHP/5.3.18
GET / HTTP/1.1
Host: novinvest53.ru
Result:
HTTP/1.1 200 OK
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Sat, 20 Sep 2014 16:31:32 GMT
ETag: "1411230691"
Server: nginx/1.6.0
Vary: Accept-Encoding
Content-Language: ru
Content-Type: text/html; charset=utf-8
Expires: Sun, 19 Nov 1978 05:00:00 GMT
Last-Modified: Sat, 20 Sep 2014 16:31:31 +0000
X-Generator: Drupal 7 (http://drupal.org)
X-Powered-By: PHP/5.3.18
Second query (visit from search engine):
GET / HTTP/1.1
Host: novinvest53.ru
Referer: http://www.google.com/search?q=novinvest53.ru
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: novinvest53.ru
Referer: http://www.google.com/search?q=novinvest53.ru
Result:
The result is similar to the first query. There are no suspicious redirects found.
Scanned pages/files
Request | Server response | Status |
http://novinvest53.ru/ | 200 OK Content-Length: 34455 Content-Type: text/html | clean |
http://novinvest53.ru/misc/jquery.js?v=1.4.4 | 200 OK Content-Length: 78602 Content-Type: application/x-javascript | clean |
http://novinvest53.ru/misc/jquery.once.js?v=1.2 | 200 OK Content-Length: 2974 Content-Type: application/x-javascript | clean |
http://novinvest53.ru/misc/drupal.js?mcs0mh | 200 OK Content-Length: 13852 Content-Type: application/x-javascript | clean |
http://novinvest53.ru/sites/default/files/languages/ru_j1H-DJnJmSK3W9Sk7UX3zgLjuOcK1aR4tVcEdNxF13k.js?mcs0mh | 200 OK Content-Length: 12523 Content-Type: application/x-javascript | clean |
http://novinvest53.ru/themes/realestate/js/jquery-1.4.4.js?mcs0mh | 200 OK Content-Length: 183184 Content-Type: application/x-javascript | clean |
http://novinvest53.ru/themes/realestate/js/slideshow.js?mcs0mh | 200 OK Content-Length: 2624 Content-Type: application/x-javascript | clean |
http://novinvest53.ru/themes/realestate/js/superfish.js?mcs0mh | 200 OK Content-Length: 3692 Content-Type: application/x-javascript | clean |
http://101widgets.com/09023901/225/63 | 200 OK Content-Length: 255 Content-Type: text/html | clean |
http://101widgets.com/test404page.js | 404 Not Found Content-Length: 276 Content-Type: text/html | clean |
http://101widgets.com/04001012/225/128 | 200 OK Content-Length: 256 Content-Type: text/html | clean |
http://www.forexpf.ru/_informer_/cbrf.php?id=012345678 | HTTP/1.1 301 Moved Permanently Connection: close Date: Sat, 20 Sep 2014 16:31:34 GMT Location: http://informers.forexpf.ru/php/cbrf.php?id=012345678 Server: nginx Content-Length: 178 Content-Type: text/html X-Conf: www-to-forum | clean |
http://informers.forexpf.ru/php/cbrf.php?id=012345678 | 200 OK Content-Length: 1223 Content-Type: text/html | clean |
http://www.forexpf.ru/_informer_/comod.php?id=017864523 | 200 OK Content-Length: 1208 Content-Type: application/x-javascript | clean |
http://www.gismeteo.ru/ajax/getInformer/?hash=QCCnoWj4HJssVs | 200 OK Content-Length: 0 Content-Type: text/javascript | clean |