Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: promist.rs
Result:
HTTP/1.1 200 OK
Cache-Control: no-cache, no-store, must-revalidate, private, no-cache
Connection: close
Date: Wed, 04 Mar 2015 03:57:45 GMT
Pragma: no-cache
Server: nginx/1.6.2
Content-Type: text/html; charset=utf-8
Expires:
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Set-Cookie: 37b7a5c8f9933141ea7ba2b12bb2275f=00ec6df61aa663697b03828de7693978; path=/
Set-Cookie: ja_mendozite_tpl=ja_mendozite; expires=Mon, 22-Feb-2016 03:57:45 GMT; path=/
GET / HTTP/1.1
Host: promist.rs
Result:
HTTP/1.1 200 OK
Cache-Control: no-cache, no-store, must-revalidate, private, no-cache
Connection: close
Date: Wed, 04 Mar 2015 03:57:45 GMT
Pragma: no-cache
Server: nginx/1.6.2
Content-Type: text/html; charset=utf-8
Expires:
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Set-Cookie: 37b7a5c8f9933141ea7ba2b12bb2275f=00ec6df61aa663697b03828de7693978; path=/
Set-Cookie: ja_mendozite_tpl=ja_mendozite; expires=Mon, 22-Feb-2016 03:57:45 GMT; path=/
Second query (visit from search engine):
GET / HTTP/1.1
Host: promist.rs
Referer: http://www.google.com/search?q=promist.rs
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: promist.rs
Referer: http://www.google.com/search?q=promist.rs
Result:
The result is similar to the first query. There are no suspicious redirects found.
Scanned pages/files
| Request | Server response | Status |
http://promist.rs/ | 200 OK Content-Length: 20190 Content-Type: text/html | clean |
http://promist.rs/index.php?jat3action=gzip&jat3type=js&jat3file=t3-assets%2Fjs_53177.js | 200 OK Content-Length: 300787 Content-Type: text/javascript | clean |
http://promist.rs//ajax.googleapis.com/ajax/libs/jquery/1.7/jquery.min.js/ | 404 Kategorija nije pronaÄena Content-Length: 730 Content-Type: text/html | clean |
http://promist.rs/index.php | 200 OK Content-Length: 20217 Content-Type: text/html | clean |
http://promist.rs/index.php?jat3action=gzip&jat3type=js&jat3file=t3-assets%2Fjs_5edc8.js?v=2 | 200 OK Content-Length: 194258 Content-Type: text/javascript | clean |
http://widgets.twimg.com/j/2/widget.js | 200 OK Content-Length: 1489 Content-Type: application/javascript | clean |
http://promist.rs/o-nama | 200 OK Content-Length: 14088 Content-Type: text/html | clean |
http://promist.rs/index.php?jat3action=gzip&jat3type=js&jat3file=t3-assets%2Fjs_aeacb.js | 200 OK Content-Length: 182071 Content-Type: text/javascript | clean |
http://promist.rs/vestacka-dubriva | 200 OK Content-Length: 35103 Content-Type: text/html | clean |
http://promist.rs/logistika | 200 OK Content-Length: 13744 Content-Type: text/html | clean |
http://promist.rs/nekretnine | 200 OK Content-Length: 18187 Content-Type: text/html | clean |
http://promist.rs/nekretnine/77-stjepana-ljubise-10 | 200 OK Content-Length: 16282 Content-Type: text/html | clean |
http://promist.rs/nekretnine/76-dimitrija-tucovica-153 | 200 OK Content-Length: 16412 Content-Type: text/html | clean |
http://promist.rs/galerija | 200 OK Content-Length: 14680 Content-Type: text/html | clean |
http://promist.rs/index.php?jat3action=gzip&jat3type=js&jat3file=t3-assets%2Fjs_272aa.js | 200 OK Content-Length: 182071 Content-Type: text/javascript | clean |
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=promist.rs
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://promist.rs/
Result: promist.rs is not infected or malware details are not published yet.
Result: promist.rs is not infected or malware details are not published yet.