Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: russkiegorky.ru
Result:
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Fri, 25 Jul 2014 05:03:05 GMT
Pragma: no-cache
Server: Apache/2.2.26 (Unix) mod_ssl/2.2.26 OpenSSL/1.0.1e-fips mod_bwlimited/1.4
Content-Type: text/html; charset=UTF-8
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Link: <http://russkiegorky.ru/?p=2>; rel=shortlink
Set-Cookie: PHPSESSID=e0dcd9df9516755d0e12d4a33fa59200; path=/
X-Pingback: http://russkiegorky.ru/xmlrpc.php
X-Powered-By: PHP/5.4.26
GET / HTTP/1.1
Host: russkiegorky.ru
Result:
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Fri, 25 Jul 2014 05:03:05 GMT
Pragma: no-cache
Server: Apache/2.2.26 (Unix) mod_ssl/2.2.26 OpenSSL/1.0.1e-fips mod_bwlimited/1.4
Content-Type: text/html; charset=UTF-8
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Link: <http://russkiegorky.ru/?p=2>; rel=shortlink
Set-Cookie: PHPSESSID=e0dcd9df9516755d0e12d4a33fa59200; path=/
X-Pingback: http://russkiegorky.ru/xmlrpc.php
X-Powered-By: PHP/5.4.26
Second query (visit from search engine):
GET / HTTP/1.1
Host: russkiegorky.ru
Referer: http://www.google.com/search?q=russkiegorky.ru
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: russkiegorky.ru
Referer: http://www.google.com/search?q=russkiegorky.ru
Result:
The result is similar to the first query. There are no suspicious redirects found.
Scanned pages/files
Request | Server response | Status |
http://www.russkiegorky.ru/ | HTTP/1.1 301 Moved Permanently Connection: close Date: Fri, 25 Jul 2014 05:03:05 GMT Location: http://russkiegorky.ru/ Server: Apache/2.2.26 (Unix) mod_ssl/2.2.26 OpenSSL/1.0.1e-fips mod_bwlimited/1.4 Content-Length: 0 Content-Type: text/html; charset=UTF-8 X-Pingback: http://russkiegorky.ru/xmlrpc.php X-Powered-By: PHP/5.4.26 | clean |
http://russkiegorky.ru/ | 200 OK Content-Length: 41628 Content-Type: text/html | clean |
http://russkiegorky.ru/wp-includes/js/jquery/jquery.js?ver=1.10.2 | 200 OK Content-Length: 93085 Content-Type: application/javascript | clean |
http://russkiegorky.ru/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.2.1 | 200 OK Content-Length: 7199 Content-Type: application/javascript | clean |
http://russkiegorky.ru/wp-content/plugins/gallery-plugin/fancybox/jquery.mousewheel-3.0.4.pack.js?ver=3.8.3 | 200 OK Content-Length: 1279 Content-Type: application/javascript | clean |
http://russkiegorky.ru/wp-content/plugins/gallery-plugin/fancybox/jquery.fancybox-1.3.4.pack.js?ver=3.8.3 | 200 OK Content-Length: 15624 Content-Type: application/javascript | clean |
http://www.russkiegorky.ru//code.jquery.com/ui/1.10.4/jquery-ui.js/ | HTTP/1.1 301 Moved Permanently Cache-Control: no-cache, must-revalidate, max-age=0 Connection: close Date: Fri, 25 Jul 2014 05:03:08 GMT Pragma: no-cache Location: http://russkiegorky.ru/code.jquery.com/ui/1.10.4/jquery-ui.js/ Server: Apache/2.2.26 (Unix) mod_ssl/2.2.26 OpenSSL/1.0.1e-fips mod_bwlimited/1.4 Content-Length: 0 Content-Type: text/html; charset=UTF-8 Expires: Wed, 11 Jan 1984 05:00:00 GMT X-Pingback: http://russkiegorky.ru/xmlrpc.php X-Powered-By: PHP/5.4.26 | clean |
http://russkiegorky.ru/code.jquery.com/ui/1.10.4/jquery-ui.js/ | 404 Not Found Content-Length: 23915 Content-Type: text/html | clean |
http://russkiegorky.ru//code.jquery.com/ui/1.10.4/jquery-ui.js/ | HTTP/1.1 301 Moved Permanently Cache-Control: no-cache, must-revalidate, max-age=0 Connection: close Date: Fri, 25 Jul 2014 05:03:09 GMT Pragma: no-cache Location: http://russkiegorky.ru/code.jquery.com/ui/1.10.4/jquery-ui.js/ Server: Apache/2.2.26 (Unix) mod_ssl/2.2.26 OpenSSL/1.0.1e-fips mod_bwlimited/1.4 Content-Length: 0 Content-Type: text/html; charset=UTF-8 Expires: Wed, 11 Jan 1984 05:00:00 GMT X-Pingback: http://russkiegorky.ru/xmlrpc.php X-Powered-By: PHP/5.4.26 | clean |
http://russkiegorky.ru/test404page.js | 404 Not Found Content-Length: 23915 Content-Type: text/html | clean |
http://cloud.github.com/downloads/digitalBush/jquery.maskedinput/jquery.maskedinput-1.3.min.js | HTTP/1.1 301 Moved Permanently Connection: close Date: Fri, 25 Jul 2014 05:03:10 GMT Via: 1.1 13581d7aed721f7c03ffea74b6e6901c.cloudfront.net (CloudFront) Location: https://cloud.github.com/downloads/digitalBush/jquery.maskedinput/jquery.maskedinput-1.3.min.js Server: CloudFront Content-Length: 183 Content-Type: text/html X-Amz-Cf-Id: dOlUkPz_iuA4C9dcxEF4x1Ur-sGVxj66u__MBxHHW5vvpAAxIndXrQ== X-Cache: Redirect from cloudfront | clean |
https://cloud.github.com/downloads/digitalbush/jquery.maskedinput/jquery.maskedinput-1.3.min.js | 403 Forbidden Content-Length: 231 Content-Type: application/xml | clean |
http://cloud.github.com/test404page.js | HTTP/1.1 301 Moved Permanently Connection: close Date: Fri, 25 Jul 2014 05:03:11 GMT Via: 1.1 718837f3a8f35c060e6682205f72618d.cloudfront.net (CloudFront) Location: https://cloud.github.com/test404page.js Server: CloudFront Content-Length: 183 Content-Type: text/html X-Amz-Cf-Id: FaxymiSqJ7uTX5P7nTvmbhjCrWw5yUMuMSRBlIl46GhbJqxc80iF5Q== X-Cache: Redirect from cloudfront | clean |
https://cloud.github.com/test404page.js | 403 Forbidden Content-Length: 243 Content-Type: application/xml | clean |
http://russkiegorky.ru/wp-content/themes/twentytwelve/js/navigation.js?ver=1.0 | 200 OK Content-Length: 863 Content-Type: application/javascript | clean |
http://russkiegorky.ru/wp-content/plugins/ml-slider/assets/sliders/responsiveslides/responsiveslides.min.js?ver=2.8-beta | 200 OK Content-Length: 3396 Content-Type: application/javascript | clean |
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=russkiegorky.ru
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://russkiegorky.ru/
Result: russkiegorky.ru is not infected or malware details are not published yet.
Result: russkiegorky.ru is not infected or malware details are not published yet.