Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: sobit.ru
Result:
HTTP/1.1 200 OK
Cache-Control: store, no-cache, must-revalidate
Cache-Control: post-check=0, pre-check=0
Connection: close
Date: Mon, 08 Sep 2014 14:15:24 GMT
Server: Apache
Content-Type: text/html; charset=utf-8
Expires: Sun, 19 Nov 1978 05:00:00 GMT
Last-Modified: Mon, 08 Sep 2014 14:15:24 GMT
Set-Cookie: SESSbb39390536310ce3d48ffd5acd488a19=9n986t09vfr5c24aa2lc0r6id0; expires=Wed, 01-Oct-2014 17:48:44 GMT; path=/; domain=.sobit.ru
GET / HTTP/1.1
Host: sobit.ru
Result:
HTTP/1.1 200 OK
Cache-Control: store, no-cache, must-revalidate
Cache-Control: post-check=0, pre-check=0
Connection: close
Date: Mon, 08 Sep 2014 14:15:24 GMT
Server: Apache
Content-Type: text/html; charset=utf-8
Expires: Sun, 19 Nov 1978 05:00:00 GMT
Last-Modified: Mon, 08 Sep 2014 14:15:24 GMT
Set-Cookie: SESSbb39390536310ce3d48ffd5acd488a19=9n986t09vfr5c24aa2lc0r6id0; expires=Wed, 01-Oct-2014 17:48:44 GMT; path=/; domain=.sobit.ru
Second query (visit from search engine):
GET / HTTP/1.1
Host: sobit.ru
Referer: http://www.google.com/search?q=sobit.ru
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: sobit.ru
Referer: http://www.google.com/search?q=sobit.ru
Result:
The result is similar to the first query. There are no suspicious redirects found.
Scanned pages/files
Request | Server response | Status |
http://sobit.ru/ | 200 OK Content-Length: 51669 Content-Type: text/html | clean |
http://sobit.ru/sites/all/modules/jquery_update/replace/jquery.js?b | 200 OK Content-Length: 120763 Content-Type: application/javascript | clean |
http://sobit.ru/misc/drupal.js?b | 200 OK Content-Length: 9774 Content-Type: application/javascript | clean |
http://sobit.ru/sites/default/files/languages/ru_81d6c84556134878da298787a6ba29d7.js?b | 200 OK Content-Length: 3430 Content-Type: application/javascript | clean |
http://sobit.ru/sites/all/modules/dhtml_menu/dhtml_menu.js?b | 200 OK Content-Length: 4963 Content-Type: application/javascript | clean |
http://sobit.ru/sites/all/modules/filternew/js/jquery.minMaxSlider.js?b | 200 OK Content-Length: 3372 Content-Type: application/javascript | clean |
http://sobit.ru/sites/all/modules/filternew/js/ui.core.js?b | 200 OK Content-Length: 13932 Content-Type: application/javascript | clean |
http://sobit.ru/sites/all/modules/filternew/js/ui.slider.js?b | 200 OK Content-Length: 14380 Content-Type: application/javascript | clean |
http://sobit.ru/sites/all/modules/filternew/js/blk-filter-form.js?b | 200 OK Content-Length: 3069 Content-Type: application/javascript | clean |
http://sobit.ru/sites/all/modules/thickbox/thickbox.js?b | 200 OK Content-Length: 14811 Content-Type: application/javascript | clean |
http://sobit.ru/sites/all/modules/ubercart/uc_file/uc_file.js?b | 200 OK Content-Length: 5327 Content-Type: application/javascript | clean |
http://sobit.ru/sites/all/modules/ubercart/uc_roles/uc_roles.js?b | 200 OK Content-Length: 6212 Content-Type: application/javascript | clean |
http://sobit.ru/sites/all/modules/uc_ajax_cart/js/jquery.blockUI.js?b | 200 OK Content-Length: 14769 Content-Type: application/javascript | clean |
http://sobit.ru/sites/all/modules/uc_ajax_cart/js/uc_ajax_cart.js?b | 200 OK Content-Length: 12171 Content-Type: application/javascript | clean |
http://sobit.ru/sites/all/modules/uc_ajax_cart/js/jquery.cookie.js?b | 200 OK Content-Length: 4246 Content-Type: application/javascript | clean |
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=sobit.ru
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://sobit.ru/
Result: sobit.ru is not infected or malware details are not published yet.
Result: sobit.ru is not infected or malware details are not published yet.