Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: tdftt.ru
Result:
HTTP/1.1 200 OK
Connection: close
Date: Thu, 04 Sep 2014 20:03:19 GMT
Server: Apache/2.2.25 (CentOS)
Content-Type: text/html; charset=UTF-8
X-Pingback: http://tdftt.ru/xmlrpc.php
X-Powered-By: PHP/5.3.3
GET / HTTP/1.1
Host: tdftt.ru
Result:
HTTP/1.1 200 OK
Connection: close
Date: Thu, 04 Sep 2014 20:03:19 GMT
Server: Apache/2.2.25 (CentOS)
Content-Type: text/html; charset=UTF-8
X-Pingback: http://tdftt.ru/xmlrpc.php
X-Powered-By: PHP/5.3.3
Second query (visit from search engine):
GET / HTTP/1.1
Host: tdftt.ru
Referer: http://www.google.com/search?q=tdftt.ru
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: tdftt.ru
Referer: http://www.google.com/search?q=tdftt.ru
Result:
The result is similar to the first query. There are no suspicious redirects found.
Scanned pages/files
| Request | Server response | Status |
http://tdftt.ru/ | 200 OK Content-Length: 27925 Content-Type: text/html | clean |
http://tdftt.ru/wp-content/themes/Mimoza/jdgallery/mootools-1.2.5-core-yc.js | 200 OK Content-Length: 66798 Content-Type: text/javascript | clean |
http://tdftt.ru/wp-content/themes/Mimoza/jdgallery/mootools-1.2-more.js | 200 OK Content-Length: 11984 Content-Type: text/javascript | clean |
http://tdftt.ru/wp-content/themes/Mimoza/jdgallery/jd.gallery.js | 200 OK Content-Length: 27245 Content-Type: text/javascript | clean |
http://tdftt.ru/wp-content/themes/Mimoza/jdgallery/jd.gallery.transitions.js | 200 OK Content-Length: 3067 Content-Type: text/javascript | clean |
http://tdftt.ru/wp-content/themes/Mimoza/menu/mootools-1.2.5-core-yc.js | 200 OK Content-Length: 66798 Content-Type: text/javascript | clean |
http://tdftt.ru/wp-content/themes/Mimoza/menu/MenuMatic_0.68.3.js | 200 OK Content-Length: 25860 Content-Type: text/javascript | clean |
http://tdftt.ru/wp-includes/js/jquery/jquery.js?ver=1.11.0 | 200 OK Content-Length: 96402 Content-Type: text/javascript | clean |
http://tdftt.ru/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.2.1 | 200 OK Content-Length: 7200 Content-Type: text/javascript | clean |
http://tdftt.ru/wp-content/plugins/ml-slider/assets/sliders/flexslider/jquery.flexslider-min.js?ver=2.8.1 | 200 OK Content-Length: 53526 Content-Type: text/javascript | clean |
http://tdftt.ru/?page_id=455 | 200 OK Content-Length: 17030 Content-Type: text/html | clean |
http://tdftt.ru/?feed=rss2 | 200 OK Content-Length: 86485 Content-Type: text/xml | clean |
http://tdftt.ru/?p=570 | 200 OK Content-Length: 28356 Content-Type: text/html | clean |
http://platform.linkedin.com/in.js | 200 OK Content-Length: 3690 Content-Type: text/javascript | clean |
http://tdftt.ru/wp-content/plugins/akismet/_inc/form.js?ver=3.0.0 | 200 OK Content-Length: 411 Content-Type: text/javascript | clean |
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=tdftt.ru
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://tdftt.ru/
Result: tdftt.ru is not infected or malware details are not published yet.
Result: tdftt.ru is not infected or malware details are not published yet.