Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: tmpromo.ee
Result:
HTTP/1.1 200 OK
Connection: close
Date: Wed, 04 Mar 2015 04:54:18 GMT
Server: Apache/2.2.16 (Debian)
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Link: <http://tmpromo.ee/>; rel=shortlink
X-Pingback: http://tmpromo.ee/xmlrpc.php
X-Powered-By: PHP/5.3.3-7+squeeze19
GET / HTTP/1.1
Host: tmpromo.ee
Result:
HTTP/1.1 200 OK
Connection: close
Date: Wed, 04 Mar 2015 04:54:18 GMT
Server: Apache/2.2.16 (Debian)
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Link: <http://tmpromo.ee/>; rel=shortlink
X-Pingback: http://tmpromo.ee/xmlrpc.php
X-Powered-By: PHP/5.3.3-7+squeeze19
Second query (visit from search engine):
GET / HTTP/1.1
Host: tmpromo.ee
Referer: http://www.google.com/search?q=tmpromo.ee
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: tmpromo.ee
Referer: http://www.google.com/search?q=tmpromo.ee
Result:
The result is similar to the first query. There are no suspicious redirects found.
Scanned pages/files
| Request | Server response | Status |
http://tmpromo.ee/ | 200 OK Content-Length: 29030 Content-Type: text/html | clean |
http://maps.googleapis.com/maps/api/js?sensor=false | 200 OK Content-Length: 4324 Content-Type: text/javascript | clean |
http://tmpromo.ee/wp-includes/js/jquery/jquery.js?ver=1.11.1 | 200 OK Content-Length: 95807 Content-Type: application/javascript | clean |
http://tmpromo.ee/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.2.1 | 200 OK Content-Length: 7200 Content-Type: application/javascript | clean |
http://tmpromo.ee/wp-content/plugins/revslider/rs-plugin/js/jquery.themepunch.plugins.min.js?rev=4.1.4&ver=4.0.1 | 200 OK Content-Length: 77389 Content-Type: application/javascript | clean |
http://tmpromo.ee/wp-content/plugins/revslider/rs-plugin/js/jquery.themepunch.revolution.min.js?rev=4.1.4&ver=4.0.1 | 200 OK Content-Length: 81219 Content-Type: application/javascript | clean |
http://tmpromo.ee/wp-content/plugins/zilla-likes/scripts/zilla-likes.js?ver=4.0.1 | 200 OK Content-Length: 706 Content-Type: application/javascript | clean |
http://tmpromo.ee/wp-content/themes/venda/js/modernizrr.js?ver=4.0.1 | 200 OK Content-Length: 14271 Content-Type: application/javascript | clean |
http://tmpromo.ee/wp-content/themes/venda/switcher/colorpicker/js/color-picker.min.js?ver=4.0.1 | 200 OK Content-Length: 16692 Content-Type: application/javascript | clean |
http://tmpromo.ee/wp-content/themes/venda/switcher/switcher.js?ver=4.0.1 | 200 OK Content-Length: 3297 Content-Type: application/javascript | clean |
http://tmpromo.ee/wp-content/themes/venda/framework/aqua/assets/js/aqpb-view.js?ver=1425444860 | 200 OK Content-Length: 1082 Content-Type: application/javascript | clean |
http://tmpromo.ee/wp-includes/js/comment-reply.min.js?ver=4.0.1 | 200 OK Content-Length: 757 Content-Type: application/javascript | clean |
http://tmpromo.ee/wp-content/plugins/contact-form-7/includes/js/jquery.form.min.js?ver=3.51.0-2014.06.20 | 200 OK Content-Length: 15248 Content-Type: application/javascript | clean |
http://tmpromo.ee/wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=4.1 | 200 OK Content-Length: 11145 Content-Type: application/javascript | clean |
http://tmpromo.ee/wp-content/themes/venda/js/jquery.migrate.js?ver=4.0.1 | 200 OK Content-Length: 15696 Content-Type: application/javascript | clean |
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=tmpromo.ee
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://tmpromo.ee/
Result: tmpromo.ee is not infected or malware details are not published yet.
Result: tmpromo.ee is not infected or malware details are not published yet.