Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: tpmmedias.ro
Result:
HTTP/1.1 200 OK
Connection: close
Date: Tue, 08 Jul 2014 15:48:16 GMT
Server: Apache
Content-Type: text/html
Set-Cookie: dafa29db360d5106b013aec9226eceb7=c34e6ac97f57705369e904106efb80d6; path=/; HttpOnly
X-Powered-By: PHP/5.4.25
GET / HTTP/1.1
Host: tpmmedias.ro
Result:
HTTP/1.1 200 OK
Connection: close
Date: Tue, 08 Jul 2014 15:48:16 GMT
Server: Apache
Content-Type: text/html
Set-Cookie: dafa29db360d5106b013aec9226eceb7=c34e6ac97f57705369e904106efb80d6; path=/; HttpOnly
X-Powered-By: PHP/5.4.25
Second query (visit from search engine):
GET / HTTP/1.1
Host: tpmmedias.ro
Referer: http://www.google.com/search?q=tpmmedias.ro
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: tpmmedias.ro
Referer: http://www.google.com/search?q=tpmmedias.ro
Result:
The result is similar to the first query. There are no suspicious redirects found.
Scanned pages/files
Request | Server response | Status |
http://tpmmedias.ro/ | 200 OK Content-Length: 45983 Content-Type: text/html | clean |
http://tpmmedias.ro/media/jui/js/jquery.min.js | 200 OK Content-Length: 96381 Content-Type: application/javascript | clean |
http://tpmmedias.ro/media/jui/js/jquery-noconflict.js | 200 OK Content-Length: 21 Content-Type: application/javascript | clean |
http://tpmmedias.ro/media/jui/js/jquery-migrate.min.js | 200 OK Content-Length: 7199 Content-Type: application/javascript | clean |
http://tpmmedias.ro/media/jui/js/bootstrap.min.js | 200 OK Content-Length: 29156 Content-Type: application/javascript | clean |
http://tpmmedias.ro/media/system/js/mootools-core.js | 200 OK Content-Length: 83893 Content-Type: application/javascript | clean |
http://tpmmedias.ro/media/system/js/core.js | 200 OK Content-Length: 4000 Content-Type: application/javascript | clean |
http://tpmmedias.ro/media/system/js/mootools-more.js | 200 OK Content-Length: 236825 Content-Type: application/javascript | clean |
http://tpmmedias.ro/plugins/system/rokbox/assets/js/rokbox.js | 200 OK Content-Length: 55061 Content-Type: application/javascript | clean |
http://tpmmedias.ro/templates/rt_fresco_responsive/js/gantry-totop.js | 200 OK Content-Length: 519 Content-Type: application/javascript | clean |
http://tpmmedias.ro/libraries/gantry/js/browser-engines.js | 200 OK Content-Length: 4026 Content-Type: application/javascript | clean |
http://tpmmedias.ro/templates/rt_fresco_responsive/js/rokmediaqueries.js | 200 OK Content-Length: 4632 Content-Type: application/javascript | clean |
http://tpmmedias.ro/templates/rt_fresco_responsive/js/load-transition.js | 200 OK Content-Length: 741 Content-Type: application/javascript | clean |
http://tpmmedias.ro/components/com_roksprocket/assets/js/mootools-mobile.js | 200 OK Content-Length: 4475 Content-Type: application/javascript | clean |
http://tpmmedias.ro/components/com_roksprocket/assets/js/rokmediaqueries.js | 200 OK Content-Length: 2999 Content-Type: application/javascript | clean |
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=tpmmedias.ro
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://tpmmedias.ro/
Result: tpmmedias.ro is not infected or malware details are not published yet.
Result: tpmmedias.ro is not infected or malware details are not published yet.