Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: trial-pr.ru
Result:
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Thu, 09 Oct 2014 22:24:46 GMT
Pragma: no-cache
Server: DataPalm/3.5
Content-Type: text/html; charset=UTF-8
Expires: Thu, 19 Nov 1981 08:52:00 GMT
P3P: policyref="/bitrix/p3p.xml", CP="NON DSP COR CUR ADM DEV PSA PSD OUR UNR BUS UNI COM NAV INT DEM STA"
Set-Cookie: PHPSESSID=78ca29864a78b1885e7a7c498279c5e0; path=/
X-Frame-Options: SAMEORIGIN
X-Powered-CMS: Bitrix Site Manager (94b776c7fe4b08b19c4d9a373c3b7c08)
GET / HTTP/1.1
Host: trial-pr.ru
Result:
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Thu, 09 Oct 2014 22:24:46 GMT
Pragma: no-cache
Server: DataPalm/3.5
Content-Type: text/html; charset=UTF-8
Expires: Thu, 19 Nov 1981 08:52:00 GMT
P3P: policyref="/bitrix/p3p.xml", CP="NON DSP COR CUR ADM DEV PSA PSD OUR UNR BUS UNI COM NAV INT DEM STA"
Set-Cookie: PHPSESSID=78ca29864a78b1885e7a7c498279c5e0; path=/
X-Frame-Options: SAMEORIGIN
X-Powered-CMS: Bitrix Site Manager (94b776c7fe4b08b19c4d9a373c3b7c08)
Second query (visit from search engine):
GET / HTTP/1.1
Host: trial-pr.ru
Referer: http://www.google.com/search?q=trial-pr.ru
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: trial-pr.ru
Referer: http://www.google.com/search?q=trial-pr.ru
Result:
The result is similar to the first query. There are no suspicious redirects found.
Scanned pages/files
| Request | Server response | Status |
http://trial-pr.ru/ | 200 OK Content-Length: 28907 Content-Type: text/html | clean |
http://trial-pr.ru/bitrix/js/main/core/core.js?1347312820 | 200 OK Content-Length: 60206 Content-Type: application/x-javascript | clean |
http://trial-pr.ru/bitrix/js/main/core/core_ajax.js?1347312820 | 200 OK Content-Length: 25694 Content-Type: application/x-javascript | clean |
http://trial-pr.ru/bitrix/js/main/session.js?1300619996 | 200 OK Content-Length: 3157 Content-Type: application/x-javascript | clean |
http://trial-pr.ru/bitrix/templates/turbomilk/script.js | 200 OK Content-Length: 717 Content-Type: application/x-javascript | clean |
http://trial-pr.ru//mc.yandex.ru/metrika/watch.js/ | 404 Not Found Content-Length: 17416 Content-Type: text/html | clean |
http://trial-pr.ru/sitemap/ | 200 OK Content-Length: 21507 Content-Type: text/html | clean |
http://trial-pr.ru/about/ | 200 OK Content-Length: 21810 Content-Type: text/html | clean |
http://trial-pr.ru/contacts/ | 200 OK Content-Length: 20611 Content-Type: text/html | clean |
http://api-maps.yandex.ru/2.0/?load=package.full&mode=release&lang=ru-RU&wizard=bitrix | 200 OK Content-Length: 70730 Content-Type: text/javascript | clean |
http://trial-pr.ru/bitrix/components/bitrix/map.yandex.view/templates/.default/script.js?1347285200 | 200 OK Content-Length: 1540 Content-Type: application/x-javascript | clean |
http://trial-pr.ru/job/ | 200 OK Content-Length: 20116 Content-Type: text/html | clean |
http://trial-pr.ru/TechSupport/ | 200 OK Content-Length: 21862 Content-Type: text/html | clean |
http://trial-pr.ru/Shop/ | 200 OK Content-Length: 20939 Content-Type: text/html | clean |
http://trial-pr.ru/Cons/ | 200 OK Content-Length: 26020 Content-Type: text/html | clean |
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=trial-pr.ru
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://trial-pr.ru/
Result: trial-pr.ru is not infected or malware details are not published yet.
Result: trial-pr.ru is not infected or malware details are not published yet.