Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: vss-rsa-konkurs.ru
Result:
HTTP/1.1 200 OK
Cache-Control: post-check=0, pre-check=0
Connection: close
Date: Sat, 04 Oct 2014 13:30:36 GMT
Pragma: no-cache
Server: Apache
Content-Type: text/html; charset=utf-8
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Sat, 04 Oct 2014 13:30:36 GMT
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Set-Cookie: 8f55b53cdd90876ee9830f20b71131f8=8fio1fbucsn7lp3f1rkarhk8l7; path=/
GET / HTTP/1.1
Host: vss-rsa-konkurs.ru
Result:
HTTP/1.1 200 OK
Cache-Control: post-check=0, pre-check=0
Connection: close
Date: Sat, 04 Oct 2014 13:30:36 GMT
Pragma: no-cache
Server: Apache
Content-Type: text/html; charset=utf-8
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Sat, 04 Oct 2014 13:30:36 GMT
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Set-Cookie: 8f55b53cdd90876ee9830f20b71131f8=8fio1fbucsn7lp3f1rkarhk8l7; path=/
Second query (visit from search engine):
GET / HTTP/1.1
Host: vss-rsa-konkurs.ru
Referer: http://www.google.com/search?q=vss-rsa-konkurs.ru
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: vss-rsa-konkurs.ru
Referer: http://www.google.com/search?q=vss-rsa-konkurs.ru
Result:
The result is similar to the first query. There are no suspicious redirects found.
Scanned pages/files
| Request | Server response | Status |
http://vss-rsa-konkurs.ru/ | 200 OK Content-Length: 28833 Content-Type: text/html | clean |
http://vss-rsa-konkurs.ru/media/system/js/caption.js | 200 OK Content-Length: 1963 Content-Type: application/javascript | clean |
http://vss-rsa-konkurs.ru/templates/yoo_phoenix/lib/js/addons/base.js | 200 OK Content-Length: 1771 Content-Type: application/javascript | clean |
http://vss-rsa-konkurs.ru/templates/yoo_phoenix/lib/js/addons/accordionmenu.js | 200 OK Content-Length: 1351 Content-Type: application/javascript | clean |
http://vss-rsa-konkurs.ru/templates/yoo_phoenix/lib/js/addons/fancymenu.js | 200 OK Content-Length: 2667 Content-Type: application/javascript | clean |
http://vss-rsa-konkurs.ru/templates/yoo_phoenix/lib/js/addons/dropdownmenu.js | 200 OK Content-Length: 2824 Content-Type: application/javascript | clean |
http://vss-rsa-konkurs.ru/templates/yoo_phoenix/lib/js/template.js | 200 OK Content-Length: 3172 Content-Type: application/javascript | clean |
http://vss-rsa-konkurs.ru/modules/mod_yoo_search/mod_yoo_search.js | 200 OK Content-Length: 3553 Content-Type: application/javascript | clean |
http://vss-rsa-konkurs.ru//yandex.st/share/share.js/ | 404 Not Found Content-Length: 1810 Content-Type: text/html | clean |
http://vss-rsa-konkurs.ru/index.php | 200 OK Content-Length: 28842 Content-Type: text/html | clean |
http://vss-rsa-konkurs.ru/about22/polozhen.html | 200 OK Content-Length: 23592 Content-Type: text/html | clean |
http://vss-rsa-konkurs.ru/about22/polozhen/refpoloz.html | 200 OK Content-Length: 36230 Content-Type: text/html | clean |
http://vss-rsa-konkurs.ru/about22/polozhen/znanpolz.html | 200 OK Content-Length: 35259 Content-Type: text/html | clean |
http://vss-rsa-konkurs.ru/about22/organ-ref.html | 200 OK Content-Length: 32757 Content-Type: text/html | clean |
http://vss-rsa-konkurs.ru/about22/bestvic.html | 200 OK Content-Length: 22704 Content-Type: text/html | clean |
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=vss-rsa-konkurs.ru
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://vss-rsa-konkurs.ru/
Result: vss-rsa-konkurs.ru is not infected or malware details are not published yet.
Result: vss-rsa-konkurs.ru is not infected or malware details are not published yet.