Scanned pages/files
| Request | Server response | Status |
http://a-pskov.ru/ | HTTP/1.1 302 Moved Temporarily Connection: close Date: Fri, 09 Jan 2015 06:13:55 GMT Location: http://rublevskiypirs.ru/books?charset=utf-8&keyword=%D0%9E%D0%B1%D0%B7%D0%BE%D1%80%D1%8B+%D0%B0%D0%BD%D0%B4%D1%80%D0%BE%D0%B8%D0%B4+%D0%BF%D0%BB%D0%B0%D0%BD%D1%88%D0%B5%D1%82%D0%BE%D0%B2%2C+%D0%B2%D1%8B%D0%B1%D0%BE%D1%80+%D0%BF%D0%BB%D0%B0%D0%BD%D1%88%D0%B5%D1%82%D0%B0%2C+%D0%B8%D0%B3%D1%80%D1%8B+%D0%BD%D0%B0+%D0%B0%D0%BD%D0%B4%D1%80%D0%BE%D0%B8%D0%B4+%D1%81%D0%BA%D0%B0%D1%87%D0%B0%D1%82%D1%8C+%D0%B1%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D0%BE&v=3&id_mark=494 Server: nginx/1.4.3 Content-Type: text/html X-Powered-By: PHP/5.4.21-1~dotdeb.1 | clean |
http://rublevskiypirs.ru/books?charset=utf-8&keyword=%d0%9e%d0%b1%d0%b7%d0%be%d1%80%d1%8b+%d0%b0%d0%bd%d0%b4%d1%80%d0%be%d0%b8%d0%b4+%d0%bf%d0%bb%d0%b0%d0%bd%d1%88%d0%b5%d1%82%d0%be%d0%b2%2c+%d0%b2%d1%8b%d0%b1%d0%be%d1%80+%d0%bf%d0%bb%d0%b0%d0%bd%d1%88%d0%b5%d1%82%d0%b0%2c+%d0%b8%d0%b3%d1%80%d1%8b+%d0%bd%d0%b0+%d0%b0%d0%bd%d0%b4%d1%80%d0%be%d0%b8%d0%b4+%d1%81%d0%ba%d0%b0%d1%87%d0%b0%d1%82%d1%8c+%d <span>...68 symbols skipped</span> | HTTP/1.1 302 Found Cache-Control: max-age=0 Connection: close Date: Fri, 09 Jan 2015 06:13:55 GMT Pragma: no-cache Location: http://www.youcanfind.net/rl_cmprwm.php?ct=cq66j Server: nginx/1.0.15 Content-Length: 0 Content-Type: text/html; charset=utf-8 Expires: Thu, 21 Jul 1977 07:30:00 GMT Last-Modified: Fri, 09 Jan 2015 06:13:55 GMT X-Powered-By: PHP/5.4.34 | clean |
http://www.youcanfind.net/rl_cmprwm.php?ct=cq66j | HTTP/1.1 302 Found Connection: close Date: Fri, 09 Jan 2015 06:13:55 GMT Location: http://chlcotrk.com/mt/x254x274b4z2x2y234t2/&subid1=2400z8z1z0 Server: Apache/2.2.19 (Unix) PHP/5.1.6 mod_ssl/2.2.19 OpenSSL/0.9.7e-p1 Content-Length: 0 Content-Type: text/html X-Powered-By: PHP/5.1.6 | clean |
http://chlcotrk.com/mt/x254x274b4z2x2y234t2/&subid1=2400z8z1z0 | HTTP/1.1 302 nginx/1.1.19 Connection: Close Date: Fri, 09 Jan 2015 06:13:56 GMT Location: http://nw1.truedefendredirect.com/?oid=3299&s1=2d974e292f79a140958af85cf4031643&s2=CD4823&s3=3299&s4=&s5= Content-Length: 0 Content-Type: text/html; charset=utf-8 P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" Set-Cookie: mt_imp_3299=1; expires=Sun, 08-Feb-2015 06:13:56 GMT; path=/; domain=chlcotrk.com Set-Cookie: mt_muid=MT-54af71a469f5f-9099; expires=Sun, 08-Feb-2015 06:13:56 GMT; path=/; domain=chlcotrk.com Set-Cookie: mt_lds=2d974e292f79a140958af85cf4031643; expires=Sun, 08-Feb-2015 06:13:56 GMT; path=/; domain=chlcotrk.com Set-Cookie: mt_clk=2d974e292f79a140958af85cf4031643; path=/; domain=chlcotrk.com X-Powered-By: HHVM/3.0.1 | clean |
http://nw1.truedefendredirect.com/?oid=3299&s1=2d974e292f79a140958af85cf4031643&s2=cd4823&s3=3299&s4=&s5= | HTTP/1.1 302 Moved Temporarily Connection: Close Date: Fri, 09 Jan 2015 06:13:56 GMT Location: http://PgIzz.titty.elitewindowstream.xyz/?sov=241786602&hid=flhvhvfnljprfj&redid=788&id=XNSX.2d974e292f79a140958af85cf4031643%3A%3Acd4823%3A%3A3299-r788 Server: nginx/1.2.8 Content-Length: 0 Content-Type: text/html X-Powered-By: PHP/5.3.23 | clean |
http://pgizz.titty.elitewindowstream.xyz/?sov=241786602&hid=flhvhvfnljprfj&redid=788&id=xnsx.2d974e292f79a140958af85cf4031643%3a%3acd4823%3a%3a3299-r788 | 200 OK Content-Length: 12362 Content-Type: text/html | clean |
http://pgizz.titty.elitewindowstream.xyz/terms/privacy.html | 200 OK Content-Length: 24252 Content-Type: text/html | clean |
http://ajax.googleapis.com/ajax/libs/jquery/1.4/jquery.min.js | 200 OK Content-Length: 78601 Content-Type: text/javascript | clean |
http://pgizz.titty.elitewindowstream.xyz/templates/_common/footer_links/js/script.js | 200 OK Content-Length: 5674 Content-Type: application/javascript | clean |
http://pgizz.titty.elitewindowstream.xyz//translate.google.com/translate_a/element.js?cb=googleTranslateElementInit/ | 404 Not Found Content-Length: 570 Content-Type: text/html | clean |
http://pgizz.titty.elitewindowstream.xyz/test404page.js | 404 Not Found Content-Length: 570 Content-Type: text/html | clean |
http://a-pskov.ru/terms/terms.html | HTTP/1.1 302 Moved Temporarily Connection: close Date: Fri, 09 Jan 2015 06:14:02 GMT Location: http://restoran-bambuk.ru/404?keyword=terms.rar Server: nginx/1.4.3 Content-Type: text/html X-Powered-By: PHP/5.4.21-1~dotdeb.1 | clean |
http://restoran-bambuk.ru/404?keyword=terms.rar | HTTP/1.1 302 Found Cache-Control: max-age=0 Connection: close Date: Fri, 09 Jan 2015 06:14:02 GMT Pragma: no-cache Location: http://fast-rutracker.in/redirect/redirect.php?site=11&sid=491349525&buyer_sid=911441499&page=lending&key=archive755217.zip Server: nginx/1.0.15 Content-Length: 0 Content-Type: text/html; charset=utf-8 Expires: Thu, 21 Jul 1977 07:30:00 GMT Last-Modified: Fri, 09 Jan 2015 06:14:02 GMT X-Powered-By: PHP/5.4.34 | clean |
http://fast-rutracker.in/redirect/redirect.php?site=11&sid=491349525&buyer_sid=911441499&page=lending&key=archive755217.zip | HTTP/1.1 302 Moved Temporarily Connection: close Date: Fri, 09 Jan 2015 06:28:07 GMT Location: http://dl43.softportalvcc.name?sid=491349525&buyer_sid=911441499&page=lending&key=archive755217.zip Server: nginx Content-Length: 0 Content-Type: text/html; charset=UTF-8 X-Powered-By: PHP/5.3.27 | suspicious |
http://dl43.softportalvcc.name?sid=491349525&buyer_sid=911441499&page=lending&key=archive755217.zip/ | HTTP/1.1 302 Found Cache-Control: max-age=259200 Connection: close Date: Fri, 09 Jan 2015 06:14:02 GMT Pragma: no-cache Location: /?page=lending&key=archive755217.zip%2F Server: nginx/1.0.14 Content-Length: 0 Content-Type: text/html; charset=utf-8 Expires: Mon, 12 Jan 2015 06:14:02 GMT Set-Cookie: PHPSESSID=4ofkkg6l6emj7ehgh04n2dlu64; path=/ X-Powered-By: PHP/5.3.10 | clean |
http://dl43.softportalvcc.name?sid=491349525&buyer_sid=911441499&page=lending&key=archive755217.zip/?page=lending&key=archive755217.zip%2f | HTTP/1.1 302 Found Cache-Control: max-age=259200 Connection: close Date: Fri, 09 Jan 2015 06:14:03 GMT Pragma: no-cache Location: /?page=lending&key=archive755217.zip%2F Server: nginx/1.0.14 Content-Length: 0 Content-Type: text/html; charset=utf-8 Expires: Mon, 12 Jan 2015 06:14:03 GMT Set-Cookie: PHPSESSID=i9c6noakf4rshd2jddo4697842; path=/ X-Powered-By: PHP/5.3.10 | clean |
http://a-pskov.ru/terms/aboutus.html | HTTP/1.1 302 Moved Temporarily Connection: close Date: Fri, 09 Jan 2015 06:14:03 GMT Location: http://restoran-bambuk.ru/404?keyword=aboutus.rar Server: nginx/1.4.3 Content-Type: text/html X-Powered-By: PHP/5.4.21-1~dotdeb.1 | clean |
http://restoran-bambuk.ru/404?keyword=aboutus.rar | HTTP/1.1 302 Found Cache-Control: max-age=0 Connection: close Date: Fri, 09 Jan 2015 06:14:04 GMT Pragma: no-cache Location: http://fast-rutracker.in/redirect/redirect.php?site=11&sid=491349525&buyer_sid=911441499&page=lending&key=archive755217.zip Server: nginx/1.0.15 Content-Length: 0 Content-Type: text/html; charset=utf-8 Expires: Thu, 21 Jul 1977 07:30:00 GMT Last-Modified: Fri, 09 Jan 2015 06:14:04 GMT X-Powered-By: PHP/5.4.34 | clean |
http://a-pskov.ru/terms/privacy.html | HTTP/1.1 302 Moved Temporarily Connection: close Date: Fri, 09 Jan 2015 06:14:06 GMT Location: http://restoran-bambuk.ru/404?keyword=privacy.rar Server: nginx/1.4.3 Content-Type: text/html X-Powered-By: PHP/5.4.21-1~dotdeb.1 | clean |
http://restoran-bambuk.ru/404?keyword=privacy.rar | HTTP/1.1 302 Found Cache-Control: max-age=0 Connection: close Date: Fri, 09 Jan 2015 06:14:07 GMT Pragma: no-cache Location: http://fast-rutracker.in/redirect/redirect.php?site=11&sid=491349525&buyer_sid=911441499&page=lending&key=archive755217.zip Server: nginx/1.0.15 Content-Length: 0 Content-Type: text/html; charset=utf-8 Expires: Thu, 21 Jul 1977 07:30:00 GMT Last-Modified: Fri, 09 Jan 2015 06:14:07 GMT X-Powered-By: PHP/5.4.34 | clean |
http://a-pskov.ru//titty.elitewindowstream.xyz/admin_config/ | HTTP/1.1 302 Moved Temporarily Connection: close Date: Fri, 09 Jan 2015 06:14:08 GMT Location: http://restoran-bambuk.ru/404?keyword=.rar Server: nginx/1.4.3 Content-Type: text/html X-Powered-By: PHP/5.4.21-1~dotdeb.1 | clean |
http://restoran-bambuk.ru/404?keyword=.rar | HTTP/1.1 302 Found Cache-Control: max-age=0 Connection: close Date: Fri, 09 Jan 2015 06:14:08 GMT Pragma: no-cache Location: http://fast-rutracker.in/redirect/redirect.php?site=11&sid=491349525&buyer_sid=911441499&page=lending&key=archive755217.zip Server: nginx/1.0.15 Content-Length: 0 Content-Type: text/html; charset=utf-8 Expires: Thu, 21 Jul 1977 07:30:00 GMT Last-Modified: Fri, 09 Jan 2015 06:14:08 GMT X-Powered-By: PHP/5.4.34 | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: a-pskov.ru
Result:
HTTP/1.1 302 Moved Temporarily
Connection: close
Date: Fri, 09 Jan 2015 06:13:55 GMT
Location: http://rublevskiypirs.ru/books?charset=utf-8&keyword=%D0%9E%D0%B1%D0%B7%D0%BE%D1%80%D1%8B+%D0%B0%D0%BD%D0%B4%D1%80%D0%BE%D0%B8%D0%B4+%D0%BF%D0%BB%D0%B0%D0%BD%D1%88%D0%B5%D1%82%D0%BE%D0%B2%2C+%D0%B2%D1%8B%D0%B1%D0%BE%D1%80+%D0%BF%D0%BB%D0%B0%D0%BD%D1%88%D0%B5%D1%82%D0%B0%2C+%D0%B8%D0%B3%D1%80%D1%8B+%D0%BD%D0%B0+%D0%B0%D0%BD%D0%B4%D1%80%D0%BE%D0%B8%D0%B4+%D1%81%D0%BA%D0%B0%D1%87%D0%B0%D1%82%D1%8C+%D0%B1%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D0%BE&v=3&id_mark=494
Server: nginx/1.4.3
Content-Type: text/html
X-Powered-By: PHP/5.4.21-1~dotdeb.1
GET / HTTP/1.1
Host: a-pskov.ru
Result:
HTTP/1.1 302 Moved Temporarily
Connection: close
Date: Fri, 09 Jan 2015 06:13:55 GMT
Location: http://rublevskiypirs.ru/books?charset=utf-8&keyword=%D0%9E%D0%B1%D0%B7%D0%BE%D1%80%D1%8B+%D0%B0%D0%BD%D0%B4%D1%80%D0%BE%D0%B8%D0%B4+%D0%BF%D0%BB%D0%B0%D0%BD%D1%88%D0%B5%D1%82%D0%BE%D0%B2%2C+%D0%B2%D1%8B%D0%B1%D0%BE%D1%80+%D0%BF%D0%BB%D0%B0%D0%BD%D1%88%D0%B5%D1%82%D0%B0%2C+%D0%B8%D0%B3%D1%80%D1%8B+%D0%BD%D0%B0+%D0%B0%D0%BD%D0%B4%D1%80%D0%BE%D0%B8%D0%B4+%D1%81%D0%BA%D0%B0%D1%87%D0%B0%D1%82%D1%8C+%D0%B1%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D0%BE&v=3&id_mark=494
Server: nginx/1.4.3
Content-Type: text/html
X-Powered-By: PHP/5.4.21-1~dotdeb.1
Second query (visit from search engine):
GET / HTTP/1.1
Host: a-pskov.ru
Referer: http://www.google.com/search?q=a-pskov.ru
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: a-pskov.ru
Referer: http://www.google.com/search?q=a-pskov.ru
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=a-pskov.ru
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://a-pskov.ru/
Result: a-pskov.ru is not infected or malware details are not published yet.
Result: a-pskov.ru is not infected or malware details are not published yet.