Scanned pages/files
| Request | Server response | Status |
http://atrav.ru/ | HTTP/1.1 302 Moved Temporarily Connection: close Date: Sun, 18 Jan 2015 14:32:27 GMT Location: http://fakel96.ru/books?charset=utf-8&keyword=%D0%BA%D0%BE%D0%BD%D1%82%D1%80%D0%BE%D0%BB%D1%8C%D0%BD%D0%B0%D1%8F+%D1%80%D0%B0%D0%B1%D0%BE%D1%82%D0%B0+%D0%BF%D0%BE+%D1%84%D0%B8%D0%B7%D0%B8%D0%BA%D0%B5+%D0%BD%D0%B0+%D1%82%D0%B5%D0%BC%D1%83+%D0%BC%D0%B5%D1%85%D0%B0%D0%BD%D0%B8%D1%87%D0%B5%D1%81%D0%BA%D0%BE%D0%B5+%D0%B4%D0%B2%D0%B8%D0%B6%D0%B5%D0%BD%D0%B8%D0%B5+%D1%81+%D0%BE%D1%82%D0%B2%D0%B5%D1%82%D0%B0%D0%BC%D0%B8&v=3&id_mark=3385 Server: nginx/1.4.3 Content-Type: text/html X-Powered-By: PHP/5.4.21-1~dotdeb.1 | clean |
http://fakel96.ru/books?charset=utf-8&keyword=%d0%ba%d0%be%d0%bd%d1%82%d1%80%d0%be%d0%bb%d1%8c%d0%bd%d0%b0%d1%8f+%d1%80%d0%b0%d0%b1%d0%be%d1%82%d0%b0+%d0%bf%d0%be+%d1%84%d0%b8%d0%b7%d0%b8%d0%ba%d0%b5+%d0%bd%d0%b0+%d1%82%d0%b5%d0%bc%d1%83+%d0%bc%d0%b5%d1%85%d0%b0%d0%bd%d0%b8%d1%87%d0%b5%d1%81%d0%ba%d0%be%d0%b5+%d0%b4%d0%b2%d0%b8%d0%b6%d0%b5%d0%bd%d0%b8%d0%b5+%d1%81+%d0%be%d1%82%d0%b2%d0%b5%d1%82%d0%b0%d0%bc%d0%b8&v=3&id_mark=3385 | HTTP/1.1 302 Found Cache-Control: max-age=0 Connection: close Date: Sun, 18 Jan 2015 14:32:27 GMT Pragma: no-cache Location: http://fporno.free-best-hosting.com Server: nginx/1.0.15 Content-Length: 0 Content-Type: text/html; charset=utf-8 Expires: Thu, 21 Jul 1977 07:30:00 GMT Last-Modified: Sun, 18 Jan 2015 14:32:27 GMT X-Powered-By: PHP/5.4.34 | clean |
http://fporno.free-best-hosting.com/ | 200 OK Content-Length: 44677 Content-Type: text/html | clean |
http://fporno.free-best-hosting.com//ajax.googleapis.com/ajax/libs/jquery/1.11.1/jquery.min.js/ | 200 OK Content-Length: 14 Content-Type: text/html | clean |
http://fporno.free-best-hosting.com/test404page.js | 200 OK Content-Length: 14 Content-Type: text/html | clean |
http://atrav.ru/wp-includes/js/jquery/jquery-migrate.min.js | HTTP/1.1 302 Moved Temporarily Connection: close Date: Sun, 18 Jan 2015 14:32:39 GMT Location: http://restoran-bambuk.ru/404?keyword=jquery-migrate.rar Server: nginx/1.4.3 Content-Type: text/html X-Powered-By: PHP/5.4.21-1~dotdeb.1 | clean |
http://restoran-bambuk.ru/404?keyword=jquery-migrate.rar | HTTP/1.1 302 Found Cache-Control: max-age=0 Connection: close Date: Sun, 18 Jan 2015 14:32:39 GMT Pragma: no-cache Location: http://fast-rutracker.in/redirect/redirect.php?site=11&sid=491349525&buyer_sid=911441499&page=lending&key=archive755217.zip Server: nginx/1.0.15 Content-Length: 0 Content-Type: text/html; charset=utf-8 Expires: Thu, 21 Jul 1977 07:30:00 GMT Last-Modified: Sun, 18 Jan 2015 14:32:39 GMT X-Powered-By: PHP/5.4.34 | clean |
http://fast-rutracker.in/redirect/redirect.php?site=11&sid=491349525&buyer_sid=911441499&page=lending&key=archive755217.zip | HTTP/1.1 302 Moved Temporarily Connection: close Date: Sun, 18 Jan 2015 14:47:08 GMT Location: http://dl37.softportalncc.name?sid=491349525&buyer_sid=911441499&page=lending&key=archive755217.zip Server: nginx Content-Length: 0 Content-Type: text/html; charset=UTF-8 X-Powered-By: PHP/5.3.27 | suspicious |
http://dl37.softportalncc.name?sid=491349525&buyer_sid=911441499&page=lending&key=archive755217.zip/ | HTTP/1.1 302 Found Cache-Control: max-age=259200 Connection: close Date: Sun, 18 Jan 2015 14:32:40 GMT Pragma: no-cache Location: /?page=lending&key=archive755217.zip%2F Server: nginx/1.0.14 Content-Length: 0 Content-Type: text/html; charset=utf-8 Expires: Wed, 21 Jan 2015 14:32:40 GMT Set-Cookie: PHPSESSID=oaa7ammrklfesgnq9jkvrlnpe1; path=/ X-Powered-By: PHP/5.3.10 | clean |
http://dl37.softportalncc.name?sid=491349525&buyer_sid=911441499&page=lending&key=archive755217.zip/?page=lending&key=archive755217.zip%2f | HTTP/1.1 302 Found Cache-Control: max-age=259200 Connection: close Date: Sun, 18 Jan 2015 14:32:40 GMT Pragma: no-cache Location: /?page=lending&key=archive755217.zip%2F Server: nginx/1.0.14 Content-Length: 0 Content-Type: text/html; charset=utf-8 Expires: Wed, 21 Jan 2015 14:32:40 GMT Set-Cookie: PHPSESSID=76h62qh1kc6nc74tqoldb2bpu2; path=/ X-Powered-By: PHP/5.3.10 | clean |
http://atrav.ru/wp-content/themes/KoRuDoTheme/js/modernizr.min.js | HTTP/1.1 302 Moved Temporarily Connection: close Date: Sun, 18 Jan 2015 14:32:41 GMT Location: http://restoran-bambuk.ru/404?keyword=modernizr.rar Server: nginx/1.4.3 Content-Type: text/html X-Powered-By: PHP/5.4.21-1~dotdeb.1 | clean |
http://restoran-bambuk.ru/404?keyword=modernizr.rar | HTTP/1.1 302 Found Cache-Control: max-age=0 Connection: close Date: Sun, 18 Jan 2015 14:32:41 GMT Pragma: no-cache Location: http://fast-rutracker.in/redirect/redirect.php?site=11&sid=491349525&buyer_sid=911441499&page=lending&key=archive755217.zip Server: nginx/1.0.15 Content-Length: 0 Content-Type: text/html; charset=utf-8 Expires: Thu, 21 Jul 1977 07:30:00 GMT Last-Modified: Sun, 18 Jan 2015 14:32:41 GMT X-Powered-By: PHP/5.4.34 | clean |
http://atrav.ru/wp-content/themes/KoRuDoTheme/js/jquery.plugins.min.js | HTTP/1.1 302 Moved Temporarily Connection: close Date: Sun, 18 Jan 2015 14:32:41 GMT Location: http://restoran-bambuk.ru/404?keyword=jquery.rar Server: nginx/1.4.3 Content-Type: text/html X-Powered-By: PHP/5.4.21-1~dotdeb.1 | clean |
http://restoran-bambuk.ru/404?keyword=jquery.rar | HTTP/1.1 302 Found Cache-Control: max-age=0 Connection: close Date: Sun, 18 Jan 2015 14:32:42 GMT Pragma: no-cache Location: http://fast-rutracker.in/redirect/redirect.php?site=11&sid=491349525&buyer_sid=911441499&page=lending&key=archive755217.zip Server: nginx/1.0.15 Content-Length: 0 Content-Type: text/html; charset=utf-8 Expires: Thu, 21 Jul 1977 07:30:00 GMT Last-Modified: Sun, 18 Jan 2015 14:32:42 GMT X-Powered-By: PHP/5.4.34 | clean |
http://atrav.ru/wp-includes/js/masonry.min.js | HTTP/1.1 302 Moved Temporarily Connection: close Date: Sun, 18 Jan 2015 14:32:42 GMT Location: http://restoran-bambuk.ru/404?keyword=masonry.rar Server: nginx/1.4.3 Content-Type: text/html X-Powered-By: PHP/5.4.21-1~dotdeb.1 | clean |
http://restoran-bambuk.ru/404?keyword=masonry.rar | HTTP/1.1 302 Found Cache-Control: max-age=0 Connection: close Date: Sun, 18 Jan 2015 14:32:42 GMT Pragma: no-cache Location: http://fast-rutracker.in/redirect/redirect.php?site=11&sid=491349525&buyer_sid=911441499&page=lending&key=archive755217.zip Server: nginx/1.0.15 Content-Length: 0 Content-Type: text/html; charset=utf-8 Expires: Thu, 21 Jul 1977 07:30:00 GMT Last-Modified: Sun, 18 Jan 2015 14:32:42 GMT X-Powered-By: PHP/5.4.34 | clean |
http://atrav.ru/wp-includes/js/jquery/jquery.masonry.min.js | HTTP/1.1 302 Moved Temporarily Connection: close Date: Sun, 18 Jan 2015 14:32:43 GMT Location: http://restoran-bambuk.ru/404?keyword=jquery.rar Server: nginx/1.4.3 Content-Type: text/html X-Powered-By: PHP/5.4.21-1~dotdeb.1 | clean |
http://atrav.ru/wp-content/themes/KoRuDoTheme/js/jquery.fitvids.js | HTTP/1.1 302 Moved Temporarily Connection: close Date: Sun, 18 Jan 2015 14:32:44 GMT Location: http://restoran-bambuk.ru/404?keyword=jquery.rar Server: nginx/1.4.3 Content-Type: text/html X-Powered-By: PHP/5.4.21-1~dotdeb.1 | clean |
http://atrav.ru/wp-content/themes/KoRuDoTheme/js/theme.js | HTTP/1.1 302 Moved Temporarily Connection: close Date: Sun, 18 Jan 2015 14:32:44 GMT Location: http://restoran-bambuk.ru/404?keyword=theme.rar Server: nginx/1.4.3 Content-Type: text/html X-Powered-By: PHP/5.4.21-1~dotdeb.1 | clean |
http://restoran-bambuk.ru/404?keyword=theme.rar | HTTP/1.1 302 Found Cache-Control: max-age=0 Connection: close Date: Sun, 18 Jan 2015 14:32:44 GMT Pragma: no-cache Location: http://fast-rutracker.in/redirect/redirect.php?site=11&sid=491349525&buyer_sid=911441499&page=lending&key=archive755217.zip Server: nginx/1.0.15 Content-Length: 0 Content-Type: text/html; charset=utf-8 Expires: Thu, 21 Jul 1977 07:30:00 GMT Last-Modified: Sun, 18 Jan 2015 14:32:44 GMT X-Powered-By: PHP/5.4.34 | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: atrav.ru
Result:
HTTP/1.1 302 Moved Temporarily
Connection: close
Date: Sun, 18 Jan 2015 14:32:27 GMT
Location: http://fakel96.ru/books?charset=utf-8&keyword=%D0%BA%D0%BE%D0%BD%D1%82%D1%80%D0%BE%D0%BB%D1%8C%D0%BD%D0%B0%D1%8F+%D1%80%D0%B0%D0%B1%D0%BE%D1%82%D0%B0+%D0%BF%D0%BE+%D1%84%D0%B8%D0%B7%D0%B8%D0%BA%D0%B5+%D0%BD%D0%B0+%D1%82%D0%B5%D0%BC%D1%83+%D0%BC%D0%B5%D1%85%D0%B0%D0%BD%D0%B8%D1%87%D0%B5%D1%81%D0%BA%D0%BE%D0%B5+%D0%B4%D0%B2%D0%B8%D0%B6%D0%B5%D0%BD%D0%B8%D0%B5+%D1%81+%D0%BE%D1%82%D0%B2%D0%B5%D1%82%D0%B0%D0%BC%D0%B8&v=3&id_mark=3385
Server: nginx/1.4.3
Content-Type: text/html
X-Powered-By: PHP/5.4.21-1~dotdeb.1
GET / HTTP/1.1
Host: atrav.ru
Result:
HTTP/1.1 302 Moved Temporarily
Connection: close
Date: Sun, 18 Jan 2015 14:32:27 GMT
Location: http://fakel96.ru/books?charset=utf-8&keyword=%D0%BA%D0%BE%D0%BD%D1%82%D1%80%D0%BE%D0%BB%D1%8C%D0%BD%D0%B0%D1%8F+%D1%80%D0%B0%D0%B1%D0%BE%D1%82%D0%B0+%D0%BF%D0%BE+%D1%84%D0%B8%D0%B7%D0%B8%D0%BA%D0%B5+%D0%BD%D0%B0+%D1%82%D0%B5%D0%BC%D1%83+%D0%BC%D0%B5%D1%85%D0%B0%D0%BD%D0%B8%D1%87%D0%B5%D1%81%D0%BA%D0%BE%D0%B5+%D0%B4%D0%B2%D0%B8%D0%B6%D0%B5%D0%BD%D0%B8%D0%B5+%D1%81+%D0%BE%D1%82%D0%B2%D0%B5%D1%82%D0%B0%D0%BC%D0%B8&v=3&id_mark=3385
Server: nginx/1.4.3
Content-Type: text/html
X-Powered-By: PHP/5.4.21-1~dotdeb.1
Second query (visit from search engine):
GET / HTTP/1.1
Host: atrav.ru
Referer: http://www.google.com/search?q=atrav.ru
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: atrav.ru
Referer: http://www.google.com/search?q=atrav.ru
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=atrav.ru
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://atrav.ru/
Result: atrav.ru is not infected or malware details are not published yet.
Result: atrav.ru is not infected or malware details are not published yet.