Scanned pages/files
| Request | Server response | Status |
http://eggbrothers.ru/ | HTTP/1.1 302 Moved Temporarily Connection: close Date: Fri, 09 Jan 2015 10:11:04 GMT Location: http://rublevskiypirs.ru/books?charset=utf-8&keyword=%D1%81%D0%BE%D1%87%D0%B8%D0%BD%D0%B5%D0%BD%D0%B8%D0%B5+%D0%BF%D0%BE+%D1%82%D0%B5%D0%BC%D0%B5+%D0%BA%D0%BE%D0%B7%D0%B3%D0%B5+%D1%8D%D1%88%D0%BB%D1%8D%D1%80&v=3&id_mark=2187 Server: nginx/1.4.3 Content-Type: text/html X-Powered-By: PHP/5.4.21-1~dotdeb.1 | clean |
http://rublevskiypirs.ru/books?charset=utf-8&keyword=%d1%81%d0%be%d1%87%d0%b8%d0%bd%d0%b5%d0%bd%d0%b8%d0%b5+%d0%bf%d0%be+%d1%82%d0%b5%d0%bc%d0%b5+%d0%ba%d0%be%d0%b7%d0%b3%d0%b5+%d1%8d%d1%88%d0%bb%d1%8d%d1%80&v=3&id_mark=2187 | HTTP/1.1 302 Found Cache-Control: max-age=0 Connection: close Date: Fri, 09 Jan 2015 10:11:04 GMT Pragma: no-cache Location: http://www.youcanfind.net/rl_cmprwm.php?ct=cq66j Server: nginx/1.0.15 Content-Length: 0 Content-Type: text/html; charset=utf-8 Expires: Thu, 21 Jul 1977 07:30:00 GMT Last-Modified: Fri, 09 Jan 2015 10:11:04 GMT X-Powered-By: PHP/5.4.34 | clean |
http://www.youcanfind.net/rl_cmprwm.php?ct=cq66j | HTTP/1.1 302 Found Connection: close Date: Fri, 09 Jan 2015 10:11:05 GMT Location: http://chlcotrk.com/mt/x254x274b4z2x2y234t2/&subid1=2400z8z1z0 Server: Apache/2.2.19 (Unix) PHP/5.1.6 mod_ssl/2.2.19 OpenSSL/0.9.7e-p1 Content-Length: 0 Content-Type: text/html X-Powered-By: PHP/5.1.6 | clean |
http://chlcotrk.com/mt/x254x274b4z2x2y234t2/&subid1=2400z8z1z0 | HTTP/1.1 302 nginx/1.1.19 Connection: Close Date: Fri, 09 Jan 2015 10:11:05 GMT Location: http://nw1.truedefendredirect.com/?oid=3299&s1=b5fe4a422a67bdbb5671f05b54d222a3&s2=CD4823&s3=3299&s4=&s5= Content-Length: 0 Content-Type: text/html; charset=utf-8 P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" Set-Cookie: mt_imp_3299=1; expires=Sun, 08-Feb-2015 10:11:05 GMT; path=/; domain=chlcotrk.com Set-Cookie: mt_muid=MT-54afa939e8fa1-7480; expires=Sun, 08-Feb-2015 10:11:05 GMT; path=/; domain=chlcotrk.com Set-Cookie: mt_lds=b5fe4a422a67bdbb5671f05b54d222a3; expires=Sun, 08-Feb-2015 10:11:05 GMT; path=/; domain=chlcotrk.com Set-Cookie: mt_clk=b5fe4a422a67bdbb5671f05b54d222a3; path=/; domain=chlcotrk.com X-Powered-By: HHVM/3.0.1 | clean |
http://nw1.truedefendredirect.com/?oid=3299&s1=b5fe4a422a67bdbb5671f05b54d222a3&s2=cd4823&s3=3299&s4=&s5= | HTTP/1.1 302 Moved Temporarily Connection: Close Date: Fri, 09 Jan 2015 10:11:06 GMT Location: http://fSUzz.titty.elitewindowstream.xyz/?sov=241786602&hid=gismsikisuksmgk&redid=788&id=XNSX.b5fe4a422a67bdbb5671f05b54d222a3%3A%3Acd4823%3A%3A3299-r788 Server: nginx/1.2.8 Content-Length: 0 Content-Type: text/html X-Powered-By: PHP/5.3.23 | clean |
http://fsuzz.titty.elitewindowstream.xyz/?sov=241786602&hid=gismsikisuksmgk&redid=788&id=xnsx.b5fe4a422a67bdbb5671f05b54d222a3%3a%3acd4823%3a%3a3299-r788 | 200 OK Content-Length: 12362 Content-Type: text/html | clean |
http://fsuzz.titty.elitewindowstream.xyz/terms/privacy.html | 200 OK Content-Length: 24252 Content-Type: text/html | clean |
http://ajax.googleapis.com/ajax/libs/jquery/1.4/jquery.min.js | 200 OK Content-Length: 78601 Content-Type: text/javascript | clean |
http://fsuzz.titty.elitewindowstream.xyz/templates/_common/footer_links/js/script.js | 200 OK Content-Length: 5674 Content-Type: application/javascript | clean |
http://fsuzz.titty.elitewindowstream.xyz//translate.google.com/translate_a/element.js?cb=googleTranslateElementInit/ | 404 Not Found Content-Length: 570 Content-Type: text/html | clean |
http://fsuzz.titty.elitewindowstream.xyz/test404page.js | 404 Not Found Content-Length: 570 Content-Type: text/html | clean |
http://eggbrothers.ru/terms/terms.html | HTTP/1.1 302 Moved Temporarily Connection: close Date: Fri, 09 Jan 2015 10:11:13 GMT Location: http://restoran-bambuk.ru/404?keyword=terms.rar Server: nginx/1.4.3 Content-Type: text/html X-Powered-By: PHP/5.4.21-1~dotdeb.1 | clean |
http://restoran-bambuk.ru/404?keyword=terms.rar | HTTP/1.1 302 Found Cache-Control: max-age=0 Connection: close Date: Fri, 09 Jan 2015 10:11:13 GMT Pragma: no-cache Location: http://fast-rutracker.in/redirect/redirect.php?site=11&sid=491349525&buyer_sid=911441499&page=lending&key=archive755217.zip Server: nginx/1.0.15 Content-Length: 0 Content-Type: text/html; charset=utf-8 Expires: Thu, 21 Jul 1977 07:30:00 GMT Last-Modified: Fri, 09 Jan 2015 10:11:13 GMT X-Powered-By: PHP/5.4.34 | clean |
http://fast-rutracker.in/redirect/redirect.php?site=11&sid=491349525&buyer_sid=911441499&page=lending&key=archive755217.zip | HTTP/1.1 302 Moved Temporarily Connection: close Date: Fri, 09 Jan 2015 10:25:18 GMT Location: http://dl43.softportalvcc.name?sid=491349525&buyer_sid=911441499&page=lending&key=archive755217.zip Server: nginx Content-Length: 0 Content-Type: text/html; charset=UTF-8 X-Powered-By: PHP/5.3.27 | suspicious |
http://dl43.softportalvcc.name?sid=491349525&buyer_sid=911441499&page=lending&key=archive755217.zip/ | HTTP/1.1 302 Found Cache-Control: max-age=259200 Connection: close Date: Fri, 09 Jan 2015 10:11:13 GMT Pragma: no-cache Location: /?page=lending&key=archive755217.zip%2F Server: nginx/1.0.14 Content-Length: 0 Content-Type: text/html; charset=utf-8 Expires: Mon, 12 Jan 2015 10:11:13 GMT Set-Cookie: PHPSESSID=lu6nlpcrrio5ejd5nf0t7vn086; path=/ X-Powered-By: PHP/5.3.10 | clean |
http://dl43.softportalvcc.name?sid=491349525&buyer_sid=911441499&page=lending&key=archive755217.zip/?page=lending&key=archive755217.zip%2f | HTTP/1.1 302 Found Cache-Control: max-age=259200 Connection: close Date: Fri, 09 Jan 2015 10:11:14 GMT Pragma: no-cache Location: /?page=lending&key=archive755217.zip%2F Server: nginx/1.0.14 Content-Length: 0 Content-Type: text/html; charset=utf-8 Expires: Mon, 12 Jan 2015 10:11:14 GMT Set-Cookie: PHPSESSID=so7sr7r6mdr4uj2ismihf1u031; path=/ X-Powered-By: PHP/5.3.10 | clean |
http://eggbrothers.ru/terms/aboutus.html | HTTP/1.1 302 Moved Temporarily Connection: close Date: Fri, 09 Jan 2015 10:11:14 GMT Location: http://restoran-bambuk.ru/404?keyword=aboutus.rar Server: nginx/1.4.3 Content-Type: text/html X-Powered-By: PHP/5.4.21-1~dotdeb.1 | clean |
http://restoran-bambuk.ru/404?keyword=aboutus.rar | HTTP/1.1 302 Found Cache-Control: max-age=0 Connection: close Date: Fri, 09 Jan 2015 10:11:14 GMT Pragma: no-cache Location: http://fast-rutracker.in/redirect/redirect.php?site=11&sid=491349525&buyer_sid=911441499&page=lending&key=archive755217.zip Server: nginx/1.0.15 Content-Length: 0 Content-Type: text/html; charset=utf-8 Expires: Thu, 21 Jul 1977 07:30:00 GMT Last-Modified: Fri, 09 Jan 2015 10:11:14 GMT X-Powered-By: PHP/5.4.34 | clean |
http://eggbrothers.ru/terms/privacy.html | HTTP/1.1 302 Moved Temporarily Connection: close Date: Fri, 09 Jan 2015 10:11:15 GMT Location: http://restoran-bambuk.ru/404?keyword=privacy.rar Server: nginx/1.4.3 Content-Type: text/html X-Powered-By: PHP/5.4.21-1~dotdeb.1 | clean |
http://restoran-bambuk.ru/404?keyword=privacy.rar | HTTP/1.1 302 Found Cache-Control: max-age=0 Connection: close Date: Fri, 09 Jan 2015 10:11:15 GMT Pragma: no-cache Location: http://fast-rutracker.in/redirect/redirect.php?site=11&sid=491349525&buyer_sid=911441499&page=lending&key=archive755217.zip Server: nginx/1.0.15 Content-Length: 0 Content-Type: text/html; charset=utf-8 Expires: Thu, 21 Jul 1977 07:30:00 GMT Last-Modified: Fri, 09 Jan 2015 10:11:15 GMT X-Powered-By: PHP/5.4.34 | clean |
http://eggbrothers.ru//titty.elitewindowstream.xyz/admin_config/ | HTTP/1.1 302 Moved Temporarily Connection: close Date: Fri, 09 Jan 2015 10:11:15 GMT Location: http://restoran-bambuk.ru/404?keyword=.rar Server: nginx/1.4.3 Content-Type: text/html X-Powered-By: PHP/5.4.21-1~dotdeb.1 | clean |
http://restoran-bambuk.ru/404?keyword=.rar | HTTP/1.1 302 Found Cache-Control: max-age=0 Connection: close Date: Fri, 09 Jan 2015 10:11:15 GMT Pragma: no-cache Location: http://fast-rutracker.in/redirect/redirect.php?site=11&sid=491349525&buyer_sid=911441499&page=lending&key=archive755217.zip Server: nginx/1.0.15 Content-Length: 0 Content-Type: text/html; charset=utf-8 Expires: Thu, 21 Jul 1977 07:30:00 GMT Last-Modified: Fri, 09 Jan 2015 10:11:15 GMT X-Powered-By: PHP/5.4.34 | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: eggbrothers.ru
Result:
HTTP/1.1 302 Moved Temporarily
Connection: close
Date: Fri, 09 Jan 2015 10:11:04 GMT
Location: http://rublevskiypirs.ru/books?charset=utf-8&keyword=%D1%81%D0%BE%D1%87%D0%B8%D0%BD%D0%B5%D0%BD%D0%B8%D0%B5+%D0%BF%D0%BE+%D1%82%D0%B5%D0%BC%D0%B5+%D0%BA%D0%BE%D0%B7%D0%B3%D0%B5+%D1%8D%D1%88%D0%BB%D1%8D%D1%80&v=3&id_mark=2187
Server: nginx/1.4.3
Content-Type: text/html
X-Powered-By: PHP/5.4.21-1~dotdeb.1
GET / HTTP/1.1
Host: eggbrothers.ru
Result:
HTTP/1.1 302 Moved Temporarily
Connection: close
Date: Fri, 09 Jan 2015 10:11:04 GMT
Location: http://rublevskiypirs.ru/books?charset=utf-8&keyword=%D1%81%D0%BE%D1%87%D0%B8%D0%BD%D0%B5%D0%BD%D0%B8%D0%B5+%D0%BF%D0%BE+%D1%82%D0%B5%D0%BC%D0%B5+%D0%BA%D0%BE%D0%B7%D0%B3%D0%B5+%D1%8D%D1%88%D0%BB%D1%8D%D1%80&v=3&id_mark=2187
Server: nginx/1.4.3
Content-Type: text/html
X-Powered-By: PHP/5.4.21-1~dotdeb.1
Second query (visit from search engine):
GET / HTTP/1.1
Host: eggbrothers.ru
Referer: http://www.google.com/search?q=eggbrothers.ru
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: eggbrothers.ru
Referer: http://www.google.com/search?q=eggbrothers.ru
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=eggbrothers.ru
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://eggbrothers.ru/
Result: eggbrothers.ru is not infected or malware details are not published yet.
Result: eggbrothers.ru is not infected or malware details are not published yet.