Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: ipvxxx.com
Result:
HTTP/1.1 301 Moved Permanently
Connection: close
Date: Mon, 13 Jul 2015 01:19:48 GMT
Location: http://www.indianpornvideos.com
Server: nginx/1.0.15
Content-Length: 178
Content-Type: text/html
...178 bytes of data.
GET / HTTP/1.1
Host: ipvxxx.com
Result:
HTTP/1.1 301 Moved Permanently
Connection: close
Date: Mon, 13 Jul 2015 01:19:48 GMT
Location: http://www.indianpornvideos.com
Server: nginx/1.0.15
Content-Length: 178
Content-Type: text/html
...178 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: ipvxxx.com
Referer: http://www.google.com/search?q=ipvxxx.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: ipvxxx.com
Referer: http://www.google.com/search?q=ipvxxx.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Scanned pages/files
| Request | Server response | Status |
http://ipvxxx.com/ | HTTP/1.1 301 Moved Permanently Connection: close Date: Mon, 13 Jul 2015 01:19:48 GMT Location: http://www.indianpornvideos.com Server: nginx/1.0.15 Content-Length: 178 Content-Type: text/html | clean |
http://www.indianpornvideos.com/ | 200 OK Content-Length: 59410 Content-Type: text/html | clean |
http://cdn.indianpornvideos.com/min/?b=stp/js&f=xajax_js/xajax_core.js,home_ajax.js,jquery.min.js,V8/bootstrap.min.js,functions.js,yetii.js,V8/js.js,V8/custom.js,V8/home.js&v=1 | 200 OK Content-Length: 165859 Content-Type: application/x-javascript | clean |
http://a.vartoken.com/sticky/sticky.js | 200 OK Content-Length: 1578 Content-Type: application/javascript | clean |
http://ipvxxx.com//s7.addthis.com/js/300/addthis_widget.js/ | HTTP/1.1 301 Moved Permanently Connection: close Date: Mon, 13 Jul 2015 01:19:49 GMT Location: http://www.indianpornvideos.com Server: nginx/1.0.15 Content-Length: 178 Content-Type: text/html | clean |
http://www.indianpornvideos.com/test404page.js | 404 Not Found Content-Length: 59424 Content-Type: text/html | clean |
http://www.indianpornvideos.com//s7.addthis.com/js/300/addthis_widget.js/ | 404 Not Found Content-Length: 59461 Content-Type: text/html | clean |
http://www.indianpornvideos.com/stp/js/jquery.poptab.js | 200 OK Content-Length: 3562 Content-Type: application/javascript | clean |
http://cdn.ipenavbar.com/jquery.ipenavbar.min.js?ver=1.1.0 | 200 OK Content-Length: 8705 Content-Type: application/javascript | clean |
http://www.indianpornvideos.com/signup/ | 200 OK Content-Length: 27833 Content-Type: text/html | clean |
http://cdn.indianpornvideos.com/min/?b=stp/js&f=xajax_js/xajax_core.js,home_ajax.js,jquery.min.js,V8/bootstrap.min.js,functions.js,yetii.js,V8/js.js,V8/custom.js | 200 OK Content-Length: 164943 Content-Type: application/x-javascript | clean |
http://www.indianpornvideos.com/forgot-password/ | 200 OK Content-Length: 9639 Content-Type: text/html | clean |
http://www.indianpornvideos.com/videos/ | 200 OK Content-Length: 41899 Content-Type: text/html | clean |
http://www.indianpornvideos.com/categories/ | 200 OK Content-Length: 151751 Content-Type: text/html | clean |
http://www.indianpornvideos.com/?view=submit | HTTP/1.1 302 Moved Temporarily Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Connection: close Date: Mon, 13 Jul 2015 01:20:27 GMT Pragma: no-cache Location: http://www.indianpornvideos.com/?view=login&return=%2F%3Fview%3Dsubmit Server: cloudflare-nginx Content-Type: text/html Expires: Thu, 19 Nov 1981 08:52:00 GMT CF-RAY: 20512a58f75a0ae4-WAW Set-Cookie: __cfduid=d07ae4fe4533065889519ebd7122e0e8f1436750427; expires=Tue, 12-Jul-16 01:20:27 GMT; path=/; domain=.indianpornvideos.com; HttpOnly Set-Cookie: PHPSESSID=7ugfmfenf3jnbd3u667d2dtjt0; path=/ X-Powered-By: PHP/5.4.37 | clean |
http://www.indianpornvideos.com/?view=login&return=%2f%3fview%3dsubmit | 200 OK Content-Length: 10525 Content-Type: text/html | clean |
http://www.indianpornvideos.com/members/ | 200 OK Content-Length: 55379 Content-Type: text/html | clean |
http://www.indianpornvideos.com/members/?sort=view | 200 OK Content-Length: 55231 Content-Type: text/html | clean |
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=ipvxxx.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://ipvxxx.com/
Result: ipvxxx.com is not infected or malware details are not published yet.
Result: ipvxxx.com is not infected or malware details are not published yet.