Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: ircenter.ru
Result:
HTTP/1.1 301 Moved Permanently
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Fri, 06 Feb 2015 19:20:38 GMT
Pragma: no-cache
Location: http://www.ircenter.ru/
Server: Apache/2.2.22 (Ubuntu)
Vary: Accept-Encoding
Content-Type: text/html
Expires: Sat, Feb 07 2015 19:20:38 GMT
Set-Cookie: sid=dn0fc8p2jtq8vn2sni0pgfgot3; path=/
X-Powered-By: PHP/5.3.10-1ubuntu3.11
GET / HTTP/1.1
Host: ircenter.ru
Result:
HTTP/1.1 301 Moved Permanently
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Fri, 06 Feb 2015 19:20:38 GMT
Pragma: no-cache
Location: http://www.ircenter.ru/
Server: Apache/2.2.22 (Ubuntu)
Vary: Accept-Encoding
Content-Type: text/html
Expires: Sat, Feb 07 2015 19:20:38 GMT
Set-Cookie: sid=dn0fc8p2jtq8vn2sni0pgfgot3; path=/
X-Powered-By: PHP/5.3.10-1ubuntu3.11
Second query (visit from search engine):
GET / HTTP/1.1
Host: ircenter.ru
Referer: http://www.google.com/search?q=ircenter.ru
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: ircenter.ru
Referer: http://www.google.com/search?q=ircenter.ru
Result:
The result is similar to the first query. There are no suspicious redirects found.
Scanned pages/files
| Request | Server response | Status |
http://ircenter.ru/ | HTTP/1.1 301 Moved Permanently Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Connection: close Date: Fri, 06 Feb 2015 19:20:38 GMT Pragma: no-cache Location: http://www.ircenter.ru/ Server: Apache/2.2.22 (Ubuntu) Vary: Accept-Encoding Content-Type: text/html Expires: Sat, Feb 07 2015 19:20:38 GMT Set-Cookie: sid=dn0fc8p2jtq8vn2sni0pgfgot3; path=/ X-Powered-By: PHP/5.3.10-1ubuntu3.11 | clean |
http://www.ircenter.ru/ | 200 OK Content-Length: 56424 Content-Type: text/html | clean |
https://w.uptolike.com/widgets/v1/zp.js?pid=641570 | 200 OK Content-Length: 40045 Content-Type: text/javascript | clean |
http://ircenter.ru/ru/company/comments/?record_id=4338 | HTTP/1.1 301 Moved Permanently Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Connection: close Date: Fri, 06 Feb 2015 19:20:40 GMT Pragma: no-cache Location: http://www.ircenter.ru/ru/company/comments/?record_id=4338 Server: Apache/2.2.22 (Ubuntu) Vary: Accept-Encoding Content-Type: text/html Expires: Sat, Feb 07 2015 19:20:41 GMT Set-Cookie: sid=uuqn7f8c37eqqk2aevd4bmgaj7; path=/ X-Powered-By: PHP/5.3.10-1ubuntu3.11 | clean |
http://www.ircenter.ru/ru/company/comments/?record_id=4338 | 200 OK Content-Length: 19944 Content-Type: text/html | clean |
http://www.ircenter.ru/templ/main/show_ads.js | 200 OK Content-Length: 16672 Content-Type: application/javascript | clean |
http://ircenter.ru/test404page.js | 404 Not Found Content-Length: 289 Content-Type: text/html | clean |
http://ircenter.ru/ru/company/comments/?record_id=36706 | HTTP/1.1 301 Moved Permanently Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Connection: close Date: Fri, 06 Feb 2015 19:20:42 GMT Pragma: no-cache Location: http://www.ircenter.ru/ru/company/comments/?record_id=36706 Server: Apache/2.2.22 (Ubuntu) Vary: Accept-Encoding Content-Type: text/html Expires: Sat, Feb 07 2015 19:20:43 GMT Set-Cookie: sid=hl8mg7d2blqkneu61nj110lam3; path=/ X-Powered-By: PHP/5.3.10-1ubuntu3.11 | clean |
http://www.ircenter.ru/ru/company/comments/?record_id=36706 | 200 OK Content-Length: 18623 Content-Type: text/html | clean |
http://ircenter.ru/ru/company/comments/?record_id=63948 | HTTP/1.1 301 Moved Permanently Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Connection: close Date: Fri, 06 Feb 2015 19:20:44 GMT Pragma: no-cache Location: http://www.ircenter.ru/ru/company/comments/?record_id=63948 Server: Apache/2.2.22 (Ubuntu) Vary: Accept-Encoding Content-Type: text/html Expires: Sat, Feb 07 2015 19:20:44 GMT Set-Cookie: sid=5n8nbbjcscm5nhqm8tgu36ltn7; path=/ X-Powered-By: PHP/5.3.10-1ubuntu3.11 | clean |
http://www.ircenter.ru/ru/company/comments/?record_id=63948 | 200 OK Content-Length: 19299 Content-Type: text/html | clean |
http://ircenter.ru/ru/company/comments/?record_id=11414 | HTTP/1.1 301 Moved Permanently Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Connection: close Date: Fri, 06 Feb 2015 19:20:45 GMT Pragma: no-cache Location: http://www.ircenter.ru/ru/company/comments/?record_id=11414 Server: Apache/2.2.22 (Ubuntu) Vary: Accept-Encoding Content-Type: text/html Expires: Sat, Feb 07 2015 19:20:45 GMT Set-Cookie: sid=fgqdb7kb9kl2gddsd0h8fmpq91; path=/ X-Powered-By: PHP/5.3.10-1ubuntu3.11 | clean |
http://www.ircenter.ru/ru/company/comments/?record_id=11414 | 200 OK Content-Length: 19060 Content-Type: text/html | clean |
http://ircenter.ru/ru/company/comments/?record_id=32805 | HTTP/1.1 301 Moved Permanently Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Connection: close Date: Fri, 06 Feb 2015 19:20:46 GMT Pragma: no-cache Location: http://www.ircenter.ru/ru/company/comments/?record_id=32805 Server: Apache/2.2.22 (Ubuntu) Vary: Accept-Encoding Content-Type: text/html Expires: Sat, Feb 07 2015 19:20:47 GMT Set-Cookie: sid=558kq941lmi3fqsbojivb485g5; path=/ X-Powered-By: PHP/5.3.10-1ubuntu3.11 | clean |
http://www.ircenter.ru/ru/company/comments/?record_id=32805 | 200 OK Content-Length: 26867 Content-Type: text/html | clean |
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=ircenter.ru
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://ircenter.ru/
Result: ircenter.ru is not infected or malware details are not published yet.
Result: ircenter.ru is not infected or malware details are not published yet.
