Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: mgstar.ru
Result:
HTTP/1.1 301 Moved Permanently
Connection: close
Date: Fri, 25 Jul 2014 09:56:22 GMT
Location: http://www.source-tm.ru/
Server: nginx/1.2.0
Content-Type: text/html; charset=iso-8859-1
GET / HTTP/1.1
Host: mgstar.ru
Result:
HTTP/1.1 301 Moved Permanently
Connection: close
Date: Fri, 25 Jul 2014 09:56:22 GMT
Location: http://www.source-tm.ru/
Server: nginx/1.2.0
Content-Type: text/html; charset=iso-8859-1
Second query (visit from search engine):
GET / HTTP/1.1
Host: mgstar.ru
Referer: http://www.google.com/search?q=mgstar.ru
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: mgstar.ru
Referer: http://www.google.com/search?q=mgstar.ru
Result:
The result is similar to the first query. There are no suspicious redirects found.
Scanned pages/files
Request | Server response | Status |
http://mgstar.ru/ | HTTP/1.1 301 Moved Permanently Connection: close Date: Fri, 25 Jul 2014 09:56:22 GMT Location: http://www.source-tm.ru/ Server: nginx/1.2.0 Content-Type: text/html; charset=iso-8859-1 | clean |
http://www.source-tm.ru/ | 200 OK Content-Length: 55787 Content-Type: text/html | clean |
http://www.source-tm.ru/templates/source/js/jq.js | 200 OK Content-Length: 84894 Content-Type: application/x-javascript | clean |
http://mgstar.ru/templates/source/js/jui.js | HTTP/1.1 301 Moved Permanently Connection: close Date: Fri, 25 Jul 2014 09:56:27 GMT Location: http://www.source-tm.ru/templates/source/js/jui.js Server: nginx/1.2.0 Content-Type: text/html; charset=iso-8859-1 | clean |
http://www.source-tm.ru/templates/source/js/jui.js | 200 OK Content-Length: 208528 Content-Type: application/x-javascript | clean |
http://mgstar.ru/templates/source/js/jql.js | HTTP/1.1 301 Moved Permanently Connection: close Date: Fri, 25 Jul 2014 09:56:28 GMT Location: http://www.source-tm.ru/templates/source/js/jql.js Server: nginx/1.2.0 Content-Type: text/html; charset=iso-8859-1 | clean |
http://www.source-tm.ru/templates/source/js/jql.js | 200 OK Content-Length: 9421 Content-Type: application/x-javascript | clean |
http://mgstar.ru/templates/source/js/js.js | HTTP/1.1 301 Moved Permanently Connection: close Date: Fri, 25 Jul 2014 09:56:28 GMT Location: http://www.source-tm.ru/templates/source/js/js.js Server: nginx/1.2.0 Content-Type: text/html; charset=iso-8859-1 | clean |
http://www.source-tm.ru/templates/source/js/js.js | 200 OK Content-Length: 22460 Content-Type: application/x-javascript | clean |
http://mgstar.ru/uploadify/swfobject.js | HTTP/1.1 301 Moved Permanently Connection: close Date: Fri, 25 Jul 2014 09:56:29 GMT Location: http://www.source-tm.ru/uploadify/swfobject.js Server: nginx/1.2.0 Content-Type: text/html; charset=iso-8859-1 | clean |
http://www.source-tm.ru/uploadify/swfobject.js | 200 OK Content-Length: 10220 Content-Type: application/x-javascript | clean |
http://mgstar.ru/uploadify/jquery.uploadify.v2.1.4.min.js | HTTP/1.1 301 Moved Permanently Connection: close Date: Fri, 25 Jul 2014 09:56:29 GMT Location: http://www.source-tm.ru/uploadify/jquery.uploadify.v2.1.4.min.js Server: nginx/1.2.0 Content-Type: text/html; charset=iso-8859-1 | clean |
http://www.source-tm.ru/uploadify/jquery.uploadify.v2.1.4.min.js | 200 OK Content-Length: 8193 Content-Type: application/x-javascript | clean |
http://mgstar.ru/templates/source/highslide/highslide-full.min.js | HTTP/1.1 301 Moved Permanently Connection: close Date: Fri, 25 Jul 2014 09:56:30 GMT Location: http://www.source-tm.ru/templates/source/highslide/highslide-full.min.js Server: nginx/1.2.0 Content-Type: text/html; charset=iso-8859-1 | clean |
http://www.source-tm.ru/templates/source/highslide/highslide-full.min.js | 200 OK Content-Length: 71109 Content-Type: application/x-javascript | clean |
http://mgstar.ru//mc.yandex.ru/metrika/watch.js/ | HTTP/1.1 301 Moved Permanently Connection: close Date: Fri, 25 Jul 2014 09:56:30 GMT Location: http://www.source-tm.ru/mc.yandex.ru/metrika/watch.js/ Server: nginx/1.2.0 Content-Type: text/html; charset=iso-8859-1 | clean |
http://www.source-tm.ru/mc.yandex.ru/metrika/watch.js/ | HTTP/1.1 302 Found Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Connection: close Date: Fri, 25 Jul 2014 09:56:30 GMT Pragma: no-cache Location: http://www.source-tm.ru/http404.html Server: nginx/1.2.2 Content-Type: text/html; charset=utf-8 Expires: Thu, 19 Nov 1981 08:52:00 GMT Set-Cookie: mgstar_db_mg_web=d64a95191ac038539e73b1269a18cbd2; path=/ Set-Cookie: etomiteLoggingCookie=524343223; expires=Sat, 25 Jul 2015 09:56:30 GMT X-Powered-By: PHP/4.4.9 | clean |
http://www.source-tm.ru/http404.html | 404 Not Found Content-Length: 48900 Content-Type: text/html | clean |
http://www.source-tm.ru//mc.yandex.ru/metrika/watch.js/ | HTTP/1.1 302 Found Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Connection: close Date: Fri, 25 Jul 2014 09:56:31 GMT Pragma: no-cache Location: http://www.source-tm.ru/http404.html Server: nginx/1.2.2 Content-Type: text/html; charset=utf-8 Expires: Thu, 19 Nov 1981 08:52:00 GMT Set-Cookie: mgstar_db_mg_web=6241f36e55d59914c42501bd79ea0289; path=/ Set-Cookie: etomiteLoggingCookie=1395115014; expires=Sat, 25 Jul 2015 09:56:31 GMT X-Powered-By: PHP/4.4.9 | clean |
http://www.source-tm.ru/test404page.js | HTTP/1.1 302 Found Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Connection: close Date: Fri, 25 Jul 2014 09:56:31 GMT Pragma: no-cache Location: http://www.source-tm.ru/http404.html Server: nginx/1.2.2 Content-Type: text/html; charset=utf-8 Expires: Thu, 19 Nov 1981 08:52:00 GMT Set-Cookie: mgstar_db_mg_web=6df988e917909e6c3157a49a501bc877; path=/ Set-Cookie: etomiteLoggingCookie=264764272; expires=Sat, 25 Jul 2015 09:56:31 GMT X-Powered-By: PHP/4.4.9 | clean |
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=mgstar.ru
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://mgstar.ru/
Result: mgstar.ru is not infected or malware details are not published yet.
Result: mgstar.ru is not infected or malware details are not published yet.