Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=secret-story.ru
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://secret-story.ru/
Result: The website is marked by Yandex as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Yandex as suspicious. - visiting this web site may harm your computer.
Details are available here.
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: secret-story.ru
Result:
HTTP/1.1 302 Moved Temporarily
Connection: close
Date: Thu, 08 Jan 2015 12:49:21 GMT
Location: http://rublevskiypirs.ru/books?keyword=%D0%E0%E7%E2%E5%F0%ED%F3%F2%FB%E9+%EE%F2%E2%E5%F2+%3A+%EA%E0%EA+%F0%E0%F1%F1%F2%E0%E2%EB%FF%F2%FC+%F1%F2%E5%EF%E5%ED%E8+%EE%EA%E8%F1%EB%E5%ED%E8%FF.&v=3&id_mark=1164
Server: nginx/1.4.3
Content-Type: text/html
X-Powered-By: PHP/5.4.21-1~dotdeb.1
GET / HTTP/1.1
Host: secret-story.ru
Result:
HTTP/1.1 302 Moved Temporarily
Connection: close
Date: Thu, 08 Jan 2015 12:49:21 GMT
Location: http://rublevskiypirs.ru/books?keyword=%D0%E0%E7%E2%E5%F0%ED%F3%F2%FB%E9+%EE%F2%E2%E5%F2+%3A+%EA%E0%EA+%F0%E0%F1%F1%F2%E0%E2%EB%FF%F2%FC+%F1%F2%E5%EF%E5%ED%E8+%EE%EA%E8%F1%EB%E5%ED%E8%FF.&v=3&id_mark=1164
Server: nginx/1.4.3
Content-Type: text/html
X-Powered-By: PHP/5.4.21-1~dotdeb.1
Second query (visit from search engine):
GET / HTTP/1.1
Host: secret-story.ru
Referer: http://www.google.com/search?q=secret-story.ru
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: secret-story.ru
Referer: http://www.google.com/search?q=secret-story.ru
Result:
The result is similar to the first query. There are no suspicious redirects found.
Scanned pages/files
Request | Server response | Status |
http://secret-story.ru/ | HTTP/1.1 302 Moved Temporarily Connection: close Date: Thu, 08 Jan 2015 12:49:21 GMT Location: http://rublevskiypirs.ru/books?keyword=%D0%E0%E7%E2%E5%F0%ED%F3%F2%FB%E9+%EE%F2%E2%E5%F2+%3A+%EA%E0%EA+%F0%E0%F1%F1%F2%E0%E2%EB%FF%F2%FC+%F1%F2%E5%EF%E5%ED%E8+%EE%EA%E8%F1%EB%E5%ED%E8%FF.&v=3&id_mark=1164 Server: nginx/1.4.3 Content-Type: text/html X-Powered-By: PHP/5.4.21-1~dotdeb.1 | clean |
http://rublevskiypirs.ru/books?keyword=%d0%e0%e7%e2%e5%f0%ed%f3%f2%fb%e9+%ee%f2%e2%e5%f2+%3a+%ea%e0%ea+%f0%e0%f1%f1%f2%e0%e2%eb%ff%f2%fc+%f1%f2%e5%ef%e5%ed%e8+%ee%ea%e8%f1%eb%e5%ed%e8%ff.&v=3&id_mark=1164 | HTTP/1.1 302 Found Cache-Control: max-age=0 Connection: close Date: Thu, 08 Jan 2015 12:49:21 GMT Pragma: no-cache Location: http://www.youcanfind.net/rl_cmprwm.php?ct=cq66j Server: nginx/1.0.15 Content-Length: 0 Content-Type: text/html; charset=utf-8 Expires: Thu, 21 Jul 1977 07:30:00 GMT Last-Modified: Thu, 08 Jan 2015 12:49:21 GMT X-Powered-By: PHP/5.4.34 | clean |
http://www.youcanfind.net/rl_cmprwm.php?ct=cq66j | HTTP/1.1 302 Found Connection: close Date: Thu, 08 Jan 2015 12:49:22 GMT Location: http://chlcotrk.com/mt/x254x274b4z2x2y234t2/&subid1=2400z7z1z0 Server: Apache/2.2.19 (Unix) PHP/5.1.6 mod_ssl/2.2.19 OpenSSL/0.9.7e-p1 Content-Length: 0 Content-Type: text/html X-Powered-By: PHP/5.1.6 | clean |
http://chlcotrk.com/mt/x254x274b4z2x2y234t2/&subid1=2400z7z1z0 | HTTP/1.1 302 nginx/1.1.19 Connection: Close Date: Thu, 08 Jan 2015 12:49:22 GMT Location: http://nw1.truedefendredirect.com/?oid=3299&s1=52e91f3839deeac81e18c0b7a56872bc&s2=CD4823&s3=3299&s4=&s5= Content-Length: 0 Content-Type: text/html; charset=utf-8 P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" Set-Cookie: mt_imp_3299=1; expires=Sat, 07-Feb-2015 12:49:22 GMT; path=/; domain=chlcotrk.com Set-Cookie: mt_muid=MT-54ae7cd26d2b8-5994; expires=Sat, 07-Feb-2015 12:49:22 GMT; path=/; domain=chlcotrk.com Set-Cookie: mt_lds=52e91f3839deeac81e18c0b7a56872bc; expires=Sat, 07-Feb-2015 12:49:22 GMT; path=/; domain=chlcotrk.com Set-Cookie: mt_clk=52e91f3839deeac81e18c0b7a56872bc; path=/; domain=chlcotrk.com X-Powered-By: HHVM/3.0.1 | clean |
http://nw1.truedefendredirect.com/?oid=3299&s1=52e91f3839deeac81e18c0b7a56872bc&s2=cd4823&s3=3299&s4=&s5= | HTTP/1.1 302 Moved Temporarily Connection: Close Date: Thu, 08 Jan 2015 12:49:23 GMT Location: http://Vf4zz.titty.elitewindowstream.xyz/?sov=241786602&hid=gwkoiwiwmkiogk&redid=788&id=XNSX.52e91f3839deeac81e18c0b7a56872bc%3A%3Acd4823%3A%3A3299-r788 Server: nginx/1.2.8 Content-Length: 0 Content-Type: text/html X-Powered-By: PHP/5.3.23 | clean |
http://vf4zz.titty.elitewindowstream.xyz/?sov=241786602&hid=gwkoiwiwmkiogk&redid=788&id=xnsx.52e91f3839deeac81e18c0b7a56872bc%3a%3acd4823%3a%3a3299-r788 | 200 OK Content-Length: 12362 Content-Type: text/html | clean |
http://vf4zz.titty.elitewindowstream.xyz/terms/privacy.html | 200 OK Content-Length: 24252 Content-Type: text/html | clean |
http://ajax.googleapis.com/ajax/libs/jquery/1.4/jquery.min.js | 200 OK Content-Length: 78601 Content-Type: text/javascript | clean |
http://vf4zz.titty.elitewindowstream.xyz/templates/_common/footer_links/js/script.js | 200 OK Content-Length: 5674 Content-Type: application/javascript | clean |
http://vf4zz.titty.elitewindowstream.xyz//translate.google.com/translate_a/element.js?cb=googleTranslateElementInit/ | 404 Not Found Content-Length: 570 Content-Type: text/html | clean |
http://vf4zz.titty.elitewindowstream.xyz/test404page.js | 404 Not Found Content-Length: 570 Content-Type: text/html | clean |
http://secret-story.ru/terms/terms.html | 500 timeout Content-Length: 30 Content-Type: text/plain | clean |
http://secret-story.ru/terms/aboutus.html | 500 timeout Content-Length: 30 Content-Type: text/plain | clean |
http://secret-story.ru/terms/privacy.html | 500 timeout Content-Length: 30 Content-Type: text/plain | clean |
http://secret-story.ru//titty.elitewindowstream.xyz/admin_config/ | HTTP/1.1 302 Moved Temporarily Connection: close Date: Thu, 08 Jan 2015 12:49:46 GMT Location: http://rublevskiypirs.ru/books?charset=utf-8&keyword=&v=3&id_mark=1164 Server: nginx/1.4.3 Content-Type: text/html X-Powered-By: PHP/5.4.21-1~dotdeb.1 | clean |
http://rublevskiypirs.ru/books?charset=utf-8&keyword=&v=3&id_mark=1164 | HTTP/1.1 302 Found Cache-Control: max-age=0 Connection: close Date: Thu, 08 Jan 2015 12:49:46 GMT Pragma: no-cache Location: http://www.youcanfind.net/rl_cmprwm.php?ct=cq66j Server: nginx/1.0.15 Content-Length: 0 Content-Type: text/html; charset=utf-8 Expires: Thu, 21 Jul 1977 07:30:00 GMT Last-Modified: Thu, 08 Jan 2015 12:49:46 GMT X-Powered-By: PHP/5.4.34 | clean |