Scanned pages/files
| Request | Server response | Status |
http://sex14.ru/ | HTTP/1.1 302 Moved Permanently Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Connection: close Date: Fri, 12 Dec 2014 17:48:24 GMT Pragma: no-cache Location: http://sex14.ru/1318980578W/ Server: nginx_moded_by_kam/1.5.6 Vary: Accept-Encoding Content-Length: 0 Content-Type: text/html; charset=UTF-8 Expires: Thu, 19 Nov 1981 08:52:00 GMT P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT" Set-Cookie: uid=le9TsLZ%2BpLZfK5WzYN3v6WnuZvuDCOE9p2iXVk6JfaX4ZVrqat1eRSGpDWMH6Idi; expires=Fri, 12-Dec-2014 19:48:24 GMT; path=/ Set-Cookie: PHPSESSID=5df943ko5lpnf0sqhjvcd3ig56; path=/ Set-Cookie: token=1318980578; expires=Fri, 12-Dec-2014 18:53:24 GMT; path=/1318980578W X-Powered-By: PHP/5.3.3-7+squeeze18 | clean |
http://sex14.ru/1318980578w/ | 200 OK Content-Length: 16074 Content-Type: text/html | clean |
http://sex14.ru/1318980578w/cancel | 200 OK Content-Length: 14787 Content-Type: text/html | clean |
http://sex14.ru/1318980578w/. | 200 OK Content-Length: 16074 Content-Type: text/html | clean |
http://sex14.ru/1318980578w/stp2/enter | 200 OK Content-Length: 11909 Content-Type: text/html | clean |
http://sex14.ru/1318980578w/stp2/cancel | 404 Not Found Content-Length: 283 Content-Type: text/html | clean |
http://sex14.ru/test404page.js | 404 Not Found Content-Length: 583 Content-Type: text/html | clean |
http://sex14.ru/1318980578w/stp2/. | 404 Not Found Content-Length: 277 Content-Type: text/html | clean |
http://sex14.ru/1318980578w/stp2/stp2/enter | 404 Not Found Content-Length: 287 Content-Type: text/html | clean |
http://sex14.ru/1318980578w/stp2/stp1 | 404 Not Found Content-Length: 281 Content-Type: text/html | clean |
http://sex14.ru/1318980578w/stp1 | 200 OK Content-Length: 47743 Content-Type: text/html | suspicious |
Page code contains blacklisted domain: 2o11.org <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml"> <head> <base href="http://sex14.ru/1318980578D/" /> <title>ÐоÑÑÑее видео</title> <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> <link href="/css/main.css" rel="stylesheet" type="text/cs ...[5045 bytes skipped]... | ||
http://sex14.ru/. | HTTP/1.1 302 Moved Permanently Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Connection: close Date: Fri, 12 Dec 2014 17:48:27 GMT Pragma: no-cache Location: http://sex14.ru/1318980578E/ Server: nginx_moded_by_kam/1.5.6 Vary: Accept-Encoding Content-Length: 0 Content-Type: text/html; charset=UTF-8 Expires: Thu, 19 Nov 1981 08:52:00 GMT P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT" Set-Cookie: uid=le9TsLZ%2BpLZfK5WzYN3v6WnuZvuDCOE9p2iXVk6JfaX4ZVrqat1eRSGpDWMH6Idi; expires=Fri, 12-Dec-2014 19:48:27 GMT; path=/ Set-Cookie: PHPSESSID=rmocfi5jj6sa94aj2n63ge6ht1; path=/ Set-Cookie: token=1318980578; expires=Fri, 12-Dec-2014 18:53:27 GMT; path=/1318980578E X-Powered-By: PHP/5.3.3-7+squeeze18 | clean |
http://sex14.ru/1318980578e/ | 200 OK Content-Length: 16074 Content-Type: text/html | clean |
http://sex14.ru/1318980578e/cancel | 200 OK Content-Length: 14787 Content-Type: text/html | clean |
http://sex14.ru/1318980578e/. | 200 OK Content-Length: 16074 Content-Type: text/html | clean |
http://sex14.ru/1318980578e/stp2/enter | 200 OK Content-Length: 11909 Content-Type: text/html | clean |
http://sex14.ru/1318980578e/stp2/cancel | 404 Not Found Content-Length: 283 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: sex14.ru
Result:
HTTP/1.1 302 Moved Permanently
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Fri, 12 Dec 2014 17:48:24 GMT
Pragma: no-cache
Location: http://sex14.ru/1318980578W/
Server: nginx_moded_by_kam/1.5.6
Vary: Accept-Encoding
Content-Length: 0
Content-Type: text/html; charset=UTF-8
Expires: Thu, 19 Nov 1981 08:52:00 GMT
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Set-Cookie: uid=le9TsLZ%2BpLZfK5WzYN3v6WnuZvuDCOE9p2iXVk6JfaX4ZVrqat1eRSGpDWMH6Idi; expires=Fri, 12-Dec-2014 19:48:24 GMT; path=/
Set-Cookie: PHPSESSID=5df943ko5lpnf0sqhjvcd3ig56; path=/
Set-Cookie: token=1318980578; expires=Fri, 12-Dec-2014 18:53:24 GMT; path=/1318980578W
X-Powered-By: PHP/5.3.3-7+squeeze18
...0 bytes of data.
GET / HTTP/1.1
Host: sex14.ru
Result:
HTTP/1.1 302 Moved Permanently
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Fri, 12 Dec 2014 17:48:24 GMT
Pragma: no-cache
Location: http://sex14.ru/1318980578W/
Server: nginx_moded_by_kam/1.5.6
Vary: Accept-Encoding
Content-Length: 0
Content-Type: text/html; charset=UTF-8
Expires: Thu, 19 Nov 1981 08:52:00 GMT
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Set-Cookie: uid=le9TsLZ%2BpLZfK5WzYN3v6WnuZvuDCOE9p2iXVk6JfaX4ZVrqat1eRSGpDWMH6Idi; expires=Fri, 12-Dec-2014 19:48:24 GMT; path=/
Set-Cookie: PHPSESSID=5df943ko5lpnf0sqhjvcd3ig56; path=/
Set-Cookie: token=1318980578; expires=Fri, 12-Dec-2014 18:53:24 GMT; path=/1318980578W
X-Powered-By: PHP/5.3.3-7+squeeze18
...0 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: sex14.ru
Referer: http://www.google.com/search?q=sex14.ru
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: sex14.ru
Referer: http://www.google.com/search?q=sex14.ru
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=sex14.ru
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://sex14.ru/
Result: sex14.ru is not infected or malware details are not published yet.
Result: sex14.ru is not infected or malware details are not published yet.