Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: topix.polezno-2012.info
Result:
HTTP/1.1 302 Moved Permanently
Connection: close
Date: Sun, 01 Mar 2015 16:55:11 GMT
Location: http://topix.polezno-2012.info/1344592292n/
Server: nginx/1.7.9
Vary: Accept-Encoding
Content-Length: 0
Content-Type: text/html; charset=UTF-8
Inspect: SP2H4H5G7I1I3I4I6
Set-Cookie: uid=ZdgTdQklKiCOT5KDYKGgR480Mh1d9M6okV3ub3GzdGrhsXz2nqSDXjUuNRXy27ELleNaiHBVrMtuhk2S%2Bia78pmCo6PvzhwXu0lcy1V7eBD%2BqWwkVH9ZgSwBP6WcfXlRJwaj096HW5Wo%2F%2BnCYYT%2BvM9Eod%2BmzF9ymZB2gjTrZjk%2B6ShT4ivJsB6%2FiFr%2B0u%2BoW%2BoOIprAGJzYdeaTYk89yLWEXu%2BZxznx2Zbc5rt8wr5VLhLL2%2F8yP7G%2BB3mu1c92SZhqCbP%2BdaEXpJtvoaVChz0PZI985l3k1KjpNAWDnNetkwnRNxJL8T1D5JlGPnHT; expires=Sun, 01-Mar-2015 17:55:11 GMT; path=/
Set-Cookie: token=Jyc%3D; expires=Sun, 01-Mar-2015 17:00:11 GMT; path=/1344592292n
X-Powered-By: PHP/5.4.36-1~dotdeb.1
...0 bytes of data.
GET / HTTP/1.1
Host: topix.polezno-2012.info
Result:
HTTP/1.1 302 Moved Permanently
Connection: close
Date: Sun, 01 Mar 2015 16:55:11 GMT
Location: http://topix.polezno-2012.info/1344592292n/
Server: nginx/1.7.9
Vary: Accept-Encoding
Content-Length: 0
Content-Type: text/html; charset=UTF-8
Inspect: SP2H4H5G7I1I3I4I6
Set-Cookie: uid=ZdgTdQklKiCOT5KDYKGgR480Mh1d9M6okV3ub3GzdGrhsXz2nqSDXjUuNRXy27ELleNaiHBVrMtuhk2S%2Bia78pmCo6PvzhwXu0lcy1V7eBD%2BqWwkVH9ZgSwBP6WcfXlRJwaj096HW5Wo%2F%2BnCYYT%2BvM9Eod%2BmzF9ymZB2gjTrZjk%2B6ShT4ivJsB6%2FiFr%2B0u%2BoW%2BoOIprAGJzYdeaTYk89yLWEXu%2BZxznx2Zbc5rt8wr5VLhLL2%2F8yP7G%2BB3mu1c92SZhqCbP%2BdaEXpJtvoaVChz0PZI985l3k1KjpNAWDnNetkwnRNxJL8T1D5JlGPnHT; expires=Sun, 01-Mar-2015 17:55:11 GMT; path=/
Set-Cookie: token=Jyc%3D; expires=Sun, 01-Mar-2015 17:00:11 GMT; path=/1344592292n
X-Powered-By: PHP/5.4.36-1~dotdeb.1
...0 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: topix.polezno-2012.info
Referer: http://www.google.com/search?q=topix.polezno-2012.info
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: topix.polezno-2012.info
Referer: http://www.google.com/search?q=topix.polezno-2012.info
Result:
The result is similar to the first query. There are no suspicious redirects found.
Scanned pages/files
Request | Server response | Status |
http://topix.polezno-2012.info/ | HTTP/1.1 302 Moved Permanently Connection: close Date: Sun, 01 Mar 2015 16:55:11 GMT Location: http://topix.polezno-2012.info/1344592292n/ Server: nginx/1.7.9 Vary: Accept-Encoding Content-Length: 0 Content-Type: text/html; charset=UTF-8 Inspect: SP2H4H5G7I1I3I4I6 Set-Cookie: uid=ZdgTdQklKiCOT5KDYKGgR480Mh1d9M6okV3ub3GzdGrhsXz2nqSDXjUuNRXy27ELleNaiHBVrMtuhk2S%2Bia78pmCo6PvzhwXu0lcy1V7eBD%2BqWwkVH9ZgSwBP6WcfXlRJwaj096HW5Wo%2F%2BnCYYT%2BvM9Eod%2BmzF9ymZB2gjTrZjk%2B6ShT4ivJsB6%2FiFr%2B0u%2BoW%2BoOIprAGJzYdeaTYk89yLWEXu%2BZxznx2Zbc5rt8wr5VLhLL2%2F8yP7G%2BB3mu1c92SZhqCbP%2BdaEXpJtvoaVChz0PZI985l3k1KjpNAWDnNetkwnRNxJL8T1D5JlGPnHT; expires=Sun, 01-Mar-2015 17:55:11 GMT; path=/ Set-Cookie: token=Jyc%3D; expires=Sun, 01-Mar-2015 17:00:11 GMT; path=/1344592292n X-Powered-By: PHP/5.4.36-1~dotdeb.1 | clean |
http://topix.polezno-2012.info/1344592292n/ | 200 OK Content-Length: 17451 Content-Type: text/html | clean |
http://topix.polezno-2012.info/js/less-1.3.3.min.js | 200 OK Content-Length: 58193 Content-Type: application/javascript | clean |
http://topix.polezno-2012.info/cancel | 200 OK Content-Length: 16343 Content-Type: text/html | clean |
http://topix.polezno-2012.info/games.php | 200 OK Content-Length: 18999 Content-Type: text/html | clean |
http://topix.polezno-2012.info/games/11 | HTTP/1.1 302 Found Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Connection: close Date: Sun, 01 Mar 2015 16:55:12 GMT Pragma: no-cache Location: /1318980578J/stp1 Server: nginx/1.7.9 Vary: Accept-Encoding Content-Length: 0 Content-Type: text/html; charset=UTF-8 Expires: Thu, 19 Nov 1981 08:52:00 GMT Inspect: MP0S0M0M1N5R1 Set-Cookie: PHPSESSID=8r4lq8cv7acesdv42t3k80d8h5; path=/ Set-Cookie: uid=le9TsLZ%2BpLZfK5WzYN3v6WnuZvuDCOE9p2iXVk6JfaX4ZVrqat1eRSGpDWMH6Idi; expires=Sun, 01-Mar-2015 17:55:12 GMT; path=/ Set-Cookie: token=Jyc%3D; expires=Sun, 01-Mar-2015 17:00:12 GMT; path=/1318980578J X-Powered-By: PHP/5.4.36-1~dotdeb.1 | clean |
http://topix.polezno-2012.info/1318980578j/stp1 | 200 OK Content-Length: 40027 Content-Type: text/html | clean |
http://topix.polezno-2012.info/1318980578j/cancel | 200 OK Content-Length: 16343 Content-Type: text/html | clean |
http://topix.polezno-2012.info/1318980578j/games.php | 200 OK Content-Length: 18999 Content-Type: text/html | clean |
http://topix.polezno-2012.info/1318980578j/games/11 | HTTP/1.1 302 Found Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Connection: close Date: Sun, 01 Mar 2015 16:55:13 GMT Pragma: no-cache Location: /1318980578S/stp1 Server: nginx/1.7.9 Vary: Accept-Encoding Content-Length: 0 Content-Type: text/html; charset=UTF-8 Expires: Thu, 19 Nov 1981 08:52:00 GMT Inspect: MP0S0M0M1N5R1 Set-Cookie: PHPSESSID=kti4m8q3kb2ufgja0u3in8h025; path=/ Set-Cookie: uid=le9TsLZ%2BpLZfK5WzYN3v6WnuZvuDCOE9p2iXVk6JfaX4ZVrqat1eRSGpDWMH6Idi; expires=Sun, 01-Mar-2015 17:55:13 GMT; path=/ Set-Cookie: token=Jyc%3D; expires=Sun, 01-Mar-2015 17:00:13 GMT; path=/1318980578S X-Powered-By: PHP/5.4.36-1~dotdeb.1 | clean |
http://topix.polezno-2012.info/1318980578s/stp1 | 200 OK Content-Length: 40027 Content-Type: text/html | clean |
http://topix.polezno-2012.info/1318980578s/cancel | 200 OK Content-Length: 16343 Content-Type: text/html | clean |
http://topix.polezno-2012.info/1318980578s/games.php | 200 OK Content-Length: 18999 Content-Type: text/html | clean |
http://topix.polezno-2012.info/1318980578s/games/11 | HTTP/1.1 302 Found Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Connection: close Date: Sun, 01 Mar 2015 16:55:14 GMT Pragma: no-cache Location: /1318980578C/stp1 Server: nginx/1.7.9 Vary: Accept-Encoding Content-Length: 0 Content-Type: text/html; charset=UTF-8 Expires: Thu, 19 Nov 1981 08:52:00 GMT Inspect: MP0S0M0M1N5R1 Set-Cookie: PHPSESSID=5ro1fog3pdk19s7nncb3fmlv64; path=/ Set-Cookie: uid=le9TsLZ%2BpLZfK5WzYN3v6WnuZvuDCOE9p2iXVk6JfaX4ZVrqat1eRSGpDWMH6Idi; expires=Sun, 01-Mar-2015 17:55:14 GMT; path=/ Set-Cookie: token=Jyc%3D; expires=Sun, 01-Mar-2015 17:00:14 GMT; path=/1318980578C X-Powered-By: PHP/5.4.36-1~dotdeb.1 | clean |
http://topix.polezno-2012.info/1318980578c/stp1 | 200 OK Content-Length: 40027 Content-Type: text/html | clean |
http://topix.polezno-2012.info/1318980578c/cancel | 200 OK Content-Length: 16343 Content-Type: text/html | clean |
http://topix.polezno-2012.info/1318980578c/games.php | 200 OK Content-Length: 18999 Content-Type: text/html | clean |
http://topix.polezno-2012.info/1318980578c/games/11 | HTTP/1.1 302 Found Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Connection: close Date: Sun, 01 Mar 2015 16:55:14 GMT Pragma: no-cache Location: /1318980578Y/stp1 Server: nginx/1.7.9 Vary: Accept-Encoding Content-Length: 0 Content-Type: text/html; charset=UTF-8 Expires: Thu, 19 Nov 1981 08:52:00 GMT Inspect: MP0S0M0M1N5R1 Set-Cookie: PHPSESSID=p0uivne31n62bhmupbepdnk4j4; path=/ Set-Cookie: uid=le9TsLZ%2BpLZfK5WzYN3v6WnuZvuDCOE9p2iXVk6JfaX4ZVrqat1eRSGpDWMH6Idi; expires=Sun, 01-Mar-2015 17:55:15 GMT; path=/ Set-Cookie: token=Jyc%3D; expires=Sun, 01-Mar-2015 17:00:15 GMT; path=/1318980578Y X-Powered-By: PHP/5.4.36-1~dotdeb.1 | clean |
http://topix.polezno-2012.info/1318980578y/stp1 | 200 OK Content-Length: 40027 Content-Type: text/html | clean |
http://topix.polezno-2012.info/1318980578y/cancel | 200 OK Content-Length: 16343 Content-Type: text/html | clean |
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=topix.polezno-2012.info
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://topix.polezno-2012.info/
Result: topix.polezno-2012.info is not infected or malware details are not published yet.
Result: topix.polezno-2012.info is not infected or malware details are not published yet.