Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: ugw.ru
Result:
HTTP/1.1 200 OK
Cache-Control: max-age=0
Connection: close
Date: Sun, 05 Oct 2014 06:36:46 GMT
Server: nginx
Content-Type: text/html; charset=UTF-8
Expires: Sun, 05 Oct 2014 06:36:45 GMT
Link: <http://ugw.ru/>; rel=shortlink
X-Pingback: http://ugw.ru/xmlrpc.php
GET / HTTP/1.1
Host: ugw.ru
Result:
HTTP/1.1 200 OK
Cache-Control: max-age=0
Connection: close
Date: Sun, 05 Oct 2014 06:36:46 GMT
Server: nginx
Content-Type: text/html; charset=UTF-8
Expires: Sun, 05 Oct 2014 06:36:45 GMT
Link: <http://ugw.ru/>; rel=shortlink
X-Pingback: http://ugw.ru/xmlrpc.php
Second query (visit from search engine):
GET / HTTP/1.1
Host: ugw.ru
Referer: http://www.google.com/search?q=ugw.ru
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: ugw.ru
Referer: http://www.google.com/search?q=ugw.ru
Result:
The result is similar to the first query. There are no suspicious redirects found.
Scanned pages/files
| Request | Server response | Status |
http://www.ugw.ru/ | HTTP/1.1 301 Moved Permanently Cache-Control: max-age=0 Connection: close Date: Sun, 05 Oct 2014 06:36:45 GMT Location: http://ugw.ru/ Server: nginx Content-Type: text/html; charset=UTF-8 Expires: Sun, 05 Oct 2014 06:36:44 GMT X-Pingback: http://ugw.ru/xmlrpc.php | clean |
http://ugw.ru/ | 200 OK Content-Length: 37855 Content-Type: text/html | clean |
http://ugw.ru/wp-includes/js/jquery/jquery.js?ver=1.11.1 | 200 OK Content-Length: 95807 Content-Type: application/javascript | clean |
http://ugw.ru/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.2.1 | 200 OK Content-Length: 7200 Content-Type: application/javascript | clean |
http://ugw.ru/wp-content/themes/clubber/js/cycle.js?ver=4.0 | 200 OK Content-Length: 39548 Content-Type: application/javascript | clean |
http://ugw.ru/wp-content/themes/clubber/js/audio.js?ver=4.0 | 200 OK Content-Length: 28603 Content-Type: application/javascript | clean |
http://ugw.ru/wp-content/themes/clubber/js/mosaic.js?ver=4.0 | 200 OK Content-Length: 3673 Content-Type: application/javascript | clean |
http://ugw.ru/wp-content/themes/clubber/js/p.prettyPhoto.js?ver=4.0 | 200 OK Content-Length: 25215 Content-Type: application/javascript | clean |
http://ugw.ru/wp-content/themes/clubber/js/backstretch.js?ver=4.0 | 200 OK Content-Length: 11734 Content-Type: application/javascript | clean |
http://ugw.ru/wp-content/themes/clubber/js/gmap.js?ver=4.0 | 200 OK Content-Length: 69409 Content-Type: application/javascript | clean |
http://ugw.ru/wp-content/themes/clubber/js/idTabs.js?ver=4.0 | 200 OK Content-Length: 2351 Content-Type: application/javascript | clean |
http://ugw.ru/wp-content/themes/clubber/js/selectnav.js?ver=4.0 | 200 OK Content-Length: 1743 Content-Type: application/javascript | clean |
http://ugw.ru/wp-content/themes/clubber/js/respond.js?ver=4.0 | 200 OK Content-Length: 9747 Content-Type: application/javascript | clean |
http://ugw.ru/wp-content/themes/clubber/js/script.js?ver=4.0 | 200 OK Content-Length: 3104 Content-Type: application/javascript | clean |
http://ugw.ru/wp-content/themes/clubber/js/dark.js?ver=4.0 | 200 OK Content-Length: 648 Content-Type: application/javascript | clean |
http://maps.googleapis.com/maps/api/js?sensor=false&ver=4.0 | 200 OK Content-Length: 5033 Content-Type: text/javascript | clean |
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=ugw.ru
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://ugw.ru/
Result: ugw.ru is not infected or malware details are not published yet.
Result: ugw.ru is not infected or malware details are not published yet.