Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: w-a-t-c-h.ru
Result:
HTTP/1.1 200 OK
Connection: close
Date: Mon, 29 Sep 2014 23:36:43 GMT
Server: nginx/0.7.65
Vary: Accept-Encoding
Content-Type: text/html
X-Powered-By: PHP/5.3.2-1ubuntu4.18
GET / HTTP/1.1
Host: w-a-t-c-h.ru
Result:
HTTP/1.1 200 OK
Connection: close
Date: Mon, 29 Sep 2014 23:36:43 GMT
Server: nginx/0.7.65
Vary: Accept-Encoding
Content-Type: text/html
X-Powered-By: PHP/5.3.2-1ubuntu4.18
Second query (visit from search engine):
GET / HTTP/1.1
Host: w-a-t-c-h.ru
Referer: http://www.google.com/search?q=w-a-t-c-h.ru
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: w-a-t-c-h.ru
Referer: http://www.google.com/search?q=w-a-t-c-h.ru
Result:
The result is similar to the first query. There are no suspicious redirects found.
Scanned pages/files
| Request | Server response | Status |
http://w-a-t-c-h.ru/ | 200 OK Content-Length: 53894 Content-Type: text/html | clean |
http://ddomb.com/4a38bd4a0704e9.js | 200 OK Content-Length: 18750 Content-Type: application/javascript | clean |
http://njmaq.com/static/cu.js?p=213775&b=573562 | 200 OK Content-Length: 24804 Content-Type: application/javascript | clean |
http://manfys.com/18z513/53768dc5a/393258.js | 200 OK Content-Length: 8226 Content-Type: application/javascript | clean |
http://w-a-t-c-h.ru/tadzhikiski-seks-vide.php | 200 OK Content-Length: 72733 Content-Type: text/html | clean |
http://manfys.com/b3/81f3c/322/1/40d/d78.js | 200 OK Content-Length: 8226 Content-Type: application/javascript | clean |
http://w-a-t-c-h.ru/seks-roskaz-lezbi.php | 200 OK Content-Length: 58380 Content-Type: text/html | clean |
http://w-a-t-c-h.ru/hudozhestvennie-filmi-s-temoy-intsesta-onlayn.php | 200 OK Content-Length: 53912 Content-Type: text/html | clean |
http://w-a-t-c-h.ru/russkoe-lesbi-nasilie.php | 200 OK Content-Length: 66464 Content-Type: text/html | clean |
http://w-a-t-c-h.ru/russkaya-golaya-pizda-chastnoe-onlayn.php | 200 OK Content-Length: 50721 Content-Type: text/html | clean |
http://w-a-t-c-h.ru/staruyu-zhenshinu-ebut-tolpoy-smotret-onlayn.php | 200 OK Content-Length: 62320 Content-Type: text/html | clean |
http://w-a-t-c-h.ru/russkoe-porno-vidio-paren-ebet-pyanuyu.php | 200 OK Content-Length: 64354 Content-Type: text/html | clean |
http://w-a-t-c-h.ru/russkoe-porno-vzyali-nasi-lno-zrelie.php | 200 OK Content-Length: 67001 Content-Type: text/html | clean |
http://w-a-t-c-h.ru/razvod-na-seks-na-ulitse-smotret-onlyn.php | 200 OK Content-Length: 58490 Content-Type: text/html | clean |
http://w-a-t-c-h.ru/smotret-seks-tselochki.php | 200 OK Content-Length: 49343 Content-Type: text/html | clean |
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=w-a-t-c-h.ru
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://w-a-t-c-h.ru/
Result: w-a-t-c-h.ru is not infected or malware details are not published yet.
Result: w-a-t-c-h.ru is not infected or malware details are not published yet.