Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: knu.edu.ua
Result:
HTTP/1.1 200 OK
Cache-Control: max-age=172800, private, must-revalidate
Connection: close
Date: Thu, 08 Jan 2015 18:07:46 GMT
Pragma: no-cache
Server: Apache/2.2.26 (CentOS)
Content-Type: text/html; charset=UTF-8
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Set-Cookie: PHPSESSID=8645qd4a428otsf6cg5861b710; path=/
X-Powered-By: PHP/5.3.27
GET / HTTP/1.1
Host: knu.edu.ua
Result:
HTTP/1.1 200 OK
Cache-Control: max-age=172800, private, must-revalidate
Connection: close
Date: Thu, 08 Jan 2015 18:07:46 GMT
Pragma: no-cache
Server: Apache/2.2.26 (CentOS)
Content-Type: text/html; charset=UTF-8
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Set-Cookie: PHPSESSID=8645qd4a428otsf6cg5861b710; path=/
X-Powered-By: PHP/5.3.27
Second query (visit from search engine):
GET / HTTP/1.1
Host: knu.edu.ua
Referer: http://www.google.com/search?q=knu.edu.ua
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: knu.edu.ua
Referer: http://www.google.com/search?q=knu.edu.ua
Result:
The result is similar to the first query. There are no suspicious redirects found.
Scanned pages/files
| Request | Server response | Status |
http://www.knu.edu.ua/ | HTTP/1.1 301 Moved Permanently Connection: close Date: Thu, 08 Jan 2015 18:07:37 GMT Location: http://knu.edu.ua/ Server: Apache/2.2.26 (CentOS) Content-Length: 306 Content-Type: text/html; charset=iso-8859-1 | clean |
http://knu.edu.ua/ | 200 OK Content-Length: 41759 Content-Type: text/html | clean |
http://knu.edu.ua//ajax.googleapis.com/ajax/libs/jquery/1.9.1/jquery.min.js/ | HTTP/1.1 301 Moved Permanently Cache-Control: max-age=172800, private, must-revalidate Connection: close Date: Thu, 08 Jan 2015 18:07:46 GMT Pragma: no-cache Location: http://knu.edu.ua/ajax.googleapis.com/ajax/libs/jquery/1.9.1/jquery.min.js Server: Apache/2.2.26 (CentOS) Content-Length: 0 Content-Type: text/html; charset=UTF-8 Expires: Thu, 19 Nov 1981 08:52:00 GMT Set-Cookie: PHPSESSID=dpgkuga8475f2q2errad7kvg41; path=/ X-Powered-By: PHP/5.3.27 | clean |
http://knu.edu.ua/ajax.googleapis.com/ajax/libs/jquery/1.9.1/jquery.min.js | 404 Not Found Content-Length: 24902 Content-Type: text/html | clean |
http://code.jquery.com/jquery-migrate-1.2.1.min.js | 200 OK Content-Length: 7199 Content-Type: application/x-javascript | clean |
http://knu.edu.ua/templates/knu/js/vendor/modernizr-2.6.2.min.js | 200 OK Content-Length: 15414 Content-Type: text/javascript | clean |
http://knu.edu.ua//s7.addthis.com/js/300/addthis_widget.js/ | HTTP/1.1 301 Moved Permanently Cache-Control: max-age=172800, private, must-revalidate Connection: close Date: Thu, 08 Jan 2015 18:07:47 GMT Pragma: no-cache Location: http://knu.edu.ua/s7.addthis.com/js/300/addthis_widget.js Server: Apache/2.2.26 (CentOS) Content-Length: 0 Content-Type: text/html; charset=UTF-8 Expires: Thu, 19 Nov 1981 08:52:00 GMT Set-Cookie: PHPSESSID=to0lotlt0a3kvtc6kqhj951je0; path=/ X-Powered-By: PHP/5.3.27 | clean |
http://knu.edu.ua/s7.addthis.com/js/300/addthis_widget.js | 404 Not Found Content-Length: 24851 Content-Type: text/html | clean |
http://www.google.com.ua/coop/cse/brand?form=cse-search-box&lang=uk | 200 OK Content-Length: 2518 Content-Type: text/javascript | clean |
http://knu.edu.ua//pagead2.googlesyndication.com/pagead/js/adsbygoogle.js/ | HTTP/1.1 301 Moved Permanently Cache-Control: max-age=172800, private, must-revalidate Connection: close Date: Thu, 08 Jan 2015 18:07:48 GMT Pragma: no-cache Location: http://knu.edu.ua/pagead2.googlesyndication.com/pagead/js/adsbygoogle.js Server: Apache/2.2.26 (CentOS) Content-Length: 0 Content-Type: text/html; charset=UTF-8 Expires: Thu, 19 Nov 1981 08:52:00 GMT Set-Cookie: PHPSESSID=3sq8jpnmqvrc6po5d26lgm46q0; path=/ X-Powered-By: PHP/5.3.27 | clean |
http://knu.edu.ua/pagead2.googlesyndication.com/pagead/js/adsbygoogle.js | 404 Not Found Content-Length: 24896 Content-Type: text/html | clean |
http://knu.edu.ua/templates/knu/js/plugins.js | 200 OK Content-Length: 733 Content-Type: text/javascript | clean |
http://knu.edu.ua/templates/knu/js/jquery.easing-1.3.pack.js | 200 OK Content-Length: 6717 Content-Type: text/javascript | clean |
http://knu.edu.ua/templates/knu/js/jquery.fancybox-1.3.4.pack.js | 200 OK Content-Length: 15624 Content-Type: text/javascript | clean |
http://knu.edu.ua/templates/knu/js/rotator.6.js | 200 OK Content-Length: 1594 Content-Type: text/javascript | clean |
http://knu.edu.ua/templates/knu/js/main.6.js | 200 OK Content-Length: 3323 Content-Type: text/javascript | clean |
http://knu.edu.ua/ru/pagead2.googlesyndication.com/pagead/js/adsbygoogle.js | HTTP/1.1 301 Moved Permanently Cache-Control: max-age=604800 Connection: close Date: Thu, 08 Jan 2015 18:07:50 GMT Location: http://knu.edu.ua/pagead2.googlesyndication.com/pagead/js/adsbygoogle.js Server: Apache/2.2.26 (CentOS) Content-Length: 356 Content-Type: text/html; charset=iso-8859-1 Expires: Thu, 15 Jan 2015 18:07:50 GMT | clean |
http://knu.edu.ua/test404page.js | 404 Not Found Content-Length: 24776 Content-Type: text/html | clean |
http://knu.edu.ua/ru/test404page.js | HTTP/1.1 301 Moved Permanently Cache-Control: max-age=604800 Connection: close Date: Thu, 08 Jan 2015 18:07:50 GMT Location: http://knu.edu.ua/test404page.js Server: Apache/2.2.26 (CentOS) Content-Length: 316 Content-Type: text/html; charset=iso-8859-1 Expires: Thu, 15 Jan 2015 18:07:50 GMT | clean |
http://knu.edu.ua/ua/test404page.js | HTTP/1.1 404 Not Found Cache-Control: max-age=172800, private, must-revalidate Connection: close Date: Thu, 08 Jan 2015 18:07:50 GMT Pragma: no-cache Location: /test404page.js Server: Apache/2.2.26 (CentOS) Content-Type: text/html; charset=UTF-8 Expires: Thu, 19 Nov 1981 08:52:00 GMT Set-Cookie: PHPSESSID=ask1nm52gbsgc380ncggqmjh93; path=/ X-Powered-By: PHP/5.3.27 | clean |
http://knu.edu.ua/en/test404page.js | 404 Not Found Content-Length: 11943 Content-Type: text/html | clean |
http://knu.edu.ua/en | 200 OK Content-Length: 14409 Content-Type: text/html | clean |
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=knu.edu.ua
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://knu.edu.ua/
Result: knu.edu.ua is not infected or malware details are not published yet.
Result: knu.edu.ua is not infected or malware details are not published yet.