Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=noc.aua.gr
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://noc.aua.gr/
Result: The website is marked by Yandex as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Yandex as suspicious. - visiting this web site may harm your computer.
Details are available here.
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: gcup.ru
Result:
HTTP/1.1 200 OK
Cache-Control: no-cache
Cache-Control: no-store
Cache-Control: private
Connection: close
Date: Tue, 24 Feb 2015 15:03:04 GMT
Pragma: no-cache
Server: uServ/3.2.2
Content-Type: text/html; charset=UTF-8
Set-Cookie: 4gamecreatinguCoz=; path=/; expires=Sun, 24-Feb-2013 15:03:05 GMT; domain=.gcup.ru;
Set-Cookie: 4gamecreatinguzll=1424790185; path=/; expires=Wed, 24-Feb-2016 15:03:05 GMT; domain=.gcup.ru;
Set-Cookie: 4gamecreatinguCoz=; path=/; expires=Sun, 24-Feb-2013 15:03:05 GMT; domain=.gcup.ru;
GET / HTTP/1.1
Host: gcup.ru
Result:
HTTP/1.1 200 OK
Cache-Control: no-cache
Cache-Control: no-store
Cache-Control: private
Connection: close
Date: Tue, 24 Feb 2015 15:03:04 GMT
Pragma: no-cache
Server: uServ/3.2.2
Content-Type: text/html; charset=UTF-8
Set-Cookie: 4gamecreatinguCoz=; path=/; expires=Sun, 24-Feb-2013 15:03:05 GMT; domain=.gcup.ru;
Set-Cookie: 4gamecreatinguzll=1424790185; path=/; expires=Wed, 24-Feb-2016 15:03:05 GMT; domain=.gcup.ru;
Set-Cookie: 4gamecreatinguCoz=; path=/; expires=Sun, 24-Feb-2013 15:03:05 GMT; domain=.gcup.ru;
Second query (visit from search engine):
GET / HTTP/1.1
Host: gcup.ru
Referer: http://www.google.com/search?q=gcup.ru
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: gcup.ru
Referer: http://www.google.com/search?q=gcup.ru
Result:
The result is similar to the first query. There are no suspicious redirects found.
Scanned pages/files
Request | Server response | Status |
http://noc.aua.gr/ | HTTP/1.1 302 Moved Temporarily Connection: close Date: Tue, 15 Jul 2014 04:30:22 GMT Location: https://mail.aua.gr Server: Sun-Java-System-Web-Server/7.0 Content-Length: 0 | malicious |
https://mail.aua.gr/ | 200 OK Content-Length: 5616 Content-Type: text/html | clean |
https://mail.aua.gr/browser.js | 200 OK Content-Length: 2190 Content-Type: application/x-javascript | clean |
http://noc.aua.gr/test404page.js | HTTP/1.1 302 Moved Temporarily Connection: close Date: Tue, 15 Jul 2014 04:30:24 GMT Location: https://mail.aua.grtest404page.js Server: Sun-Java-System-Web-Server/7.0 Content-Length: 0 | clean |
https://mail.aua.grtest404page.js/ | 500 Can't connect to mail.aua.grtest404page.js:443 Content-Length: 190 Content-Type: text/plain | clean |
http://mail.aua.grtest404page.js/test404page.js | 500 Can't connect to mail.aua.grtest404page.js:80 (Bad hostname) Content-Length: 182 Content-Type: text/plain | clean |