Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: strahnadzor.ua
Result:
HTTP/1.1 301 Moved Permanently
Connection: close
Date: Tue, 08 Apr 2014 01:03:06 GMT
Location: http://www.strahnadzor.ua/
Server: nginx/1.4.5
Vary: Accept-Encoding
Content-Length: 298
Content-Type: text/html; charset=iso-8859-1
...298 bytes of data.
GET / HTTP/1.1
Host: strahnadzor.ua
Result:
HTTP/1.1 301 Moved Permanently
Connection: close
Date: Tue, 08 Apr 2014 01:03:06 GMT
Location: http://www.strahnadzor.ua/
Server: nginx/1.4.5
Vary: Accept-Encoding
Content-Length: 298
Content-Type: text/html; charset=iso-8859-1
...298 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: strahnadzor.ua
Referer: http://www.google.com/search?q=strahnadzor.ua
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: strahnadzor.ua
Referer: http://www.google.com/search?q=strahnadzor.ua
Result:
The result is similar to the first query. There are no suspicious redirects found.
Scanned pages/files
Request | Server response | Status |
http://strahnadzor.ua/ | HTTP/1.1 301 Moved Permanently Connection: close Date: Tue, 08 Apr 2014 01:03:06 GMT Location: http://www.strahnadzor.ua/ Server: nginx/1.4.5 Vary: Accept-Encoding Content-Length: 298 Content-Type: text/html; charset=iso-8859-1 | clean |
http://www.strahnadzor.ua/ | 200 OK Content-Length: 31510 Content-Type: text/html | clean |
http://www.strahnadzor.ua/js/jquery.js | 200 OK Content-Length: 93637 Content-Type: application/javascript | clean |
http://strahnadzor.ua/js/main.js | HTTP/1.1 301 Moved Permanently Connection: close Date: Tue, 08 Apr 2014 01:03:07 GMT Location: http://www.strahnadzor.ua/js/main.js Server: nginx/1.4.5 Vary: Accept-Encoding Content-Length: 308 Content-Type: text/html; charset=iso-8859-1 | clean |
http://www.strahnadzor.ua/js/main.js | 200 OK Content-Length: 6250 Content-Type: application/javascript | clean |
http://strahnadzor.ua/js/index.js | HTTP/1.1 301 Moved Permanently Connection: close Date: Tue, 08 Apr 2014 01:03:07 GMT Location: http://www.strahnadzor.ua/js/index.js Server: nginx/1.4.5 Vary: Accept-Encoding Content-Length: 309 Content-Type: text/html; charset=iso-8859-1 | clean |
http://www.strahnadzor.ua/js/index.js | 200 OK Content-Length: 723 Content-Type: application/javascript | clean |
http://strahnadzor.ua/insurers | HTTP/1.1 301 Moved Permanently Connection: close Date: Tue, 08 Apr 2014 01:03:07 GMT Location: http://www.strahnadzor.ua/insurers Server: nginx/1.4.5 Vary: Accept-Encoding Content-Length: 306 Content-Type: text/html; charset=iso-8859-1 | clean |
http://www.strahnadzor.ua/insurers | 200 OK Content-Length: 77999 Content-Type: text/html | clean |
http://www.strahnadzor.ua/js/JsHttpRequest.js | 200 OK Content-Length: 14660 Content-Type: application/javascript | clean |
http://strahnadzor.ua/js/jquery.js | HTTP/1.1 301 Moved Permanently Connection: close Date: Tue, 08 Apr 2014 01:03:08 GMT Location: http://www.strahnadzor.ua/js/jquery.js Server: nginx/1.4.5 Vary: Accept-Encoding Content-Length: 310 Content-Type: text/html; charset=iso-8859-1 | clean |
http://www.strahnadzor.ua/test404page.js | 404 Not Found Content-Length: 8013 Content-Type: text/html | clean |
http://www.strahnadzor.ua/comments/ | 200 OK Content-Length: 39665 Content-Type: text/html | clean |
http://www.strahnadzor.ua/js/jquery.formstyler.js | 200 OK Content-Length: 15620 Content-Type: application/javascript | clean |
http://www.strahnadzor.ua/js/form_decorate.js | 200 OK Content-Length: 245 Content-Type: application/javascript | clean |
http://www.strahnadzor.ua/news | 200 OK Content-Length: 13877 Content-Type: text/html | clean |
http://www.strahnadzor.ua/consultations | 200 OK Content-Length: 21026 Content-Type: text/html | clean |
http://www.strahnadzor.ua/cabinet | 403 Forbidden Content-Length: 17472 Content-Type: text/html | clean |
http://www.strahnadzor.ua/js/md5.js | 200 OK Content-Length: 12295 Content-Type: application/javascript | clean |
https://loginza.ru/js/widget.js | 200 OK Content-Length: 8656 Content-Type: application/javascript | clean |
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=strahnadzor.ua
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://strahnadzor.ua/
Result: strahnadzor.ua is not infected or malware details are not published yet.
Result: strahnadzor.ua is not infected or malware details are not published yet.