Scanned pages/files
Request | Server response | Status |
http://ukrshina.com/ | HTTP/1.1 302 Moved Permanently Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Connection: close Date: Wed, 17 Dec 2014 23:26:29 GMT Pragma: no-cache Location: http://ukrshina.com/1318980578T/ Server: nginx_moded_by_kam/1.5.6 Vary: Accept-Encoding Content-Length: 0 Content-Type: text/html; charset=UTF-8 Expires: Thu, 19 Nov 1981 08:52:00 GMT P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT" Set-Cookie: uid=le9TsLZ%2BpLZfK5WzYN3v6WnuZvuDCOE9p2iXVk6JfaX4ZVrqat1eRSGpDWMH6Idi; expires=Thu, 18-Dec-2014 01:26:29 GMT; path=/ Set-Cookie: PHPSESSID=0lckcdn2jsf4n705lbqqeljns6; path=/ Set-Cookie: token=1318980578; expires=Thu, 18-Dec-2014 00:31:29 GMT; path=/1318980578T X-Powered-By: PHP/5.3.3-7+squeeze18 | clean |
http://ukrshina.com/1318980578t/ | 200 OK Content-Length: 16078 Content-Type: text/html | clean |
http://ukrshina.com/1318980578t/cancel | 200 OK Content-Length: 14791 Content-Type: text/html | clean |
http://ukrshina.com/1318980578t/. | 200 OK Content-Length: 16078 Content-Type: text/html | clean |
http://ukrshina.com/1318980578t/stp2/enter | 200 OK Content-Length: 11913 Content-Type: text/html | clean |
http://ukrshina.com/1318980578t/stp2/cancel | 404 Not Found Content-Length: 287 Content-Type: text/html | clean |
http://ukrshina.com/test404page.js | 404 Not Found Content-Length: 583 Content-Type: text/html | clean |
http://ukrshina.com/1318980578t/stp2/. | 404 Not Found Content-Length: 281 Content-Type: text/html | clean |
http://ukrshina.com/1318980578t/stp2/stp2/enter | 404 Not Found Content-Length: 291 Content-Type: text/html | clean |
http://ukrshina.com/1318980578t/stp2/stp1 | 404 Not Found Content-Length: 285 Content-Type: text/html | clean |
http://ukrshina.com/1318980578t/stp1 | 200 OK Content-Length: 47747 Content-Type: text/html | suspicious |
Page code contains blacklisted domain: 2o11.org <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml"> <head> <base href="http://ukrshina.com/1318980578X/" /> <title>ÐоÑÑÑее видео</title> <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> <link href="/css/main.css" rel="stylesheet" type="tex ...[5045 bytes skipped]... | ||
http://ukrshina.com/. | HTTP/1.1 302 Moved Permanently Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Connection: close Date: Wed, 17 Dec 2014 23:26:31 GMT Pragma: no-cache Location: http://ukrshina.com/1318980578B/ Server: nginx_moded_by_kam/1.5.6 Vary: Accept-Encoding Content-Length: 0 Content-Type: text/html; charset=UTF-8 Expires: Thu, 19 Nov 1981 08:52:00 GMT P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT" Set-Cookie: uid=le9TsLZ%2BpLZfK5WzYN3v6WnuZvuDCOE9p2iXVk6JfaX4ZVrqat1eRSGpDWMH6Idi; expires=Thu, 18-Dec-2014 01:26:31 GMT; path=/ Set-Cookie: PHPSESSID=v8m7fm9g6uhje6skpdi9u049j2; path=/ Set-Cookie: token=1318980578; expires=Thu, 18-Dec-2014 00:31:31 GMT; path=/1318980578B X-Powered-By: PHP/5.3.3-7+squeeze18 | clean |
http://ukrshina.com/1318980578b/ | 200 OK Content-Length: 16078 Content-Type: text/html | clean |
http://ukrshina.com/1318980578b/cancel | 200 OK Content-Length: 14791 Content-Type: text/html | clean |
http://ukrshina.com/1318980578b/. | 200 OK Content-Length: 16078 Content-Type: text/html | clean |
http://ukrshina.com/1318980578b/stp2/enter | 200 OK Content-Length: 11913 Content-Type: text/html | clean |
http://ukrshina.com/1318980578b/stp2/cancel | 404 Not Found Content-Length: 287 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: ukrshina.com
Result:
HTTP/1.1 302 Moved Permanently
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Wed, 17 Dec 2014 23:26:29 GMT
Pragma: no-cache
Location: http://ukrshina.com/1318980578T/
Server: nginx_moded_by_kam/1.5.6
Vary: Accept-Encoding
Content-Length: 0
Content-Type: text/html; charset=UTF-8
Expires: Thu, 19 Nov 1981 08:52:00 GMT
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Set-Cookie: uid=le9TsLZ%2BpLZfK5WzYN3v6WnuZvuDCOE9p2iXVk6JfaX4ZVrqat1eRSGpDWMH6Idi; expires=Thu, 18-Dec-2014 01:26:29 GMT; path=/
Set-Cookie: PHPSESSID=0lckcdn2jsf4n705lbqqeljns6; path=/
Set-Cookie: token=1318980578; expires=Thu, 18-Dec-2014 00:31:29 GMT; path=/1318980578T
X-Powered-By: PHP/5.3.3-7+squeeze18
...0 bytes of data.
GET / HTTP/1.1
Host: ukrshina.com
Result:
HTTP/1.1 302 Moved Permanently
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Wed, 17 Dec 2014 23:26:29 GMT
Pragma: no-cache
Location: http://ukrshina.com/1318980578T/
Server: nginx_moded_by_kam/1.5.6
Vary: Accept-Encoding
Content-Length: 0
Content-Type: text/html; charset=UTF-8
Expires: Thu, 19 Nov 1981 08:52:00 GMT
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Set-Cookie: uid=le9TsLZ%2BpLZfK5WzYN3v6WnuZvuDCOE9p2iXVk6JfaX4ZVrqat1eRSGpDWMH6Idi; expires=Thu, 18-Dec-2014 01:26:29 GMT; path=/
Set-Cookie: PHPSESSID=0lckcdn2jsf4n705lbqqeljns6; path=/
Set-Cookie: token=1318980578; expires=Thu, 18-Dec-2014 00:31:29 GMT; path=/1318980578T
X-Powered-By: PHP/5.3.3-7+squeeze18
...0 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: ukrshina.com
Referer: http://www.google.com/search?q=ukrshina.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: ukrshina.com
Referer: http://www.google.com/search?q=ukrshina.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=ukrshina.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://ukrshina.com/
Result: ukrshina.com is not infected or malware details are not published yet.
Result: ukrshina.com is not infected or malware details are not published yet.