Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: web387.login-6.hoststar.ch
Result:
HTTP/1.1 200 OK
Connection: close
Date: Wed, 17 Dec 2014 03:25:07 GMT
Server: Apache
Vary: Accept-Encoding,User-Agent
Content-Type: text/html; charset=UTF-8
Strict-Transport-Security: max-age=15768000
X-Powered-By: PHP/5.2.17
X-XSS-Protection: 1; mode=block
GET / HTTP/1.1
Host: web387.login-6.hoststar.ch
Result:
HTTP/1.1 200 OK
Connection: close
Date: Wed, 17 Dec 2014 03:25:07 GMT
Server: Apache
Vary: Accept-Encoding,User-Agent
Content-Type: text/html; charset=UTF-8
Strict-Transport-Security: max-age=15768000
X-Powered-By: PHP/5.2.17
X-XSS-Protection: 1; mode=block
Second query (visit from search engine):
GET / HTTP/1.1
Host: web387.login-6.hoststar.ch
Referer: http://www.google.com/search?q=web387.login-6.hoststar.ch
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: web387.login-6.hoststar.ch
Referer: http://www.google.com/search?q=web387.login-6.hoststar.ch
Result:
The result is similar to the first query. There are no suspicious redirects found.
Scanned pages/files
| Request | Server response | Status |
http://web387.login-6.hoststar.ch/ | 200 OK Content-Length: 12821 Content-Type: text/html | clean |
http://web387.login-6.hoststar.ch/lib/javascript/prototype.js | 200 OK Content-Length: 140242 Content-Type: text/x-js | clean |
http://web387.login-6.hoststar.ch/test404page.js | 404 Not Found Content-Length: 288 Content-Type: text/html | clean |
http://web387.login-6.hoststar.ch/lib/javascript/scriptaculous/scriptaculous.js | 200 OK Content-Length: 2644 Content-Type: text/x-js | clean |
http://web387.login-6.hoststar.ch/lib/javascript/scriptaculous/'+libraryName+' | 404 Not Found Content-Length: 318 Content-Type: text/html | clean |
http://web387.login-6.hoststar.ch/themes/contrexx_theme_2_1/fontsize.js | 200 OK Content-Length: 4757 Content-Type: text/x-js | clean |
http://web387.login-6.hoststar.ch/themes/contrexx_theme_2_1/langnavbar.js | 200 OK Content-Length: 831 Content-Type: text/x-js | clean |
http://web387.login-6.hoststar.ch/core_modules/frontendEditing/js/frontEditing.js | 200 OK Content-Length: 12203 Content-Type: text/x-js | clean |
http://web387.login-6.hoststar.ch/lib/javascript/accordion/javascript/accordion.js | 200 OK Content-Length: 3279 Content-Type: text/x-js | clean |
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=web387.login-6.hoststar.ch
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://web387.login-6.hoststar.ch/
Result: web387.login-6.hoststar.ch is not infected or malware details are not published yet.
Result: web387.login-6.hoststar.ch is not infected or malware details are not published yet.