Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: bizhard.com
Result:
HTTP/1.1 302 Found
Cache-Control: private
Date: Wed, 18 Jun 2014 02:25:13 GMT
Location: http://www.bizhard.com/Default.aspx
Server: Microsoft-IIS/6.0
Content-Length: 152
Content-Type: text/html; charset=utf-8
P3P: CP='CAO PSA CONi OTR OUR DEM ONL'
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
X-UA-Compatible: IE=EmulateIE7
...152 bytes of data.
GET / HTTP/1.1
Host: bizhard.com
Result:
HTTP/1.1 302 Found
Cache-Control: private
Date: Wed, 18 Jun 2014 02:25:13 GMT
Location: http://www.bizhard.com/Default.aspx
Server: Microsoft-IIS/6.0
Content-Length: 152
Content-Type: text/html; charset=utf-8
P3P: CP='CAO PSA CONi OTR OUR DEM ONL'
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
X-UA-Compatible: IE=EmulateIE7
...152 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: bizhard.com
Referer: http://www.google.com/search?q=bizhard.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: bizhard.com
Referer: http://www.google.com/search?q=bizhard.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Scanned pages/files
| Request | Server response | Status |
http://bizhard.com/ | HTTP/1.1 302 Found Cache-Control: private Date: Wed, 18 Jun 2014 02:25:13 GMT Location: http://www.bizhard.com/Default.aspx Server: Microsoft-IIS/6.0 Content-Length: 152 Content-Type: text/html; charset=utf-8 P3P: CP='CAO PSA CONi OTR OUR DEM ONL' X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET X-UA-Compatible: IE=EmulateIE7 | clean |
http://www.bizhard.com/default.aspx | HTTP/1.1 302 Found Cache-Control: no-cache Date: Wed, 18 Jun 2014 02:25:15 GMT Pragma: no-cache Location: /Center/Default.aspx Server: Microsoft-IIS/6.0 Content-Length: 141 Content-Type: text/html; charset=utf-8 Expires: -1 P3P: CP='CAO PSA CONi OTR OUR DEM ONL' Set-Cookie: BZSITE=F1/K8v4WXaFooQYLCc/TGxevOfFxw1kDrp8mSJAzEJqtbwFk89ULgEkluELbxVnBA0+Px11hrRfNMafSoMqtl/XzZpn/2oKMdEydDU8AO75LF+metyrq37zLPiRtyy5gvx5em9UOVD5Ti+N+xD/y9rWuAVmNHlM5/tHM6LFNLUtL3AUI+2HX1VDObBtcXM0JlnUmFShHzkbHm/zZxE7lypTfr38HR68tIGkUlO2wMsVEIx6p2UhwEIZpzHs9F2FcAZhfFP48xUMVqG4vhzaSfc7HEYkpBlfG2HLPc4OyPinxIFjNmOaEhtXjQAg9wHi/b2iFweCO9Gc3ieGlNvd2qcOg2vBWGZcD+wt7pBWhZE8zob3HSa9Dvc7uFk9fCxTl; domain=.bizhard.com; path=/ Set-Cookie: BZSITEV=c1602b1a; domain=.bizhard.com; path=/ Set-Cookie: ASP.NET_SessionId=5vynfd45jo3jes2aqvnxuv45; path=/; HttpOnly Set-Cookie: Referrer=Direct Access!; path=/ Set-Cookie: BIZTAB=skKMEB7vbyY=; expires=Wed, 18-Jun-2014 02:35:15 GMT; path=/ X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET X-UA-Compatible: IE=EmulateIE7 | clean |
http://www.bizhard.com/center/default.aspx | 200 OK Content-Length: 35071 Content-Type: text/html | clean |
http://js.bizstatic.com/common/prototype-1.6.0.3.js | 200 OK Content-Length: 74969 Content-Type: application/x-javascript | clean |
http://js.bizstatic.com/common/scriptaculous.js?load=effects,dragdrop | 200 OK Content-Length: 920 Content-Type: application/x-javascript | clean |
http://www.bizhard.com/Center/Layout/js/blass.js | 200 OK Content-Length: 11399 Content-Type: application/x-javascript | clean |
http://www.bizhard.com/Center/Layout/js/layout.js | 200 OK Content-Length: 7836 Content-Type: application/x-javascript | clean |
http://www.bizhard.com/Center/Layout/js/common.js?2011092901 | 200 OK Content-Length: 7323 Content-Type: application/x-javascript | clean |
http://bizhard.com/Center/ajax/common.ashx | HTTP/1.1 302 Found Cache-Control: private Date: Wed, 18 Jun 2014 02:25:27 GMT Location: http://www.bizhard.com/Center/ajax/common.ashx Server: Microsoft-IIS/6.0 Content-Length: 163 Content-Type: text/html; charset=utf-8 P3P: CP='CAO PSA CONi OTR OUR DEM ONL' X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET X-UA-Compatible: IE=EmulateIE7 | clean |
http://www.bizhard.com/center/ajax/common.ashx | 200 OK Content-Length: 2991 Content-Type: text/plain | clean |
http://www.bizhard.com/test404page.js | 404 Not Found Content-Length: 5071 Content-Type: text/html | clean |
http://static.bizhard.com/js/common/prototype-1.6.0.3.js | 200 OK Content-Length: 74969 Content-Type: application/x-javascript | clean |
http://static.bizhard.com/js/common/scriptaculous.js?load=effects,dragdrop | 200 OK Content-Length: 920 Content-Type: application/x-javascript | clean |
http://www.bizhard.com/Error/Layout/js/blass.js | 200 OK Content-Length: 16724 Content-Type: application/x-javascript | clean |
http://www.bizhard.com/Error/Layout/js/layout.js | 200 OK Content-Length: 9792 Content-Type: application/x-javascript | clean |
http://www.bizhard.com/Error/Layout/js/common.js | 200 OK Content-Length: 13380 Content-Type: application/x-javascript | clean |
http://www.bizhard.com/Center/ | 200 OK Content-Length: 35071 Content-Type: text/html | clean |
http://www.bizhard.com/Center/ajax/common.ashx | 200 OK Content-Length: 2991 Content-Type: text/plain | clean |
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=bizhard.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://bizhard.com/
Result: bizhard.com is not infected or malware details are not published yet.
Result: bizhard.com is not infected or malware details are not published yet.