Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: bloderforeningen.dk
Result:
HTTP/1.1 200 OK
Cache-Control: private
Date: Thu, 09 Oct 2014 17:30:41 GMT
Server: Microsoft-IIS/6.0
Content-Length: 14237
Content-Type: text/html
Set-Cookie: ASPSESSIONIDCAASDQAA=OFIJBCPCNMPMEKLBBDCMNAED; path=/
X-Powered-By: ASP.NET
...14237 bytes of data.
GET / HTTP/1.1
Host: bloderforeningen.dk
Result:
HTTP/1.1 200 OK
Cache-Control: private
Date: Thu, 09 Oct 2014 17:30:41 GMT
Server: Microsoft-IIS/6.0
Content-Length: 14237
Content-Type: text/html
Set-Cookie: ASPSESSIONIDCAASDQAA=OFIJBCPCNMPMEKLBBDCMNAED; path=/
X-Powered-By: ASP.NET
...14237 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: bloderforeningen.dk
Referer: http://www.google.com/search?q=bloderforeningen.dk
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: bloderforeningen.dk
Referer: http://www.google.com/search?q=bloderforeningen.dk
Result:
The result is similar to the first query. There are no suspicious redirects found.
Scanned pages/files
| Request | Server response | Status |
http://bloderforeningen.dk/ | 200 OK Content-Length: 14237 Content-Type: text/html | clean |
http://bloderforeningen.dk/Scripts/AC_RunActiveContent.js | 200 OK Content-Length: 3359 Content-Type: application/x-javascript | clean |
http://bloderforeningen.dk/Scripts/AC_ActiveX.js | 200 OK Content-Length: 2139 Content-Type: application/x-javascript | clean |
http://bloderforeningen.dk/scripts/default.js | 200 OK Content-Length: 254 Content-Type: application/x-javascript | clean |
http://bloderforeningen.dk/default.asp | 200 OK Content-Length: 14237 Content-Type: text/html | clean |
http://bloderforeningen.dk/default.asp?MenuID=601 | 200 OK Content-Length: 11454 Content-Type: text/html | clean |
http://bloderforeningen.dk/default.asp?MenuID=632 | 200 OK Content-Length: 12683 Content-Type: text/html | clean |
http://bloderforeningen.dk/default.asp?MenuID=633 | 500 timeout Content-Length: 30 Content-Type: text/plain | clean |
http://bloderforeningen.dk/test404page.js | HTTP/1.1 302 Object moved Cache-Control: private Date: Thu, 09 Oct 2014 17:30:52 GMT Location: default.asp?action=fejl404 Server: Microsoft-IIS/6.0 Content-Length: 147 Content-Type: text/html Set-Cookie: ASPSESSIONIDCAASDQAA=EGIJBCPCHEIHGFOGCDALAEJF; path=/ X-Powered-By: ASP.NET | clean |
http://bloderforeningen.dk/default.asp?action=fejl404 | 200 OK Content-Length: 14237 Content-Type: text/html | clean |
http://bloderforeningen.dk/default.asp?MenuID=578 | 200 OK Content-Length: 105253 Content-Type: text/html | clean |
http://bloderforeningen.dk/default.asp?MenuID=770 | 200 OK Content-Length: 12690 Content-Type: text/html | clean |
http://bloderforeningen.dk/default.asp?MenuID=610 | 200 OK Content-Length: 263921 Content-Type: text/html | clean |
http://bloderforeningen.dk/default.asp?MenuID=592 | 200 OK Content-Length: 11075 Content-Type: text/html | clean |
http://bloderforeningen.dk/default.asp?MenuID=603 | 200 OK Content-Length: 12334 Content-Type: text/html | clean |
http://bloderforeningen.dk/default.asp?MenuID=615 | 200 OK Content-Length: 11606 Content-Type: text/html | clean |
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=bloderforeningen.dk
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://bloderforeningen.dk/
Result: bloderforeningen.dk is not infected or malware details are not published yet.
Result: bloderforeningen.dk is not infected or malware details are not published yet.