Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: eng.winwave.co.kr
Result:
HTTP/1.1 200 OK
Connection: close
Date: Sat, 04 Oct 2014 05:06:32 GMT
Server: Apache/2.2.13 (Unix) PHP/5.2.17
Content-Type: text/html; charset=utf-8
Set-Cookie: PHPSESSID=c56lts80c2gmq65g0aorfjjj26; path=/
X-Powered-By: PHP/5.2.17
GET / HTTP/1.1
Host: eng.winwave.co.kr
Result:
HTTP/1.1 200 OK
Connection: close
Date: Sat, 04 Oct 2014 05:06:32 GMT
Server: Apache/2.2.13 (Unix) PHP/5.2.17
Content-Type: text/html; charset=utf-8
Set-Cookie: PHPSESSID=c56lts80c2gmq65g0aorfjjj26; path=/
X-Powered-By: PHP/5.2.17
Second query (visit from search engine):
GET / HTTP/1.1
Host: eng.winwave.co.kr
Referer: http://www.google.com/search?q=eng.winwave.co.kr
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: eng.winwave.co.kr
Referer: http://www.google.com/search?q=eng.winwave.co.kr
Result:
The result is similar to the first query. There are no suspicious redirects found.
Scanned pages/files
Request | Server response | Status |
http://eng.winwave.co.kr/ | 200 OK Content-Length: 13042 Content-Type: text/html | clean |
http://ajax.googleapis.com/ajax/libs/jquery/1.4/jquery.min.js | 200 OK Content-Length: 78601 Content-Type: text/javascript | clean |
http://eng.winwave.co.kr/jquery.banner.js | 200 OK Content-Length: 14592 Content-Type: application/javascript | clean |
http://eng.winwave.co.kr/index.html | 200 OK Content-Length: 13042 Content-Type: text/html | clean |
http://eng.winwave.co.kr/sitemap.html | 200 OK Content-Length: 11005 Content-Type: text/html | clean |
http://eng.winwave.co.kr/sub_01_01.html | 200 OK Content-Length: 10112 Content-Type: text/html | clean |
http://eng.winwave.co.kr/sub_02_01.html | 200 OK Content-Length: 9728 Content-Type: text/html | clean |
http://eng.winwave.co.kr/sub_03_01.html | 200 OK Content-Length: 8981 Content-Type: text/html | clean |
http://eng.winwave.co.kr/sub_04_01.html | 200 OK Content-Length: 8756 Content-Type: text/html | clean |
http://eng.winwave.co.kr/sub_05_01.html | 200 OK Content-Length: 8754 Content-Type: text/html | clean |
http://eng.winwave.co.kr/sub_01_02.html | 200 OK Content-Length: 10127 Content-Type: text/html | clean |
http://eng.winwave.co.kr/sub_01_03.html | 200 OK Content-Length: 10108 Content-Type: text/html | clean |
http://eng.winwave.co.kr/sub_01_04.html | 200 OK Content-Length: 10551 Content-Type: text/html | clean |
http://eng.winwave.co.kr/sub_01_05.html | 200 OK Content-Length: 10271 Content-Type: text/html | clean |
http://eng.winwave.co.kr/sub_01_06.html | 200 OK Content-Length: 10493 Content-Type: text/html | clean |
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=eng.winwave.co.kr
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://eng.winwave.co.kr/
Result: eng.winwave.co.kr is not infected or malware details are not published yet.
Result: eng.winwave.co.kr is not infected or malware details are not published yet.