Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: hiawathavalleyps.com
Result:
HTTP/1.1 200 OK
Cache-Control: private
Date: Tue, 03 Mar 2015 22:05:10 GMT
Server: Microsoft-IIS/6.0
Content-Length: 18703
Content-Type: text/html
MicrosoftOfficeWebServer: 5.0_Pub
Set-Cookie: ASPSESSIONIDQQASTTTR=FGECDEMCGKMIPPEDGFIOMHNB; path=/
X-Powered-By: ASP.NET
...18703 bytes of data.
GET / HTTP/1.1
Host: hiawathavalleyps.com
Result:
HTTP/1.1 200 OK
Cache-Control: private
Date: Tue, 03 Mar 2015 22:05:10 GMT
Server: Microsoft-IIS/6.0
Content-Length: 18703
Content-Type: text/html
MicrosoftOfficeWebServer: 5.0_Pub
Set-Cookie: ASPSESSIONIDQQASTTTR=FGECDEMCGKMIPPEDGFIOMHNB; path=/
X-Powered-By: ASP.NET
...18703 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: hiawathavalleyps.com
Referer: http://www.google.com/search?q=hiawathavalleyps.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: hiawathavalleyps.com
Referer: http://www.google.com/search?q=hiawathavalleyps.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Scanned pages/files
| Request | Server response | Status |
http://hiawathavalleyps.com/ | 200 OK Content-Length: 18703 Content-Type: text/html | clean |
http://www.enternote.fr/superfly.js | 200 OK Content-Length: 530 Content-Type: application/javascript | clean |
http://hiawathavalleyps.com/scripts/user.js | 200 OK Content-Length: 28156 Content-Type: application/x-javascript | clean |
http://hiawathavalleyps.com/scripts/jquery.js | 200 OK Content-Length: 55774 Content-Type: application/x-javascript | clean |
http://hiawathavalleyps.com/scripts/simplegallery.js | 200 OK Content-Length: 19358 Content-Type: application/x-javascript | clean |
http://hiawathavalleyps.com/scripts/photo_album.js | 200 OK Content-Length: 11868 Content-Type: application/x-javascript | clean |
http://hiawathavalleyps.com/home.html | 200 OK Content-Length: 18621 Content-Type: text/html | clean |
http://hiawathavalleyps.com/bridgecontacts.html | 200 OK Content-Length: 28658 Content-Type: text/html | clean |
http://hiawathavalleyps.com/calendarofevents.html | 200 OK Content-Length: 14616 Content-Type: text/html | clean |
http://hiawathavalleyps.com/documents.html | 200 OK Content-Length: 14664 Content-Type: text/html | clean |
http://hiawathavalleyps.com/documents/newsletters.html | 200 OK Content-Length: 19802 Content-Type: text/html | clean |
http://hiawathavalleyps.com/documents/../home.html | 200 OK Content-Length: 18621 Content-Type: text/html | clean |
http://hiawathavalleyps.com/documents/../bridgecontacts.html | 200 OK Content-Length: 28658 Content-Type: text/html | clean |
http://hiawathavalleyps.com/documents/../calendarofevents.html | 200 OK Content-Length: 14616 Content-Type: text/html | clean |
http://hiawathavalleyps.com/documents/../documents.html | 200 OK Content-Length: 14664 Content-Type: text/html | clean |
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=hiawathavalleyps.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://hiawathavalleyps.com/
Result: hiawathavalleyps.com is not infected or malware details are not published yet.
Result: hiawathavalleyps.com is not infected or malware details are not published yet.