Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: hpna.org
Result:
HTTP/1.1 302 Found
Cache-Control: private
Date: Fri, 18 Jul 2014 20:31:11 GMT
Location: /Default2.aspx
Server: Microsoft-IIS/7.0
Content-Length: 133
Content-Type: text/html; charset=utf-8
Set-Cookie: ASP.NET_SessionId=s2z00q45aeh5sefihy5t3g55; path=/; HttpOnly
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
...133 bytes of data.
GET / HTTP/1.1
Host: hpna.org
Result:
HTTP/1.1 302 Found
Cache-Control: private
Date: Fri, 18 Jul 2014 20:31:11 GMT
Location: /Default2.aspx
Server: Microsoft-IIS/7.0
Content-Length: 133
Content-Type: text/html; charset=utf-8
Set-Cookie: ASP.NET_SessionId=s2z00q45aeh5sefihy5t3g55; path=/; HttpOnly
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
...133 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: hpna.org
Referer: http://www.google.com/search?q=hpna.org
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: hpna.org
Referer: http://www.google.com/search?q=hpna.org
Result:
The result is similar to the first query. There are no suspicious redirects found.
Scanned pages/files
Request | Server response | Status |
http://hpna.org/ | HTTP/1.1 302 Found Cache-Control: private Date: Fri, 18 Jul 2014 20:31:11 GMT Location: /Default2.aspx Server: Microsoft-IIS/7.0 Content-Length: 133 Content-Type: text/html; charset=utf-8 Set-Cookie: ASP.NET_SessionId=s2z00q45aeh5sefihy5t3g55; path=/; HttpOnly X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET | clean |
http://hpna.org/default2.aspx | 200 OK Content-Length: 98711 Content-Type: text/html | clean |
http://hpna.org/WebResource.axd?d=xqcY222WsV3gxKtOuYSr7GJ8iFFJG_FwcTDh-BLFIaTLMmQFZQ0-lOefPjn_k9hF-OA-Uiuy5Ez0-WrVVaJe2A8D4c01&t=635315861528827089 | 200 OK Content-Length: 20794 Content-Type: application/x-javascript | clean |
http://hpna.org/eo_web.ashx?id=fcb302a7-4406-43d8-b044-0994c320ad4c | 200 OK Content-Length: 31974 Content-Type: application/x-javascript | clean |
http://hpna.org/eo_web.ashx?id=101c4cb7-7ff8-435d-b38b-974e99b20de0 | 200 OK Content-Length: 4764 Content-Type: application/x-javascript | clean |
http://hpna.org/eo_web.ashx?id=75fd6f78-03be-4100-bb55-a549497709bc | 200 OK Content-Length: 40185 Content-Type: application/x-javascript | clean |
http://hpna.org/eo_web.ashx?id=383519d2-5bb5-498c-9924-2002e1349841 | 200 OK Content-Length: 7801 Content-Type: application/x-javascript | clean |
http://hpna.org/eo_web.ashx?id=f6ccdcdd-d6e3-482f-980b-269e16680f2b | 200 OK Content-Length: 3296 Content-Type: application/x-javascript | clean |
http://hpna.org/eo_web.ashx?id=904e6e1c-0e01-4f7b-bab1-da17b65ccce9 | 200 OK Content-Length: 9810 Content-Type: application/x-javascript | clean |
http://hpna.org/eo_web.ashx?id=859e2337-604a-480d-b019-cb8c9b241e5d | 200 OK Content-Length: 45946 Content-Type: application/x-javascript | clean |
http://hpna.org/eo_web.ashx?id=44b31e8a-bca0-423a-abbe-16ba68f0a927 | 200 OK Content-Length: 39693 Content-Type: application/x-javascript | clean |
http://hpna.org/WebResource.axd?d=OpiFzTpMKbP3rDRbU0yFL6cWapq-L7JguBgX9ghq3r2Cw7qB6p4JItJO9riS0-I7xX3JUy7ulcEF6zSIOnWU705V97E1&t=635315861528827089 | 200 OK Content-Length: 3005 Content-Type: application/x-javascript | clean |
http://hpna.org/default.aspx | HTTP/1.1 302 Found Cache-Control: private Date: Fri, 18 Jul 2014 20:31:22 GMT Location: /Default2.aspx Server: Microsoft-IIS/7.0 Content-Length: 133 Content-Type: text/html; charset=utf-8 Set-Cookie: ASP.NET_SessionId=tfuh3b45o3t05s55hk2cut45; path=/; HttpOnly X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET | clean |
http://hpna.org/test404page.js | 404 Not Found Content-Length: 1245 Content-Type: text/html | clean |
http://hpna.org/JobPostings.aspx | 200 OK Content-Length: 57440 Content-Type: text/html | clean |
http://hpna.org/Sitemap.aspx | 200 OK Content-Length: 188733 Content-Type: text/html | clean |
http://hpna.org/WebResource.axd?d=YgYcFzFOcYCeOfrTP2v4ZwOWwgfs68DM20X-DEYpXqBADDHthbRCpFftbYM3g_hcyQQJ_iKbgKsUXjuUEuZA0lSbWRk1&t=635315861528827089 | 200 OK Content-Length: 9348 Content-Type: application/x-javascript | clean |
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=hpna.org
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://hpna.org/
Result: hpna.org is not infected or malware details are not published yet.
Result: hpna.org is not infected or malware details are not published yet.