Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: ksdb.co.kr
Result:
HTTP/1.1 302 Object moved
Cache-Control: private
Date: Fri, 16 Jan 2015 23:32:33 GMT
Location: main.asp
Server: Microsoft-IIS/6.0
Content-Length: 129
Content-Type: text/html; Charset=utf-8
Set-Cookie: ASPSESSIONIDSSCCDTRB=ELOEICFAMKNMOPDHMANDKPNE; path=/
X-Powered-By: ASP.NET
...129 bytes of data.
GET / HTTP/1.1
Host: ksdb.co.kr
Result:
HTTP/1.1 302 Object moved
Cache-Control: private
Date: Fri, 16 Jan 2015 23:32:33 GMT
Location: main.asp
Server: Microsoft-IIS/6.0
Content-Length: 129
Content-Type: text/html; Charset=utf-8
Set-Cookie: ASPSESSIONIDSSCCDTRB=ELOEICFAMKNMOPDHMANDKPNE; path=/
X-Powered-By: ASP.NET
...129 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: ksdb.co.kr
Referer: http://www.google.com/search?q=ksdb.co.kr
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: ksdb.co.kr
Referer: http://www.google.com/search?q=ksdb.co.kr
Result:
The result is similar to the first query. There are no suspicious redirects found.
Scanned pages/files
| Request | Server response | Status |
http://ksdb.co.kr/ | HTTP/1.1 302 Object moved Cache-Control: private Date: Fri, 16 Jan 2015 23:32:33 GMT Location: main.asp Server: Microsoft-IIS/6.0 Content-Length: 129 Content-Type: text/html; Charset=utf-8 Set-Cookie: ASPSESSIONIDSSCCDTRB=ELOEICFAMKNMOPDHMANDKPNE; path=/ X-Powered-By: ASP.NET | clean |
http://ksdb.co.kr/main.asp | 200 OK Content-Length: 46827 Content-Type: text/html | clean |
http://ksdb.co.kr/include/lib/FormUtil.js | HTTP/1.1 200 OK Date: Fri, 16 Jan 2015 23:32:38 GMT Accept-Ranges: bytes ETag: "0653ef09d66ca1:48ae" Server: Microsoft-IIS/6.0 Content-Length: 24543 Content-Location: http://ksdb.co.kr/include/lib/FormUtil.js Content-Type: application/x-javascript Last-Modified: Mon, 16 Nov 2009 09:19:46 GMT X-Powered-By: ASP.NET | clean |
http://ksdb.co.kr/include/lib/formutil.js | HTTP/1.1 200 OK Date: Fri, 16 Jan 2015 23:32:40 GMT Accept-Ranges: bytes ETag: "0653ef09d66ca1:48ae" Server: Microsoft-IIS/6.0 Content-Length: 24543 Content-Location: http://ksdb.co.kr/include/lib/formutil.js Content-Type: application/x-javascript Last-Modified: Mon, 16 Nov 2009 09:19:46 GMT X-Powered-By: ASP.NET | clean |
http://ksdb.co.kr/test404page.js | 404 Not Found Content-Length: 1466 Content-Type: text/html | clean |
http://ksdb.co.kr/include/lib/prototype.js | HTTP/1.1 200 OK Date: Fri, 16 Jan 2015 23:32:43 GMT Accept-Ranges: bytes ETag: "0a096f89d66ca1:48ae" Server: Microsoft-IIS/6.0 Content-Length: 71265 Content-Location: http://ksdb.co.kr/include/lib/prototype.js Content-Type: application/x-javascript Last-Modified: Mon, 16 Nov 2009 09:20:00 GMT X-Powered-By: ASP.NET | clean |
http://ksdb.co.kr/include/lib/Calendar.js | HTTP/1.1 200 OK Date: Fri, 16 Jan 2015 23:32:47 GMT Accept-Ranges: bytes ETag: "038def9d66ca1:48ae" Server: Microsoft-IIS/6.0 Content-Length: 13806 Content-Location: http://ksdb.co.kr/include/lib/Calendar.js Content-Type: application/x-javascript Last-Modified: Mon, 16 Nov 2009 09:19:44 GMT X-Powered-By: ASP.NET | clean |
http://ksdb.co.kr/include/lib/calendar.js | HTTP/1.1 200 OK Date: Fri, 16 Jan 2015 23:32:48 GMT Accept-Ranges: bytes ETag: "038def9d66ca1:48ae" Server: Microsoft-IIS/6.0 Content-Length: 13806 Content-Location: http://ksdb.co.kr/include/lib/calendar.js Content-Type: application/x-javascript Last-Modified: Mon, 16 Nov 2009 09:19:44 GMT X-Powered-By: ASP.NET | clean |
http://ksdb.co.kr/include/lib/highslide.js | HTTP/1.1 200 OK Date: Fri, 16 Jan 2015 23:32:51 GMT Accept-Ranges: bytes ETag: "923ddb3aca25ce1:48ae" Server: Microsoft-IIS/6.0 Content-Length: 69846 Content-Location: http://ksdb.co.kr/include/lib/highslide.js Content-Type: application/x-javascript Last-Modified: Thu, 21 Mar 2013 00:22:54 GMT X-Powered-By: ASP.NET | clean |
http://ksdb.co.kr/include/lib/common.js | HTTP/1.1 200 OK Date: Fri, 16 Jan 2015 23:32:53 GMT Accept-Ranges: bytes ETag: "81e7e28d31bcf1:48ae" Server: Microsoft-IIS/6.0 Content-Length: 52375 Content-Location: http://ksdb.co.kr/include/lib/common.js Content-Type: application/x-javascript Last-Modified: Tue, 28 Jan 2014 02:45:41 GMT X-Powered-By: ASP.NET | clean |
http://ksdb.co.kr/include/lib/jquery-1.7.1.min.js | HTTP/1.1 200 OK Date: Fri, 16 Jan 2015 23:32:55 GMT Accept-Ranges: bytes ETag: "de937a1888bacf1:48ae" Server: Microsoft-IIS/6.0 Content-Length: 93871 Content-Location: http://ksdb.co.kr/include/lib/jquery-1.7.1.min.js Content-Type: application/x-javascript Last-Modified: Mon, 18 Aug 2014 01:59:50 GMT X-Powered-By: ASP.NET | clean |
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=ksdb.co.kr
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://ksdb.co.kr/
Result: ksdb.co.kr is not infected or malware details are not published yet.
Result: ksdb.co.kr is not infected or malware details are not published yet.