Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: unifin.com.au
Result:
HTTP/1.1 200 OK
Cache-Control: no-cache
Date: Sat, 04 Oct 2014 15:49:37 GMT
Pragma: no-cache
Server: Microsoft-IIS/7.5
Content-Length: 23324
Content-Type: text/html
Expires: Sat, 04 Oct 2014 15:48:37 GMT
Server_name: UFSPRWEB01
Set-Cookie: ASPSESSIONIDSSSRACCR=KAMLLDAABNACEADEOLLJMEFE; path=/
X-Powered-By: ASP.NET
...23324 bytes of data.
GET / HTTP/1.1
Host: unifin.com.au
Result:
HTTP/1.1 200 OK
Cache-Control: no-cache
Date: Sat, 04 Oct 2014 15:49:37 GMT
Pragma: no-cache
Server: Microsoft-IIS/7.5
Content-Length: 23324
Content-Type: text/html
Expires: Sat, 04 Oct 2014 15:48:37 GMT
Server_name: UFSPRWEB01
Set-Cookie: ASPSESSIONIDSSSRACCR=KAMLLDAABNACEADEOLLJMEFE; path=/
X-Powered-By: ASP.NET
...23324 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: unifin.com.au
Referer: http://www.google.com/search?q=unifin.com.au
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: unifin.com.au
Referer: http://www.google.com/search?q=unifin.com.au
Result:
The result is similar to the first query. There are no suspicious redirects found.
Scanned pages/files
| Request | Server response | Status |
http://unifin.com.au/ | 200 OK Content-Length: 23324 Content-Type: text/html | clean |
http://unifin.com.au/js/fw_menu.js | 200 OK Content-Length: 23572 Content-Type: application/x-javascript | clean |
http://unifin.com.au/js/rollovers_FW.js | 200 OK Content-Length: 2984 Content-Type: application/x-javascript | clean |
http://unifin.com.au/page.asp?pg=1 | 200 OK Content-Length: 20138 Content-Type: text/html | clean |
http://unifin.com.au/index.asp | 200 OK Content-Length: 23324 Content-Type: text/html | clean |
http://unifin.com.au/page.asp?pg=2 | 200 OK Content-Length: 21237 Content-Type: text/html | clean |
http://unifin.com.au/page.asp?pg=3 | 200 OK Content-Length: 19427 Content-Type: text/html | clean |
http://unifin.com.au/page.asp?pg=4 | 200 OK Content-Length: 19277 Content-Type: text/html | clean |
http://unifin.com.au/page.asp?pg=13 | 200 OK Content-Length: 19311 Content-Type: text/html | clean |
http://unifin.com.au/page.asp?pg=5 | 200 OK Content-Length: 20209 Content-Type: text/html | clean |
http://unifin.com.au/page.asp?pg=6 | 200 OK Content-Length: 24032 Content-Type: text/html | clean |
http://unifin.com.au/page.asp?pg=8 | 200 OK Content-Length: 19026 Content-Type: text/html | clean |
http://unifin.com.au/page.asp?pg=9 | 200 OK Content-Length: 21537 Content-Type: text/html | clean |
http://unifin.com.au/page.asp?pg=10 | 200 OK Content-Length: 22413 Content-Type: text/html | clean |
http://unifin.com.au/page.asp?pg=f3_new | 200 OK Content-Length: 70277 Content-Type: text/html | clean |
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=unifin.com.au
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://unifin.com.au/
Result: unifin.com.au is not infected or malware details are not published yet.
Result: unifin.com.au is not infected or malware details are not published yet.