Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: votetiger.com
Result:
HTTP/1.1 200 OK
Cache-Control: private
Date: Fri, 10 Oct 2014 16:58:26 GMT
Server: Microsoft-IIS/6.0
Content-Length: 48660
Content-Type: text/html; charset=utf-8
MicrosoftOfficeWebServer: 5.0_Pub
Set-Cookie: ASP.NET_SessionId=dinjd555nt122bnmpsdw3u45; path=/; HttpOnly
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
...48660 bytes of data.
GET / HTTP/1.1
Host: votetiger.com
Result:
HTTP/1.1 200 OK
Cache-Control: private
Date: Fri, 10 Oct 2014 16:58:26 GMT
Server: Microsoft-IIS/6.0
Content-Length: 48660
Content-Type: text/html; charset=utf-8
MicrosoftOfficeWebServer: 5.0_Pub
Set-Cookie: ASP.NET_SessionId=dinjd555nt122bnmpsdw3u45; path=/; HttpOnly
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
...48660 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: votetiger.com
Referer: http://www.google.com/search?q=votetiger.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: votetiger.com
Referer: http://www.google.com/search?q=votetiger.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Scanned pages/files
| Request | Server response | Status |
http://votetiger.com/ | 200 OK Content-Length: 48660 Content-Type: text/html | clean |
http://www.votetiger.com/greybox/AJS.js | 200 OK Content-Length: 10396 Content-Type: application/x-javascript | clean |
http://www.votetiger.com/greybox/AJS_fx.js | 200 OK Content-Length: 3192 Content-Type: application/x-javascript | clean |
http://www.votetiger.com/greybox/gb_scripts.js | 200 OK Content-Length: 11908 Content-Type: application/x-javascript | clean |
http://votetiger.com/WebResource.axd?d=rIXPhenFeX_jxlJtJWnwQg2&t=635485194021810478 | 200 OK Content-Length: 20794 Content-Type: application/x-javascript | clean |
http://votetiger.com/WebResource.axd?d=tKd0XtqgA_EFuojtTrZ7rQ2&t=635485194021810478 | 200 OK Content-Length: 33247 Content-Type: application/x-javascript | clean |
http://votetiger.com/Search.aspx | 200 OK Content-Length: 12629 Content-Type: text/html | clean |
http://votetiger.com/WebResource.axd?d=nOPIQi80wumdoN0PutuSFEci9QldKf5Bb0JQqyiySZw1&t=635485194021810478 | 200 OK Content-Length: 21547 Content-Type: application/x-javascript | clean |
http://votetiger.com/WebResource.axd?d=KB0dzBOeLR9uvoEe219ehw2&t=635485194021810478 | 200 OK Content-Length: 3005 Content-Type: application/x-javascript | clean |
http://votetiger.com/homepage.aspx | 200 OK Content-Length: 48660 Content-Type: text/html | clean |
http://votetiger.com/default.aspx?pg=03085fbc-07ac-43ba-912b-cacbe296b833 | 200 OK Content-Length: 300852 Content-Type: text/html | clean |
http://votetiger.com/default.aspx?pg=64f46f4a-0c39-4224-9814-5155d73246eb | 200 OK Content-Length: 57552 Content-Type: text/html | clean |
http://votetiger.com/default.aspx?pg=18490eae-1140-498d-b55c-e8ec9230dd07 | 200 OK Content-Length: 38415 Content-Type: text/html | clean |
http://votetiger.com/impressum.aspx | 200 OK Content-Length: 10122 Content-Type: text/html | clean |
http://votetiger.com/test404page.js | 404 Not Found Content-Length: 1920 Content-Type: text/html | clean |
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=votetiger.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://votetiger.com/
Result: votetiger.com is not infected or malware details are not published yet.
Result: votetiger.com is not infected or malware details are not published yet.