Most of the time, when analyzing malicious web pages, HTTP response code is one of my important indicators in order to determine the behaviour of the page (whether it is successful, unsuccessful, redirection and etc).
I've stumbled upon a trick where browser display an error page (php mysql error, cpanel error, or page not found) with HTTP response 200, but instead, it contains malicious JavaScript code on the backend to exploit users when the page is loaded.
I've never encounter error page with HTTP response 404 and still contains the JavaScript code to redirect users to exploit page until recently.
read more.....http://blog.lab69.com/2013/01/404-and-youve-been-exploited.html
I've stumbled upon a trick where browser display an error page (php mysql error, cpanel error, or page not found) with HTTP response 200, but instead, it contains malicious JavaScript code on the backend to exploit users when the page is loaded.
 |
| Deceiving Error Page with HTTP Response 200 |
I've never encounter error page with HTTP response 404 and still contains the JavaScript code to redirect users to exploit page until recently.
read more.....http://blog.lab69.com/2013/01/404-and-youve-been-exploited.html