Scanned pages/files
Request | Server response | Status |
http://flagscalgary.com/ | 200 OK Content-Length: 45626 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) <!-- Encrypter By Bang Zendy --> document.write(unescape('%3C%68%74%6D%6C%3E%0A%3C%68%65%61%64%3E%0A%3C%6C%69%6E%6B%20%68%72%65%66%3D%22%68%74%74%70%3A%2F%2F%6F%6D%6B%69%63%61%75%31%2E%66%69%6C%65%73%2E%77%6F%72%64%70%72%65%73%73%2E%63%6F%6D%2F%32%30%31%31%2F%30%32%2F%62%65%6E%64%65%72%61%2D%6D%65%72%61%68%2D%70%75%74%69%68%2D%62%65%6E%64%65%72%61%2D%69%6E%64%6F%6E%65%73%69%61%2D%69%6E%64%6F%6E%65%73%69%61%2D%66%6C%61%67%2D%6F%6D%6B%69%63%61%75%2D%31%2E%67%69%66%22%20%72%65%6C%3 <!-- HTML Encryption by http: Antivirus reports:
| ||
http://flagscalgary.com/test404page.js | 200 OK Content-Length: 45626 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) <!-- Encrypter By Bang Zendy --> document.write(unescape('%3C%68%74%6D%6C%3E%0A%3C%68%65%61%64%3E%0A%3C%6C%69%6E%6B%20%68%72%65%66%3D%22%68%74%74%70%3A%2F%2F%6F%6D%6B%69%63%61%75%31%2E%66%69%6C%65%73%2E%77%6F%72%64%70%72%65%73%73%2E%63%6F%6D%2F%32%30%31%31%2F%30%32%2F%62%65%6E%64%65%72%61%2D%6D%65%72%61%68%2D%70%75%74%69%68%2D%62%65%6E%64%65%72%61%2D%69%6E%64%6F%6E%65%73%69%61%2D%69%6E%64%6F%6E%65%73%69%61%2D%66%6C%61%67%2D%6F%6D%6B%69%63%61%75%2D%31%2E%67%69%66%22%20%72%65%6C%3 <!-- HTML Encryption by http: Antivirus reports:
|
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: flagscalgary.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Sat, 19 Apr 2014 19:11:06 GMT
Server: Apache
Content-Type: text/html
X-Powered-By: PHP/5.2.17
GET / HTTP/1.1
Host: flagscalgary.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Sat, 19 Apr 2014 19:11:06 GMT
Server: Apache
Content-Type: text/html
X-Powered-By: PHP/5.2.17
Second query (visit from search engine):
GET / HTTP/1.1
Host: flagscalgary.com
Referer: http://www.google.com/search?q=flagscalgary.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: flagscalgary.com
Referer: http://www.google.com/search?q=flagscalgary.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=flagscalgary.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://flagscalgary.com/
Result: flagscalgary.com is not infected or malware details are not published yet.
Result: flagscalgary.com is not infected or malware details are not published yet.