Scanned pages/files
Request | Server response | Status |
http://muftisameen.org/ | 200 OK Content-Length: 36278 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) <!-- jQuery('#res').html('<iframe style="visibility: visible;" id="myframe" align="center" scrolling="auto" frameborder="0" marginheight="0" marginwidth="0" src="http://islampathway.com/index.php/?option=com_content&view=frontpage&Itemid=628&mytype=getlectures" width="100%" height="500px"></iframe>'); function fl(){ var sh = document.getElementById('myframe').contentWindow.document.body.scrollHeight; jQuery('#res').html('<iframe id="myframe" onchange="alert(1)" style="visibility: hidden;" onload="fl2()" align="center" scrolling="no" frameborder="0" marginheight="0" marginwidth="0" src="http://islampathway.com/index.php/?option=com_content&view=frontpage&Itemid=628&mytype=getlectures" width="100%" height="'+sh+'px"></iframe>'); } function fl2(){ jQuery("#myframe").css("visibility","visible"); } Antivirus reports:
Hidden iFrame found. size: 100x style: hidden src: http://islampathway.com/index.php/?option=com_content&view=frontpage&itemid=628&mytype=getlectures <iframe id="myframe" onchange="alert(1)" style="visibility: hidden;" onload="fl2()" align="center" scrolling="no" frameborder="0" marginheight="0" marginwidth="0" src="http://islampathway.com/index.php/?option=com_content&view=frontpage&itemid=628&mytype=getlectures" width="100%" height="'+sh+'px"> | ||
http://muftisameen.org/plugins/system/jat3/base-themes/default/js/core.js | 200 OK Content-Length: 5721 Content-Type: application/javascript | clean |
http://muftisameen.org/plugins/system/jat3/base-themes/default/js/menu/mega.js | 200 OK Content-Length: 15242 Content-Type: application/javascript | clean |
http://muftisameen.org/media/system/js/caption.js | 200 OK Content-Length: 1963 Content-Type: application/javascript | clean |
http://muftisameen.org/components/com_acymailing/js/acymailing_module.js | 200 OK Content-Length: 4433 Content-Type: application/javascript | clean |
http://muftisameen.org/plugins/system/pc_includes/ajax_1.3.js | 200 OK Content-Length: 8843 Content-Type: application/javascript | clean |
http://muftisameen.org/jquery-1.6.3.js | 200 OK Content-Length: 238009 Content-Type: application/javascript | clean |
http://muftisameen.org/colorbox/js/jquery.colorbox.js | 200 OK Content-Length: 27347 Content-Type: application/javascript | clean |
http://muftisameen.org/demo/templates/ja_t3_blank/js/gk.script.js | 404 Not Found Content-Length: 424 Content-Type: text/html | clean |
http://muftisameen.org/test404page.js | 404 Not Found Content-Length: 396 Content-Type: text/html | clean |
http://s7.addthis.com/js/250/addthis_widget.js | 200 OK Content-Length: 6816 Content-Type: text/javascript | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: muftisameen.org
Result:
HTTP/1.1 200 OK
Connection: close
Date: Fri, 11 Apr 2014 04:27:51 GMT
Server: Apache
Content-Type: text/html
X-Powered-By: PHP/5.3.14
GET / HTTP/1.1
Host: muftisameen.org
Result:
HTTP/1.1 200 OK
Connection: close
Date: Fri, 11 Apr 2014 04:27:51 GMT
Server: Apache
Content-Type: text/html
X-Powered-By: PHP/5.3.14
Second query (visit from search engine):
GET / HTTP/1.1
Host: muftisameen.org
Referer: http://www.google.com/search?q=muftisameen.org
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: muftisameen.org
Referer: http://www.google.com/search?q=muftisameen.org
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=muftisameen.org
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://muftisameen.org/
Result: muftisameen.org is not infected or malware details are not published yet.
Result: muftisameen.org is not infected or malware details are not published yet.