Scanned pages/files
Request | Server response | Status |
http://nhipdap.biz/ | 200 OK Content-Length: 92398 Content-Type: text/html | suspicious |
Hidden iFrame found. size: 0x0 style: hidden src: http://cif.images.xtstatic.com/tp.gif <iframe src="http://cif.images.xtstatic.com/tp.gif" style="height: 0px;width: 0px;background-color: transparent;border: 0px none transparent;padding: 0px;overflow: hidden;display: none;visibility: hidden;"> Hidden iFrame found. size: 0x0 style: hidden src: http://nojsif.images.xtstatic.com/tp.gif <iframe src="http://nojsif.images.xtstatic.com/tp.gif" style="height: 0px;width: 0px;background-color: transparent;border: 0px none transparent;padding: 0px;overflow: hidden;display: none;visibility: hidden;"> Hidden iFrame found. size: 0x0 style: hidden src: http://enif.images.xtstatic.com/tp.gif <iframe src="http://enif.images.xtstatic.com/tp.gif" style="height: 0px;width: 0px;background-color: transparent;border: 0px none transparent;padding: 0px;overflow: hidden;display: none;visibility: hidden;"> Hidden iFrame found. size: 0x0 style: hidden src: http://disif.images.xtstatic.com/tp.gif <iframe src="http://disif.images.xtstatic.com/tp.gif" style="height: 0px;width: 0px;background-color: transparent;border: 0px none transparent;padding: 0px;overflow: hidden;display: none;visibility: hidden;"> | ||
http://boylamdong.wap.sh/calender.js | 404 Not Found Content-Length: 1766 Content-Type: text/html | clean |
http://boylamdong.wap.sh/test404page.js | 404 Not Found Content-Length: 1769 Content-Type: text/html | clean |
http://sdaik9x.wap.sh/Javas/tinhyeu.js | HTTP/1.1 404 Not Found Connection: close Date: Sun, 14 Sep 2014 04:24:25 GMT Via: 1.1 varnish Age: 0 Vary: Host,Accept-Encoding Content-Type: text/html; charset=UTF-8 P3P: CP="Not supported" X-Varnish: 1517093705 | clean |
http://sdaik9x.wap.sh/ | 200 OK Content-Length: 92462 Content-Type: text/html | suspicious |
Hidden iFrame found. size: 0x0 style: hidden src: http://cif.images.xtstatic.com/tp.gif <iframe src="http://cif.images.xtstatic.com/tp.gif" style="height: 0px;width: 0px;background-color: transparent;border: 0px none transparent;padding: 0px;overflow: hidden;display: none;visibility: hidden;"> Hidden iFrame found. size: 0x0 style: hidden src: http://nojsif.images.xtstatic.com/tp.gif <iframe src="http://nojsif.images.xtstatic.com/tp.gif" style="height: 0px;width: 0px;background-color: transparent;border: 0px none transparent;padding: 0px;overflow: hidden;display: none;visibility: hidden;"> Hidden iFrame found. size: 0x0 style: hidden src: http://enif.images.xtstatic.com/tp.gif <iframe src="http://enif.images.xtstatic.com/tp.gif" style="height: 0px;width: 0px;background-color: transparent;border: 0px none transparent;padding: 0px;overflow: hidden;display: none;visibility: hidden;"> Hidden iFrame found. size: 0x0 style: hidden src: http://disif.images.xtstatic.com/tp.gif <iframe src="http://disif.images.xtstatic.com/tp.gif" style="height: 0px;width: 0px;background-color: transparent;border: 0px none transparent;padding: 0px;overflow: hidden;display: none;visibility: hidden;"> | ||
http://wapvn.mobi/js/cursor.js | 200 OK Content-Length: 6006 Content-Type: application/javascript | clean |
http://sdaik9x.wap.sh/web-old | 200 OK Content-Length: 35187 Content-Type: text/html | suspicious |
Hidden iFrame found. size: 0x0 style: hidden src: http://enif.images.xtstatic.com/tp.gif <iframe src="http://enif.images.xtstatic.com/tp.gif" style="height: 0px;width: 0px;background-color: transparent;border: 0px none transparent;padding: 0px;overflow: hidden;display: none;visibility: hidden;"> Hidden iFrame found. size: 0x0 style: hidden src: http://disif.images.xtstatic.com/tp.gif <iframe src="http://disif.images.xtstatic.com/tp.gif" style="height: 0px;width: 0px;background-color: transparent;border: 0px none transparent;padding: 0px;overflow: hidden;display: none;visibility: hidden;"> Hidden iFrame found. size: 0x0 style: hidden src: http://cif.images.xtstatic.com/tp.gif <iframe src="http://cif.images.xtstatic.com/tp.gif" style="height: 0px;width: 0px;background-color: transparent;border: 0px none transparent;padding: 0px;overflow: hidden;display: none;visibility: hidden;"> Hidden iFrame found. size: 0x0 style: hidden src: http://nojsif.images.xtstatic.com/tp.gif <iframe src="http://nojsif.images.xtstatic.com/tp.gif" style="height: 0px;width: 0px;background-color: transparent;border: 0px none transparent;padding: 0px;overflow: hidden;display: none;visibility: hidden;"> | ||
http://dat007.xtgem.com/Js/Bonggiay.txt | HTTP/1.1 301 Moved Permanently Connection: close Date: Sun, 14 Sep 2014 04:24:28 GMT Via: 1.1 varnish Age: 0 Location: http://dat0007.sextgem.com/Js/Bonggiay.txt Vary: Host,Accept-Encoding Content-Type: text/javascript; charset=utf-8 P3P: CP="Not supported" X-Varnish: 1195039411 | clean |
http://dat0007.sextgem.com/js/bonggiay.txt | 404 Not Found Content-Length: 13158 Content-Type: text/html | suspicious |
Hidden iFrame found. size: 0x0 style: hidden src: http://disif.images.xtstatic.com/tp.gif <iframe src="http://disif.images.xtstatic.com/tp.gif" style="height: 0px;width: 0px;background-color: transparent;border: 0px none transparent;padding: 0px;overflow: hidden;display: none;visibility: hidden;"> Hidden iFrame found. size: 0x0 style: hidden src: http://enif.images.xtstatic.com/tp.gif <iframe src="http://enif.images.xtstatic.com/tp.gif" style="height: 0px;width: 0px;background-color: transparent;border: 0px none transparent;padding: 0px;overflow: hidden;display: none;visibility: hidden;"> Hidden iFrame found. size: 0x0 style: hidden src: http://cif.images.xtstatic.com/tp.gif <iframe src="http://cif.images.xtstatic.com/tp.gif" style="height: 0px;width: 0px;background-color: transparent;border: 0px none transparent;padding: 0px;overflow: hidden;display: none;visibility: hidden;"> Hidden iFrame found. size: 0x0 style: hidden src: http://nojsif.images.xtstatic.com/tp.gif <iframe src="http://nojsif.images.xtstatic.com/tp.gif" style="height: 0px;width: 0px;background-color: transparent;border: 0px none transparent;padding: 0px;overflow: hidden;display: none;visibility: hidden;"> | ||
http://dat007.xtgem.com/codetudong.js | HTTP/1.1 200 OK Connection: close Date: Sun, 14 Sep 2014 04:24:29 GMT Via: 1.1 varnish Age: 0 Vary: Host,Accept-Encoding Content-Type: text/html; charset=UTF-8 P3P: CP="Not supported" Refresh: 5; url=http://dat0007.sextgem.com/codetudong.js X-Varnish: 1687810759 | clean |
http://dat0007.sextgem.com/codetudong.js | 404 Not Found Content-Length: 13154 Content-Type: text/html | suspicious |
Hidden iFrame found. size: 0x0 style: hidden src: http://enif.images.xtstatic.com/tp.gif <iframe src="http://enif.images.xtstatic.com/tp.gif" style="height: 0px;width: 0px;background-color: transparent;border: 0px none transparent;padding: 0px;overflow: hidden;display: none;visibility: hidden;"> Hidden iFrame found. size: 0x0 style: hidden src: http://disif.images.xtstatic.com/tp.gif <iframe src="http://disif.images.xtstatic.com/tp.gif" style="height: 0px;width: 0px;background-color: transparent;border: 0px none transparent;padding: 0px;overflow: hidden;display: none;visibility: hidden;"> Hidden iFrame found. size: 0x0 style: hidden src: http://nojsif.images.xtstatic.com/tp.gif <iframe src="http://nojsif.images.xtstatic.com/tp.gif" style="height: 0px;width: 0px;background-color: transparent;border: 0px none transparent;padding: 0px;overflow: hidden;display: none;visibility: hidden;"> Hidden iFrame found. size: 0x0 style: hidden src: http://cif.images.xtstatic.com/tp.gif <iframe src="http://cif.images.xtstatic.com/tp.gif" style="height: 0px;width: 0px;background-color: transparent;border: 0px none transparent;padding: 0px;overflow: hidden;display: none;visibility: hidden;"> | ||
http://dat0007.sextgem.com/Css/dat.css/2l+.js | 200 OK Content-Length: 744 Content-Type: text/javascript | clean |
http://dat007.xtgem.com/ | HTTP/1.1 200 OK Connection: close Date: Sun, 14 Sep 2014 04:24:30 GMT Via: 1.1 varnish Accept-Ranges: bytes Age: 0 Vary: Host,Accept-Encoding Content-Length: 1010 Content-Type: text/html; charset=UTF-8 P3P: CP="Not supported" Refresh: 5; url=http://dat0007.sextgem.com/ Set-Cookie: XT_transfer_interstitial=1; expires=Mon, 15-Sep-2014 04:24:30 GMT; path=/; domain=.dat007.xtgem.com X-Varnish: 1369272279 | clean |
http://dat0007.sextgem.com/ | 200 OK Content-Length: 34799 Content-Type: text/html | suspicious |
Hidden iFrame found. size: 0x0 style: hidden src: http://nojsif.images.xtstatic.com/tp.gif <iframe src="http://nojsif.images.xtstatic.com/tp.gif" style="height: 0px;width: 0px;background-color: transparent;border: 0px none transparent;padding: 0px;overflow: hidden;display: none;visibility: hidden;"> Hidden iFrame found. size: 0x0 style: hidden src: http://cif.images.xtstatic.com/tp.gif <iframe src="http://cif.images.xtstatic.com/tp.gif" style="height: 0px;width: 0px;background-color: transparent;border: 0px none transparent;padding: 0px;overflow: hidden;display: none;visibility: hidden;"> Hidden iFrame found. size: 0x0 style: hidden src: http://enif.images.xtstatic.com/tp.gif <iframe src="http://enif.images.xtstatic.com/tp.gif" style="height: 0px;width: 0px;background-color: transparent;border: 0px none transparent;padding: 0px;overflow: hidden;display: none;visibility: hidden;"> Hidden iFrame found. size: 0x0 style: hidden src: http://disif.images.xtstatic.com/tp.gif <iframe src="http://disif.images.xtstatic.com/tp.gif" style="height: 0px;width: 0px;background-color: transparent;border: 0px none transparent;padding: 0px;overflow: hidden;display: none;visibility: hidden;"> | ||
http://dat007.xtgem.com/Css/dat.css/2l+.js | HTTP/1.1 301 Moved Permanently Connection: close Date: Sun, 14 Sep 2014 04:24:30 GMT Via: 1.1 varnish Age: 0 Location: http://dat0007.sextgem.com/Css/dat.css/2l .js Vary: Host,Accept-Encoding Content-Type: text/javascript; charset=utf-8 P3P: CP="Not supported" X-Varnish: 623323001 | clean |
http://dat0007.sextgem.com/css/dat.css/2l .js | 404 Not Found Content-Length: 13162 Content-Type: text/html | suspicious |
Hidden iFrame found. size: 0x0 style: hidden src: http://enif.images.xtstatic.com/tp.gif <iframe src="http://enif.images.xtstatic.com/tp.gif" style="height: 0px;width: 0px;background-color: transparent;border: 0px none transparent;padding: 0px;overflow: hidden;display: none;visibility: hidden;"> Hidden iFrame found. size: 0x0 style: hidden src: http://disif.images.xtstatic.com/tp.gif <iframe src="http://disif.images.xtstatic.com/tp.gif" style="height: 0px;width: 0px;background-color: transparent;border: 0px none transparent;padding: 0px;overflow: hidden;display: none;visibility: hidden;"> Hidden iFrame found. size: 0x0 style: hidden src: http://nojsif.images.xtstatic.com/tp.gif <iframe src="http://nojsif.images.xtstatic.com/tp.gif" style="height: 0px;width: 0px;background-color: transparent;border: 0px none transparent;padding: 0px;overflow: hidden;display: none;visibility: hidden;"> Hidden iFrame found. size: 0x0 style: hidden src: http://cif.images.xtstatic.com/tp.gif <iframe src="http://cif.images.xtstatic.com/tp.gif" style="height: 0px;width: 0px;background-color: transparent;border: 0px none transparent;padding: 0px;overflow: hidden;display: none;visibility: hidden;"> | ||
http://dat0007.sextgem.com/Trinhduyetluocweb | 200 OK Content-Length: 5001 Content-Type: text/html | clean |
http://dat0007.sextgem.com/Trinhduyetluocweb/0pera+mini4.2.jar | 200 OK Content-Length: 4914 Content-Type: text/html | clean |
http://dat0007.sextgem.com/Trinhduyetluocweb/0pera mini4.2.jar?xthotlink=KksRHhdVXAoECBFCVFpeXBsBUgYMCg5wd3VzcHJ3fDtzfnFuLiErNXNpIG5kZW16bmJ1bWhmcVFQTFFWU0RcFQ%3D%3D | 200 OK Content-Length: 158526 Content-Type: application/java-archive | clean |
http://dat0007.sextgem.com/Trinhduyetluocweb/Bolt_browser_v1.60.jar | 200 OK Content-Length: 4928 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: nhipdap.biz
Result:
HTTP/1.1 200 OK
Cache-Control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Connection: close
Date: Sun, 14 Sep 2014 04:24:23 GMT
Pragma: no-cache
Via: 1.1 varnish
Age: 0
Vary: Host,Accept-Encoding
Content-Type: text/html; charset=UTF-8
Expires: Wed, 17 Sep 1975 21:32:10 GMT
P3P: CP="Not supported"
Set-Cookie: _xta_uid=5f535b2dfce8d741aabebdbe9c506f9f; expires=Tue, 13-Sep-2016 04:24:23 GMT; path=/; domain=.nhipdap.biz; httponly
Set-Cookie: _xta_vid=c799f8c8b6ee9d385dd3307baacf69e7-1410668663; expires=Sun, 14-Sep-2014 04:54:23 GMT; path=/; domain=.nhipdap.biz; httponly
Set-Cookie: __utmmobile=0x9046ebf2d9f1e8f4; expires=Tue, 13-Sep-2016 04:24:23 GMT; path=/
X-Varnish: 1369268702
GET / HTTP/1.1
Host: nhipdap.biz
Result:
HTTP/1.1 200 OK
Cache-Control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Connection: close
Date: Sun, 14 Sep 2014 04:24:23 GMT
Pragma: no-cache
Via: 1.1 varnish
Age: 0
Vary: Host,Accept-Encoding
Content-Type: text/html; charset=UTF-8
Expires: Wed, 17 Sep 1975 21:32:10 GMT
P3P: CP="Not supported"
Set-Cookie: _xta_uid=5f535b2dfce8d741aabebdbe9c506f9f; expires=Tue, 13-Sep-2016 04:24:23 GMT; path=/; domain=.nhipdap.biz; httponly
Set-Cookie: _xta_vid=c799f8c8b6ee9d385dd3307baacf69e7-1410668663; expires=Sun, 14-Sep-2014 04:54:23 GMT; path=/; domain=.nhipdap.biz; httponly
Set-Cookie: __utmmobile=0x9046ebf2d9f1e8f4; expires=Tue, 13-Sep-2016 04:24:23 GMT; path=/
X-Varnish: 1369268702
Second query (visit from search engine):
GET / HTTP/1.1
Host: nhipdap.biz
Referer: http://www.google.com/search?q=nhipdap.biz
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: nhipdap.biz
Referer: http://www.google.com/search?q=nhipdap.biz
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=nhipdap.biz
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://nhipdap.biz/
Result: nhipdap.biz is not infected or malware details are not published yet.
Result: nhipdap.biz is not infected or malware details are not published yet.