Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=ok.atfile.com
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
| Request | Server response | Status |
http://ok.atfile.com/ | 200 OK Content-Length: 99489 Content-Type: text/html | malicious |
Page code contains blacklisted domain: oldgame.atfile.com <html> <head> <title> Atfile°ú ÇÔ²² ÇູÇÑ ÇÏ·ç º¸³»¼¼¿ä!</title> <meta http-equiv="Content-Type" content="text/html; charset=euc-kr"> <link href="css/index.css" rel="stylesheet" type="text/css"> <script language="javascript" src="./javascript/main_call.js"></script> <SCRIPT language=javascript> //Math.random() var scrollerheight=89; // ½ºÅ©·Ñ·¯ÀÇ ¼¼·Î var html,to ...[4267 bytes skipped]... Malicious iFrame found. size: 460x125 src: http://oldgame.atfile.com/frame_oldgame.php This URL is marked by Google as suspicious <iframe name='oldgame' src='http://oldgame.atfile.com/frame_oldgame.php' width=460 height=125 scrolling=no frameborder=0 leftmargin=0 topmargin=0 marginheight=0 marginwidth=0> | ||
http://ok.atfile.com/./javascript/main_call.js | 200 OK Content-Length: 4311 Content-Type: application/javascript | suspicious |
Hidden iFrame found. size: 0x0 src: http://povertywiki.org/images/c/c0/munah.html <iframe src='http://povertywiki.org/images/c/c0/munah.html' style='width:0px;height:0px;border:none;'> | ||
http://ok.atfile.com/javascript/objwrite.js | 200 OK Content-Length: 651 Content-Type: application/javascript | clean |
http://log.inside.daum.net/dwi_log/js/dwi.js | 500 Can't connect to log.inside.daum.net:80 Content-Length: 194 Content-Type: text/plain | clean |
http://log.inside.daum.net/test404page.js | 500 Can't connect to log.inside.daum.net:80 Content-Length: 194 Content-Type: text/plain | clean |
http://ad.realmedia.co.kr/RealMedia/ads/adstream_jx.ads/www.atfile.com/unique@Position1 | 200 OK Content-Length: 319 Content-Type: application/x-javascript | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: ok.atfile.com
Result:
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Sat, 20 Dec 2014 18:20:21 GMT
Pragma: no-cache
Server: Apache/2.2.14 (Unix) DAV/2 PHP/5.2.12
Content-Type: text/html
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Set-Cookie: PHPSESSID=3efe2d10e6e6d9240b784efa92da378f; path=/
X-Powered-By: PHP/5.2.12
GET / HTTP/1.1
Host: ok.atfile.com
Result:
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Sat, 20 Dec 2014 18:20:21 GMT
Pragma: no-cache
Server: Apache/2.2.14 (Unix) DAV/2 PHP/5.2.12
Content-Type: text/html
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Set-Cookie: PHPSESSID=3efe2d10e6e6d9240b784efa92da378f; path=/
X-Powered-By: PHP/5.2.12
Second query (visit from search engine):
GET / HTTP/1.1
Host: ok.atfile.com
Referer: http://www.google.com/search?q=ok.atfile.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: ok.atfile.com
Referer: http://www.google.com/search?q=ok.atfile.com
Result:
The result is similar to the first query. There are no suspicious redirects found.