Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=support.hafala.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://support.hafala.com/
Result: The website is marked by Yandex as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Yandex as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://support.hafala.com/ | HTTP/1.1 200 OK Date: Mon, 02 Mar 2015 04:27:23 GMT Accept-Ranges: bytes ETag: "42abd63f7dccc91:8193" Server: Microsoft-IIS/6.0 Content-Length: 1212 Content-Location: http://support.hafala.com/index.html Content-Type: text/html Last-Modified: Mon, 04 May 2009 05:57:47 GMT X-Powered-By: ASP.NET | clean |
http://support.hafala.com/index.html | 200 OK Content-Length: 1212 Content-Type: text/html | suspicious |
Page code contains blacklisted domain: hafala.com ...[266 bytes skipped]... 2" /> <title>HAFALA Ö§³ÖÖÐÐÄ 4008-868-060</title> <meta name="keywords" content="HaFaLa Chinese£¬ººÓﺺ×ÖѧϰÖйúÁìÏÈÆ·ÅÆ£¬×î¸ßЧ¿ìËٵĺºÓïѧϰ·½Ê½¡£" /> <meta name="description" content=" HaFaLa Chinese ¡ª¡ªººÓﺺ×ÖѧϰÖйúÁìÏÈÆ·ÅÆ¡£ HaFaLa Chinese ºº×Ö¶¯ÂþѧϰÈí¼þ£¬Ò»¿îÈÃÄúÔÚ¿ìÀֵķÕΧÖÐÌåÑé¿ìËÙµÄѧϰËٶȣ¬²¢³ÊÏֳ־õļÇÒäЧ¹ûµÄºº×Öѧϰ²úÆ·¡£ ¿Í·þµç»°£º4008868060 Ö§³ÖÓÊÏ䣺Service@hafala.com ÉϺ£èºÍ¼¶¯Âþ¿Æ¼¼ÓÐÏÞ¹«Ë¾³öÆ· Öйú-ÉϺ£" /> </head> <frameset rows="192,*" cols="*" frameborder="no" border="0" framespacing="0"> <frame src="/Head.html" name="topFrame" scrolling="No" noresize="noresize" id="topFrame" title="Head" /> <frameset cols="151,*" frameborder="no" border="0" framespacing="0"> <frame src="/left.html" name="leftFrame" scrolling="No" noresize="noresize" id="leftFrame" title="Left" /> < ...[225 bytes skipped]... | ||
http://support.hafala.com/test404page.js | 404 Not Found Content-Length: 1550 Content-Type: text/html | suspicious |
Page code contains blacklisted domain: www.hafala.com ...[603 bytes skipped]... } a:hover { text-decoration: underline; color: #FF3300; } a:active { text-decoration: none; color: #FF6600; } h1 { font-size: 16px; color: #333333; } h2 { font-size: 14px; color: #333333; } h3 { font-size: 14px; color: #6FB7FF; } --> </style></head> <body> <p><img src="http://www.hafala.com/images/hafala_logo.jpg" width="240" height="47" /></p> <hr size="1" noshade="noshade" /> <h3>¶Ô²»Æð!ÄúËù·ÃÎʵÄÒ³Ãæ²»´æÔÚ»òÕßµØÖ·Òѱä¸ü£¬Çë·ÃÎÊÒÔÏÂÕ¾µãÀ´»ñÈ¡ÏàÓ¦µÄ²éѯÐÅÏ¢£º</h3> Èí¼þ¼¤»î·þÎñ»ò²úÆ·Ö§³Ö£º <a href="http://support.hafala.com/activate/" target="_self">http://support.hafala.com/activate</a> <p>ÍøÕ¾Ö÷Ò³£º <a href="http://www.hafala.com" target="_self">http://www.hafala.com</a></p> < ...[465 bytes skipped]... | ||
http://support.hafala.com/activate/ | HTTP/1.1 200 OK Date: Mon, 02 Mar 2015 04:27:26 GMT Accept-Ranges: bytes ETag: "c34e2381dcca1:8193" Server: Microsoft-IIS/6.0 Content-Length: 1228 Content-Location: http://support.hafala.com/activate/index.html Content-Type: text/html Last-Modified: Thu, 15 Apr 2010 09:50:53 GMT X-Powered-By: ASP.NET | clean |
http://support.hafala.com/activate/index.html | 200 OK Content-Length: 1228 Content-Type: text/html | suspicious |
Page code contains blacklisted domain: hafala.com ...[277 bytes skipped]... r/><title>×¢²á¼¤»î - HAFALA Ö§³ÖÖÐÐÄ 4008-868-060</title> <meta name="keywords" content="HaFaLa Chinese£¬ººÓﺺ×ÖѧϰÖйúÁìÏÈÆ·ÅÆ£¬×î¸ßЧ¿ìËٵĺºÓïѧϰ·½Ê½¡£" /> <meta name="description" content=" HaFaLa Chinese ¡ª¡ªººÓﺺ×ÖѧϰÖйúÁìÏÈÆ·ÅÆ¡£ HaFaLa Chinese ºº×Ö¶¯ÂþѧϰÈí¼þ£¬Ò»¿îÈÃÄúÔÚ¿ìÀֵķÕΧÖÐÌåÑé¿ìËÙµÄѧϰËٶȣ¬²¢³ÊÏֳ־õļÇÒäЧ¹ûµÄºº×Öѧϰ²úÆ·¡£ ¿Í·þµç»°£º4008868060 Ö§³ÖÓÊÏ䣺Service@hafala.com ÉϺ£èºÍ¼¶¯Âþ¿Æ¼¼ÓÐÏÞ¹«Ë¾³öÆ· Öйú-ÉϺ£" /> </head> <frameset rows="192,*" cols="*" frameborder="no" border="0" framespacing="0"> <frame src="/Head.html" name="topFrame" scrolling="No" noresize="noresize" id="topFrame" title="Head" /> <frameset cols="151,*" frameborder="no" border="0" framespacing="0"> <frame src="/left.html" name="leftFrame" scrolling="No" noresize="noresize" id="leftFrame" title="Left" /> < ...[230 bytes skipped]... |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: support.hafala.com
Result:
HTTP/1.1 200 OK
Date: Mon, 02 Mar 2015 04:27:23 GMT
Accept-Ranges: bytes
ETag: "42abd63f7dccc91:8193"
Server: Microsoft-IIS/6.0
Content-Length: 1212
Content-Location: http://support.hafala.com/index.html
Content-Type: text/html
Last-Modified: Mon, 04 May 2009 05:57:47 GMT
X-Powered-By: ASP.NET
...1212 bytes of data.
GET / HTTP/1.1
Host: support.hafala.com
Result:
HTTP/1.1 200 OK
Date: Mon, 02 Mar 2015 04:27:23 GMT
Accept-Ranges: bytes
ETag: "42abd63f7dccc91:8193"
Server: Microsoft-IIS/6.0
Content-Length: 1212
Content-Location: http://support.hafala.com/index.html
Content-Type: text/html
Last-Modified: Mon, 04 May 2009 05:57:47 GMT
X-Powered-By: ASP.NET
...1212 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: support.hafala.com
Referer: http://www.google.com/search?q=support.hafala.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: support.hafala.com
Referer: http://www.google.com/search?q=support.hafala.com
Result:
The result is similar to the first query. There are no suspicious redirects found.