Scanned pages/files
Request | Server response | Status |
http://4do.se/ | 200 OK Content-Length: 65391 Content-Type: text/html | suspicious |
Suspicious code. Script contains iFrame. (function(){ var D=new Date(),d=document,b='body',ce='createElement',ac='appendChild',st='style',ds='display',n='none',gi='getElementById'; var i=d[ce]('iframe');i[st][ds]=n;d[gi]("MarketGidScriptRootC11531")[ac](i);try{var iw=i.contentWindow.document;iw.open();iw.writeln("<ht"+"ml><bo"+"dy></bo"+"dy></ht"+"ml>");iw.close();var c=iw[b];} catch(e){var iw=d;var c=d[gi]("MarketGidScriptRootC11531");}var dv=iw[ce]('div');dv.id="MG_ID";dv[st][ds]=n;dv.innerHTML=11531;c[ac](dv); var s=iw[ce]('script');s.async='async';s.defer='defer';s.charset='utf-8';s.src="//jsc.mgid.com/g/2/g2g.fm.11531.js?t="+D.getYear()+D.getMonth()+D.getDate()+D.getHours();c[ac](s);})(); | ||
http://4do.se/js/reflection.js | 200 OK Content-Length: 5051 Content-Type: application/javascript | clean |
http://4do.se/js/effects.js | 200 OK Content-Length: 135509 Content-Type: application/javascript | clean |
http://4do.se//ajax.googleapis.com/ajax/libs/jquery/1.11.1/jquery.min.js/ | 404 Not Found Content-Length: 328 Content-Type: text/html | clean |
http://4do.se/test404page.js | 404 Not Found Content-Length: 284 Content-Type: text/html | clean |
http://4do.se/js/jquery.cookie.js | 200 OK Content-Length: 3121 Content-Type: application/javascript | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: 4do.se
Result:
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Tue, 23 Jun 2015 10:57:10 GMT
Pragma: no-cache
Server: Apache/2.2.22 (Ubuntu)
Vary: Accept-Encoding
Content-Type: text/html; charset=windows-1256
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Set-Cookie: PHPSESSID=veeq7166b67e7fig5mrccqmkk6; path=/
X-Powered-By: PHP/5.3.10-1ubuntu3.18
GET / HTTP/1.1
Host: 4do.se
Result:
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Tue, 23 Jun 2015 10:57:10 GMT
Pragma: no-cache
Server: Apache/2.2.22 (Ubuntu)
Vary: Accept-Encoding
Content-Type: text/html; charset=windows-1256
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Set-Cookie: PHPSESSID=veeq7166b67e7fig5mrccqmkk6; path=/
X-Powered-By: PHP/5.3.10-1ubuntu3.18
Second query (visit from search engine):
GET / HTTP/1.1
Host: 4do.se
Referer: http://www.google.com/search?q=4do.se
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: 4do.se
Referer: http://www.google.com/search?q=4do.se
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=4do.se
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://4do.se/
Result: 4do.se is not infected or malware details are not published yet.
Result: 4do.se is not infected or malware details are not published yet.