Scanned pages/files
Request | Server response | Status |
http://cinedanoite.com/ | HTTP/1.1 301 Moved Permanently Connection: close Date: Mon, 29 Sep 2014 19:52:25 GMT Location: http://www.cinedanoite.com/ Server: ghs Content-Length: 224 Content-Type: text/html; charset=UTF-8 Alternate-Protocol: 80:quic,p=0.01 X-Frame-Options: SAMEORIGIN X-XSS-Protection: 1; mode=block | clean |
http://www.cinedanoite.com/ | 200 OK Content-Length: 77423 Content-Type: text/html | malicious |
Malicious code found. Script contains blacklisted domain: www.abu-farhan.com eval(function(p,a,c,k,e,r){e=function(c){return(c<a?'':e(parseInt(c/a)))+((c=c%a)>35?String.fromCharCode(c+29):c.toString(36))};if(!''.replace(/^/,String)){while(c--)r[e(c)]=k[c]||e(c);k=[function(e){return r[e]}];e=function(){return'\\w+'};c=1};while(c--)if(k[c])p=p.replace(new RegExp('\\b'+e(c)+'\\b','g'),k[c]);return p}('6 I;6 i;6 f;6 n;1f();C 1g(15){6 5=\'\';J=K(N/2);4(J==N-J){N=J*2+1}A=f-J;4(A<1)A=1;d=K(15/j)+1;4(d-1==15/j)d=d-1;D=A+N-1;4(D ...[3766 bytes skipped]... Decoded script: ...[2527 bytes skipped]... a></span>'}}var nextnomer=parseInt(nomerhal)+1;if(nomerhal<maksimal){if(jenis=="page"){html+='<span class="showpageNum"><a href="#" onclick="redirectpage('+nextnomer+');return false">'+downPageWord+'</a></span>'}else{html+='<span class="showpageNum"><a href="#" onclick="redirectlabel('+nextnomer+');return false">'+downPageWord+'</a></span>'}}html+='<div><a href="http://www.abu-farhan.com" style="font-size: 0pt; display: none; margin: 10px;" target="_blank">Widget by Abu-farhan</a></div>';var pageArea=document.getElementsByName("pageArea");var blogPager=document.getElementById("blog-pager");for(var p=0;p<pageArea.length;p++){pageArea[p].innerHTML=html}if(pageArea&&pageArea.length>0){html=''}if(blogPager){blogPager.innerHTML=html}}function hitungtotaldata(root){var feed=root.feed;var totaldata=parseInt(feed.openSearch$totalResults.$t,10 ...[7862 bytes skipped]... Hidden iFrame found. size: 0x0 src: http://blog-pager.blogspot.com.br/ <iframe frameborder='no' height='0' scrolling='no' src='http://blog-pager.blogspot.com.br/' width='0'> | ||
http://connect.facebook.net/pt_BR/all.js | 200 OK Content-Length: 163677 Content-Type: application/x-javascript | clean |
http://dl.dropbox.com/u/73202541/blogger.js | HTTP/1.1 302 FOUND Cache-Control: no-cache Connection: close Date: Mon, 29 Sep 2014 19:52:28 GMT Pragma: no-cache Location: http://dl.dropboxusercontent.com/u/73202541/blogger.js Server: nginx Content-Type: text/html; charset=utf-8 | clean |
http://dl.dropboxusercontent.com/u/73202541/blogger.js | HTTP/1.1 302 FOUND Cache-Control: no-cache Connection: Close Date: Mon, 29 Sep 2014 19:52:28 GMT Pragma: no-cache Location: https://dl.dropboxusercontent.com/u/73202541/blogger.js Server: nginx Content-Length: 140 Content-Type: text/html; charset=utf-8 Set-Cookie: flash=; Domain=dropbox.com; expires=Mon, 29 Sep 2014 19:52:28 GMT; Path=/; httponly Set-Cookie: bang=; Domain=dropbox.com; expires=Mon, 29 Sep 2014 19:52:28 GMT; Path=/; httponly Set-Cookie: uc_session=U7XbN7ET13gNF9uZlCHojHKy1rd7gF1uDYA4oElETOKlQDtoynJZ7rCHliReGiSb; Domain=dropboxusercontent.com; Path=/; secure; httponly | clean |
https://dl.dropboxusercontent.com/u/73202541/blogger.js | 404 Not Found Content-Length: 613 Content-Type: text/html | clean |
http://dl.dropboxusercontent.com/test404page.js | 404 Not Found Content-Length: 613 Content-Type: text/html | clean |
http://dl.dropbox.com/u/77633893/data-post.js | HTTP/1.1 302 FOUND Cache-Control: no-cache Connection: close Date: Mon, 29 Sep 2014 19:52:30 GMT Pragma: no-cache Location: http://dl.dropboxusercontent.com/u/77633893/data-post.js Server: nginx Content-Type: text/html; charset=utf-8 | clean |
http://dl.dropboxusercontent.com/u/77633893/data-post.js | HTTP/1.1 302 FOUND Cache-Control: no-cache Connection: Close Date: Mon, 29 Sep 2014 19:52:30 GMT Pragma: no-cache Location: https://dl.dropboxusercontent.com/u/77633893/data-post.js Server: nginx Content-Length: 142 Content-Type: text/html; charset=utf-8 Set-Cookie: flash=; Domain=dropbox.com; expires=Mon, 29 Sep 2014 19:52:30 GMT; Path=/; httponly Set-Cookie: bang=; Domain=dropbox.com; expires=Mon, 29 Sep 2014 19:52:30 GMT; Path=/; httponly Set-Cookie: uc_session=054FbVU0jdePORmdD0XdTLEIL1F6veGWO5dbPf7eh9BR7XFYrZvBIIbENss4GYQE; Domain=dropboxusercontent.com; Path=/; secure; httponly | clean |
https://dl.dropboxusercontent.com/u/77633893/data-post.js | 404 Not Found Content-Length: 613 Content-Type: text/html | clean |
http://code.jquery.com/jquery-1.6.2.min.js | 200 OK Content-Length: 91556 Content-Type: application/x-javascript | clean |
http://s7.addthis.com/js/250/addthis_widget.js | 200 OK Content-Length: 6875 Content-Type: text/javascript | clean |
http://dl.dropbox.com/u/93265919/efeitoimagens/blogger.js | HTTP/1.1 302 FOUND Cache-Control: no-cache Connection: close Date: Mon, 29 Sep 2014 19:52:32 GMT Pragma: no-cache Location: http://dl.dropboxusercontent.com/u/93265919/efeitoimagens/blogger.js Server: nginx Content-Type: text/html; charset=utf-8 | clean |
http://dl.dropboxusercontent.com/u/93265919/efeitoimagens/blogger.js | HTTP/1.1 302 FOUND Cache-Control: no-cache Connection: Close Date: Mon, 29 Sep 2014 19:52:32 GMT Pragma: no-cache Location: https://dl.dropboxusercontent.com/u/93265919/efeitoimagens/blogger.js Server: nginx Content-Length: 154 Content-Type: text/html; charset=utf-8 Set-Cookie: flash=; Domain=dropbox.com; expires=Mon, 29 Sep 2014 19:52:32 GMT; Path=/; httponly Set-Cookie: bang=; Domain=dropbox.com; expires=Mon, 29 Sep 2014 19:52:32 GMT; Path=/; httponly Set-Cookie: uc_session=k4kRhqsxY7Ba0EhlM5yEi0fCPvCHwX2WRwBuT37mXcpiJsRHmPqyeEWj1vwsRocS; Domain=dropboxusercontent.com; Path=/; secure; httponly | clean |
https://dl.dropboxusercontent.com/u/93265919/efeitoimagens/blogger.js | 404 Not Found Content-Length: 613 Content-Type: text/html | clean |
http://dl.dropbox.com/u/93265919/efeitoimagens/data-post.js | HTTP/1.1 302 FOUND Cache-Control: no-cache Connection: close Date: Mon, 29 Sep 2014 19:52:33 GMT Pragma: no-cache Location: http://dl.dropboxusercontent.com/u/93265919/efeitoimagens/data-post.js Server: nginx Content-Type: text/html; charset=utf-8 | clean |
http://dl.dropboxusercontent.com/u/93265919/efeitoimagens/data-post.js | HTTP/1.1 302 FOUND Cache-Control: no-cache Connection: Close Date: Mon, 29 Sep 2014 19:52:34 GMT Pragma: no-cache Location: https://dl.dropboxusercontent.com/u/93265919/efeitoimagens/data-post.js Server: nginx Content-Length: 156 Content-Type: text/html; charset=utf-8 Set-Cookie: flash=; Domain=dropbox.com; expires=Mon, 29 Sep 2014 19:52:34 GMT; Path=/; httponly Set-Cookie: bang=; Domain=dropbox.com; expires=Mon, 29 Sep 2014 19:52:34 GMT; Path=/; httponly Set-Cookie: uc_session=7UdLWqZquuYFxOq3ycLEORheUd0JclKvEog0vGqm1w1vbwjaAynGR1wN2g3ms8vl; Domain=dropboxusercontent.com; Path=/; secure; httponly | clean |
https://dl.dropboxusercontent.com/u/93265919/efeitoimagens/data-post.js | 404 Not Found Content-Length: 613 Content-Type: text/html | clean |
http://adspaces.ero-advertising.com/adspace/253547.js | 200 OK Content-Length: 0 Content-Type: application/javascript | clean |
http://adspaces.ero-advertising.com/adspace/253541.js | 200 OK Content-Length: 0 Content-Type: application/javascript | clean |
http://adspaces.ero-advertising.com/adspace/257049.js | 200 OK Content-Length: 0 Content-Type: application/javascript | clean |
http://adspaces.ero-advertising.com/adspace/253543.js | 200 OK Content-Length: 0 Content-Type: application/javascript | clean |
http://adspaces.ero-advertising.com/adspace/253544.js | 200 OK Content-Length: 0 Content-Type: application/javascript | clean |
http://adspaces.ero-advertising.com/adspace/253545.js | 200 OK Content-Length: 0 Content-Type: application/javascript | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: cinedanoite.com
Result:
HTTP/1.1 301 Moved Permanently
Connection: close
Date: Mon, 29 Sep 2014 19:52:25 GMT
Location: http://www.cinedanoite.com/
Server: ghs
Content-Length: 224
Content-Type: text/html; charset=UTF-8
Alternate-Protocol: 80:quic,p=0.01
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
...224 bytes of data.
GET / HTTP/1.1
Host: cinedanoite.com
Result:
HTTP/1.1 301 Moved Permanently
Connection: close
Date: Mon, 29 Sep 2014 19:52:25 GMT
Location: http://www.cinedanoite.com/
Server: ghs
Content-Length: 224
Content-Type: text/html; charset=UTF-8
Alternate-Protocol: 80:quic,p=0.01
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
...224 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: cinedanoite.com
Referer: http://www.google.com/search?q=cinedanoite.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: cinedanoite.com
Referer: http://www.google.com/search?q=cinedanoite.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=cinedanoite.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://cinedanoite.com/
Result: cinedanoite.com is not infected or malware details are not published yet.
Result: cinedanoite.com is not infected or malware details are not published yet.