Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: ebuttube.com
Result:
HTTP/1.1 200 OK
Cache-Control: no-cache, no-store
Connection: keep-alive
Date: Tue, 30 Jun 2015 13:46:46 GMT
Pragma: no-cache
Server: CJ/1.5
Content-Length: 42127
Content-Type: text/html
Set-Cookie: from=167820216; domain=ebuttube.com; path=/; expires=Wed, 01 Jul 2015 13:46:46 GMT
...42127 bytes of data.
GET / HTTP/1.1
Host: ebuttube.com
Result:
HTTP/1.1 200 OK
Cache-Control: no-cache, no-store
Connection: keep-alive
Date: Tue, 30 Jun 2015 13:46:46 GMT
Pragma: no-cache
Server: CJ/1.5
Content-Length: 42127
Content-Type: text/html
Set-Cookie: from=167820216; domain=ebuttube.com; path=/; expires=Wed, 01 Jul 2015 13:46:46 GMT
...42127 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: ebuttube.com
Referer: http://www.google.com/search?q=ebuttube.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: ebuttube.com
Referer: http://www.google.com/search?q=ebuttube.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Scanned pages/files
| Request | Server response | Status |
http://ebuttube.com/ | 200 OK Content-Length: 42127 Content-Type: text/html | clean |
http://manfys.com/c6e7dc/4d60f2.js | 200 OK Content-Length: 12806 Content-Type: application/javascript | clean |
http://manfys.com/29f/89/9594/c0.js | 200 OK Content-Length: 12806 Content-Type: application/javascript | clean |
http://lookfornews.net/viewt.js | 200 OK Content-Length: 24772 Content-Type: application/x-javascript | clean |
http://v.gfhdkse.com/v/74135 | 200 OK Content-Length: 9840 Content-Type: text/javascript | clean |
http://ddomb.com/dr6/1cd8/902/1.js | 200 OK Content-Length: 20501 Content-Type: application/javascript | clean |
http://njmaq.com/static/cu.js?p=203292&b=571131 | 200 OK Content-Length: 34002 Content-Type: application/javascript | clean |
http://ebuttube.com/669107557-Ìàëîëåòêó-ñ-êîñè÷êàìè-åáóò-è-äàþò-â-ðîò.html | 200 OK Content-Length: 11697 Content-Type: text/html | clean |
http://img.ebuttube.com:8080/jwplayer.js | 200 OK Content-Length: 39107 Content-Type: application/x-javascript | clean |
http://ebuttube.com/aux/showmedia.js | 200 OK Content-Length: 15145 Content-Type: application/x-javascript | clean |
http://v.gfhdkse.com/v/81365 | 200 OK Content-Length: 7456 Content-Type: text/javascript | clean |
http://syndication.exoclick.com/splash.php?idzone=1130460&type=3 | 200 OK Content-Length: 7330 Content-Type: application/x-javascript | clean |
http://ebuttube.com// | 404 Not Found Content-Length: 83 Content-Type: text/html | clean |
http://ebuttube.com/test404page.js | 404 Not Found Content-Length: 83 Content-Type: text/html | clean |
http://ebuttube.com/471950174.html | 200 OK Content-Length: 11439 Content-Type: text/html | clean |
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=ebuttube.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://ebuttube.com/
Result: ebuttube.com is not infected or malware details are not published yet.
Result: ebuttube.com is not infected or malware details are not published yet.