Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=edauser.info
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://edauser.info/ | 200 OK Content-Length: 26661 Content-Type: text/html | suspicious |
Page code contains blacklisted domain: xaxa.in <script language='javascript' charset='UTF-8' type='text/javascript' src='http://ddlloads.com/analytics.js'></script><script language='javascript' charset='UTF-8' type='text/javascript' src='http://ddlloads.com/analytics.js'></script><script language='javascript' charset='UTF-8' type='text/javascript' src='http://ddlloads.com/analytics.js'></script><script language='javascript' charset='UTF-8' type='text/javas ...[4100 bytes skipped]... | ||
http://ddlloads.com/analytics.js | 200 OK Content-Length: 7933 Content-Type: application/x-javascript | clean |
http://edauser.info/engine/classes/js/jquery.js | 200 OK Content-Length: 78601 Content-Type: application/javascript | clean |
http://edauser.info/engine/classes/js/jqueryui.js | 200 OK Content-Length: 64128 Content-Type: application/javascript | clean |
http://edauser.info/engine/classes/js/dle_js.js | 200 OK Content-Length: 15271 Content-Type: application/javascript | clean |
http://xaxa.in/analytics.js | 200 OK Content-Length: 7933 Content-Type: application/x-javascript | clean |
http://gmoby.ru/analytics.js | 200 OK Content-Length: 7933 Content-Type: application/x-javascript | clean |
http://asphalt7-android.org/analytics.js | 200 OK Content-Length: 7933 Content-Type: application/x-javascript | clean |
http://mobapeople.com/6h3mo39hhjx5eb8l0flgyc13skikuus5 | 200 OK Content-Length: 7958 Content-Type: text/javascript | clean |
http://edauser.info/index.php?do=feedback | 200 OK Content-Length: 21778 Content-Type: text/html | suspicious |
Page code contains blacklisted domain: xaxa.in <script language='javascript' charset='UTF-8' type='text/javascript' src='http://ddlloads.com/analytics.js'></script><script language='javascript' charset='UTF-8' type='text/javascript' src='http://ddlloads.com/analytics.js'></script><script language='javascript' charset='UTF-8' type='text/javascript' src='http://ddlloads.com/analytics.js'></script><script language='javascript' charset='UTF-8' type='text/javas ...[4104 bytes skipped]... | ||
http://edauser.info/index.php?do=register | 200 OK Content-Length: 22373 Content-Type: text/html | suspicious |
Page code contains blacklisted domain: xaxa.in <script language='javascript' charset='UTF-8' type='text/javascript' src='http://ddlloads.com/analytics.js'></script><script language='javascript' charset='UTF-8' type='text/javascript' src='http://ddlloads.com/analytics.js'></script><script language='javascript' charset='UTF-8' type='text/javascript' src='http://ddlloads.com/analytics.js'></script><script language='javascript' charset='UTF-8' type='text/javas ...[4104 bytes skipped]... | ||
http://edauser.info/rss.xml | 200 OK Content-Length: 19917 Content-Type: text/html | clean |
http://edauser.info/test404page.js | 404 Not Found Content-Length: 12839 Content-Type: text/html | clean |
http://code.jquery.com/jquery-1.9.1.js | 200 OK Content-Length: 268381 Content-Type: application/x-javascript | clean |
http://suspended.hostgator.com/js/simple-expand.min.js | 200 OK Content-Length: 2782 Content-Type: application/javascript | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: edauser.info
Result:
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Thu, 28 Aug 2014 21:00:28 GMT
Pragma: no-cache
Server: nginx/1.6.1
Content-Length: 26661
Content-Type: text/html; charset=WINDOWS-1251
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Set-Cookie: PHPSESSID=c8ed66e924c79487d93995e7cd004ede; path=/
Set-Cookie: dle_user_id=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.edauser.info; httponly
Set-Cookie: dle_password=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.edauser.info; httponly
Set-Cookie: dle_hash=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.edauser.info; httponly
...26661 bytes of data.
GET / HTTP/1.1
Host: edauser.info
Result:
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Thu, 28 Aug 2014 21:00:28 GMT
Pragma: no-cache
Server: nginx/1.6.1
Content-Length: 26661
Content-Type: text/html; charset=WINDOWS-1251
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Set-Cookie: PHPSESSID=c8ed66e924c79487d93995e7cd004ede; path=/
Set-Cookie: dle_user_id=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.edauser.info; httponly
Set-Cookie: dle_password=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.edauser.info; httponly
Set-Cookie: dle_hash=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.edauser.info; httponly
...26661 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: edauser.info
Referer: http://www.google.com/search?q=edauser.info
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: edauser.info
Referer: http://www.google.com/search?q=edauser.info
Result:
The result is similar to the first query. There are no suspicious redirects found.