Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=livingroomcandidate.movingimage.us
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://livingroomcandidate.movingimage.us/
Result: The website is marked by Yandex as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Yandex as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://livingroomcandidate.movingimage.us/ | HTTP/1.1 301 Moved Permanently Connection: close Date: Wed, 30 Jul 2014 21:41:20 GMT Location: http://www.livingroomcandidate.org/ Server: Apache/2.2.3 (Red Hat) Content-Length: 343 Content-Type: text/html; charset=iso-8859-1 | clean |
http://www.livingroomcandidate.org/ | 200 OK Content-Length: 13574 Content-Type: text/html | suspicious |
Page code contains blacklisted domain: www.movingimage.us ...[1418 bytes skipped]... ="header"> <div id="header-top"> <div id="mmi-logo"> <script type="text/javascript"> swfobject.embedSWF( '/flash/logos/logo3.swf', 'mmi-logo', '360', '18', '9.0.0', '/flash/expressInstall.swf', {}, {wmode: 'transparent'}, {} ); </script> <a href="http://www.movingimage.us/"><img src="/images/global/mmi-logo-static.gif" width="360" height="18" alt="Museum of the Moving Image" /></a> </div> </div> <h1 id="header-left"> <a href="/" title="The Living Room Candidate Homepage"><img src="/images/global/logo.gif" width="595" height="53" alt="The Living Room Candidate" /></a> </h1> </div> ...[2272 bytes skipped]... | ||
http://www.livingroomcandidate.org/javascript/jquery.js?f74b19 | 200 OK Content-Length: 32979 Content-Type: application/x-javascript | clean |
http://livingroomcandidate.movingimage.us/javascript/swfobject.js?f74b19 | HTTP/1.1 301 Moved Permanently Connection: close Date: Wed, 30 Jul 2014 21:41:22 GMT Location: http://www.livingroomcandidate.org/javascript/swfobject.js?f74b19 Server: Apache/2.2.3 (Red Hat) Content-Length: 373 Content-Type: text/html; charset=iso-8859-1 | clean |
http://www.livingroomcandidate.org/javascript/swfobject.js?f74b19 | 200 OK Content-Length: 9769 Content-Type: application/x-javascript | clean |
http://livingroomcandidate.movingimage.us/javascript/global.js?f74b19 | HTTP/1.1 301 Moved Permanently Connection: close Date: Wed, 30 Jul 2014 21:41:23 GMT Location: http://www.livingroomcandidate.org/javascript/global.js?f74b19 Server: Apache/2.2.3 (Red Hat) Content-Length: 370 Content-Type: text/html; charset=iso-8859-1 | clean |
http://www.livingroomcandidate.org/javascript/global.js?f74b19 | 200 OK Content-Length: 24738 Content-Type: application/x-javascript | clean |
http://livingroomcandidate.movingimage.us/register | HTTP/1.1 301 Moved Permanently Connection: close Date: Wed, 30 Jul 2014 21:41:25 GMT Location: http://www.livingroomcandidate.org/register Server: Apache/2.2.3 (Red Hat) Content-Length: 351 Content-Type: text/html; charset=iso-8859-1 | clean |
http://www.livingroomcandidate.org/register | 200 OK Content-Length: 18696 Content-Type: text/html | suspicious |
Page code contains blacklisted domain: www.movingimage.us ...[1429 bytes skipped]... ="header"> <div id="header-top"> <div id="mmi-logo"> <script type="text/javascript"> swfobject.embedSWF( '/flash/logos/logo1.swf', 'mmi-logo', '360', '18', '9.0.0', '/flash/expressInstall.swf', {}, {wmode: 'transparent'}, {} ); </script> <a href="http://www.movingimage.us/"><img src="/images/global/mmi-logo-static.gif" width="360" height="18" alt="Museum of the Moving Image" /></a> </div> </div> <h1 id="header-left"> <a href="/" title="The Living Room Candidate Homepage"><img src="/images/global/logo.gif" width="595" height="53" alt="The Living Room Candidate" /></a> <on value="Canada">Array</option> ...[2625 bytes skipped]... | ||
http://www.livingroomcandidate.org/javascript/jquery.js?e89efd | 200 OK Content-Length: 32979 Content-Type: application/x-javascript | clean |
http://livingroomcandidate.movingimage.us/javascript/swfobject.js?e89efd | HTTP/1.1 301 Moved Permanently Connection: close Date: Wed, 30 Jul 2014 21:41:26 GMT Location: http://www.livingroomcandidate.org/javascript/swfobject.js?e89efd Server: Apache/2.2.3 (Red Hat) Content-Length: 373 Content-Type: text/html; charset=iso-8859-1 | clean |
http://www.livingroomcandidate.org/javascript/swfobject.js?e89efd | 200 OK Content-Length: 9769 Content-Type: application/x-javascript | clean |
http://livingroomcandidate.movingimage.us/javascript/global.js?e89efd | HTTP/1.1 301 Moved Permanently Connection: close Date: Wed, 30 Jul 2014 21:41:27 GMT Location: http://www.livingroomcandidate.org/javascript/global.js?e89efd Server: Apache/2.2.3 (Red Hat) Content-Length: 370 Content-Type: text/html; charset=iso-8859-1 | clean |
http://www.livingroomcandidate.org/javascript/global.js?e89efd | 200 OK Content-Length: 24738 Content-Type: application/x-javascript | clean |
http://livingroomcandidate.movingimage.us/signin | HTTP/1.1 301 Moved Permanently Connection: close Date: Wed, 30 Jul 2014 21:41:29 GMT Location: http://www.livingroomcandidate.org/signin Server: Apache/2.2.3 (Red Hat) Content-Length: 349 Content-Type: text/html; charset=iso-8859-1 | clean |
http://www.livingroomcandidate.org/signin | 200 OK Content-Length: 5552 Content-Type: text/html | suspicious |
Page code contains blacklisted domain: www.movingimage.us ...[1428 bytes skipped]... ="header"> <div id="header-top"> <div id="mmi-logo"> <script type="text/javascript"> swfobject.embedSWF( '/flash/logos/logo3.swf', 'mmi-logo', '360', '18', '9.0.0', '/flash/expressInstall.swf', {}, {wmode: 'transparent'}, {} ); </script> <a href="http://www.movingimage.us/"><img src="/images/global/mmi-logo-static.gif" width="360" height="18" alt="Museum of the Moving Image" /></a> </div> </div> <h1 id="header-left"> <a href="/" title="The Living Room Candidate Homepage"><img src="/images/global/logo.gif" width="595" height="53" alt="The Living Room Candidate" /></a> </ine Resources" /></a></li&g ...[2570 bytes skipped]... | ||
http://www.livingroomcandidate.org/javascript/jquery.js?eaf96e | 200 OK Content-Length: 32979 Content-Type: application/x-javascript | clean |
http://livingroomcandidate.movingimage.us/javascript/swfobject.js?eaf96e | HTTP/1.1 301 Moved Permanently Connection: close Date: Wed, 30 Jul 2014 21:41:30 GMT Location: http://www.livingroomcandidate.org/javascript/swfobject.js?eaf96e Server: Apache/2.2.3 (Red Hat) Content-Length: 373 Content-Type: text/html; charset=iso-8859-1 | clean |
http://www.livingroomcandidate.org/javascript/swfobject.js?eaf96e | 200 OK Content-Length: 9769 Content-Type: application/x-javascript | clean |
http://livingroomcandidate.movingimage.us/javascript/global.js?eaf96e | HTTP/1.1 301 Moved Permanently Connection: close Date: Wed, 30 Jul 2014 21:41:31 GMT Location: http://www.livingroomcandidate.org/javascript/global.js?eaf96e Server: Apache/2.2.3 (Red Hat) Content-Length: 370 Content-Type: text/html; charset=iso-8859-1 | clean |
http://www.livingroomcandidate.org/javascript/global.js?eaf96e | 200 OK Content-Length: 24738 Content-Type: application/x-javascript | clean |
http://livingroomcandidate.movingimage.us/commercials/1952 | HTTP/1.1 301 Moved Permanently Connection: close Date: Wed, 30 Jul 2014 21:41:31 GMT Location: http://www.livingroomcandidate.org/commercials/1952 Server: Apache/2.2.3 (Red Hat) Content-Length: 359 Content-Type: text/html; charset=iso-8859-1 | clean |
http://www.livingroomcandidate.org/commercials/1952 | 200 OK Content-Length: 23426 Content-Type: text/html | suspicious |
Page code contains blacklisted domain: www.movingimage.us ...[1459 bytes skipped]... ="header"> <div id="header-top"> <div id="mmi-logo"> <script type="text/javascript"> swfobject.embedSWF( '/flash/logos/logo2.swf', 'mmi-logo', '360', '18', '9.0.0', '/flash/expressInstall.swf', {}, {wmode: 'transparent'}, {} ); </script> <a href="http://www.movingimage.us/"><img src="/images/global/mmi-logo-static.gif" width="360" height="18" alt="Museum of the Moving Image" /></a> </div> </div> <h1 id="header-left"> <a href="/" title="The Living Room Candidate Homepage"><img src="/images/global/logo.gif" width="595" height="53" alt="The Living952/never-had-it-so-good#3955" title="Never Had It So Good"><img src="/images/co ...[2303 bytes skipped]... | ||
http://www.livingroomcandidate.org/javascript/jquery.js?6e2fbb | 200 OK Content-Length: 32979 Content-Type: application/x-javascript | clean |
http://livingroomcandidate.movingimage.us/javascript/swfobject.js?6e2fbb | HTTP/1.1 301 Moved Permanently Connection: close Date: Wed, 30 Jul 2014 21:41:33 GMT Location: http://www.livingroomcandidate.org/javascript/swfobject.js?6e2fbb Server: Apache/2.2.3 (Red Hat) Content-Length: 373 Content-Type: text/html; charset=iso-8859-1 | clean |
http://www.livingroomcandidate.org/javascript/swfobject.js?6e2fbb | 200 OK Content-Length: 9769 Content-Type: application/x-javascript | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: livingroomcandidate.movingimage.us
Result:
HTTP/1.1 301 Moved Permanently
Connection: close
Date: Wed, 30 Jul 2014 21:41:20 GMT
Location: http://www.livingroomcandidate.org/
Server: Apache/2.2.3 (Red Hat)
Content-Length: 343
Content-Type: text/html; charset=iso-8859-1
...343 bytes of data.
GET / HTTP/1.1
Host: livingroomcandidate.movingimage.us
Result:
HTTP/1.1 301 Moved Permanently
Connection: close
Date: Wed, 30 Jul 2014 21:41:20 GMT
Location: http://www.livingroomcandidate.org/
Server: Apache/2.2.3 (Red Hat)
Content-Length: 343
Content-Type: text/html; charset=iso-8859-1
...343 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: livingroomcandidate.movingimage.us
Referer: http://www.google.com/search?q=livingroomcandidate.movingimage.us
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: livingroomcandidate.movingimage.us
Referer: http://www.google.com/search?q=livingroomcandidate.movingimage.us
Result:
The result is similar to the first query. There are no suspicious redirects found.