Scanned pages/files
Request | Server response | Status |
http://www.rawan-soft.com/ | 200 OK Content-Length: 159929 Content-Type: text/html | clean |
https://ajax.googleapis.com/ajax/libs/jquery/1.7.1/jquery.min.js | 200 OK Content-Length: 93868 Content-Type: text/javascript | clean |
http://w.sharethis.com/button/buttons.js | 200 OK Content-Length: 146744 Content-Type: application/x-javascript | clean |
http://abuiyad.googlecode.com/svn/read-more-right.js | 200 OK Content-Length: 1161 Content-Type: text/plain | clean |
http://abuiyad.googlecode.com/test404page.js | 404 Not Found Content-Length: 1439 Content-Type: text/html | clean |
http://abuiyad.googlecode.com//www.google.com/ | 404 Not Found Content-Length: 1425 Content-Type: text/html | clean |
http://yourjavascript.com/02243316258/related.js | 200 OK Content-Length: 95 Content-Type: text/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) var fan_page_url='https://www.facebook.com/thepro.informatique' var opacity=0.0;var time=50000; Antivirus reports:
| ||
https://d31qbv1cthcecs.cloudfront.net/atrk.js | 200 OK Content-Length: 3580 Content-Type: text/javascript | clean |
http://tqarob.googlecode.com/files/tqarob_bloggerpagenavi.js | 200 OK Content-Length: 3628 Content-Type: text/plain | clean |
http://dl.dropbox.com/u/12924430/contentslider.js | HTTP/1.1 302 FOUND Cache-Control: no-cache Connection: close Date: Thu, 23 Oct 2014 08:55:22 GMT Pragma: no-cache Location: http://dl.dropboxusercontent.com/u/12924430/contentslider.js Server: nginx Content-Type: text/html; charset=utf-8 X-Robots-Tag: noindex, nofollow, noimageindex | clean |
http://dl.dropboxusercontent.com/u/12924430/contentslider.js | HTTP/1.1 302 FOUND Cache-Control: no-cache Connection: Close Date: Thu, 23 Oct 2014 08:55:22 GMT Pragma: no-cache Location: https://dl.dropboxusercontent.com/u/12924430/contentslider.js Server: nginx Content-Length: 146 Content-Type: text/html; charset=utf-8 Set-Cookie: flash=; Domain=dropbox.com; expires=Thu, 23 Oct 2014 08:55:22 GMT; Path=/; httponly Set-Cookie: bang=; Domain=dropbox.com; expires=Thu, 23 Oct 2014 08:55:22 GMT; Path=/; httponly Set-Cookie: uc_session=CcCHlKLdL6qQToRF8wgcOUSXGeDaU6UPgzMTJpR5fVgDzmjzOTf7s5vPWFpzvLDd; Domain=dropboxusercontent.com; Path=/; secure; httponly X-Robots-Tag: noindex, nofollow, noimageindex | clean |
https://dl.dropboxusercontent.com/u/12924430/contentslider.js | 509 Bandwidth Error Content-Length: 469 Content-Type: text/html | clean |
https://www.blogger.com/static/v1/widgets/2499618864-widgets.js | 200 OK Content-Length: 90767 Content-Type: text/javascript | clean |
https://apis.google.com/js/plusone.js | 200 OK Content-Length: 12600 Content-Type: application/javascript | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: rawan-soft.com
Result:
GET / HTTP/1.1
Host: rawan-soft.com
Result:
Second query (visit from search engine):
GET / HTTP/1.1
Host: rawan-soft.com
Referer: http://www.google.com/search?q=rawan-soft.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: rawan-soft.com
Referer: http://www.google.com/search?q=rawan-soft.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=rawan-soft.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://rawan-soft.com/
Result: rawan-soft.com is not infected or malware details are not published yet.
Result: rawan-soft.com is not infected or malware details are not published yet.