Scanned pages/files
Request | Server response | Status |
http://www.instantcheckmate.com/ | 200 OK Content-Length: 28692 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) var axel = Math.random() + ""; var a = axel * 10000000000000; document.write('<iframe src="https://4402308.fls.doubleclick.net/activityi;src=4402308;type=invmedia;cat=hqFdj0BQ;ord=' + a + '?" width="1" height="1" frameborder="0" style="display:none"></iframe>'); Antivirus reports:
Hidden iFrame found. size: 0x0 style: hidden src: http://20571671p.rfihub.com/ca.html?rb=10525&ca=20571671&ra= <iframe src='http://20571671p.rfihub.com/ca.html?rb=10525&ca=20571671&ra=' style='display:none;padding:0;margin:0' width='0' height='0'> | ||
http://www.instantcheckmate.com/assets/app/person/home/modern-restart/jh-06/jh-06.js | 200 OK Content-Length: 135302 Content-Type: application/x-javascript | clean |
http://www.instantcheckmate.com//www.googleadservices.com/pagead/conversion.js/ | 404 Not Found Content-Length: 29849 Content-Type: text/html | clean |
https://ajax.googleapis.com/ajax/libs/jquery/1.8/jquery.min.js | 200 OK Content-Length: 93637 Content-Type: text/javascript | clean |
http://www.instantcheckmate.com/assets/themes/default/js/theme.js | 200 OK Content-Length: 68902 Content-Type: application/x-javascript | clean |
http://www.instantcheckmate.com/test404page.js | 404 Not Found Content-Length: 29850 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: instantcheckmate.com
Result:
GET / HTTP/1.1
Host: instantcheckmate.com
Result:
Second query (visit from search engine):
GET / HTTP/1.1
Host: instantcheckmate.com
Referer: http://www.google.com/search?q=instantcheckmate.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: instantcheckmate.com
Referer: http://www.google.com/search?q=instantcheckmate.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=instantcheckmate.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://instantcheckmate.com/
Result: instantcheckmate.com is not infected or malware details are not published yet.
Result: instantcheckmate.com is not infected or malware details are not published yet.