Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=kxdyw.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://kxdyw.com/
Result: The website is marked by Yandex as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Yandex as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://kxdyw.com/ | 200 OK Content-Length: 12984 Content-Type: text/html | clean |
http://kxdyw.com/static/js/jquery.1.6.4.min.js | 200 OK Content-Length: 91669 Content-Type: application/x-javascript | clean |
http://kxdyw.com/static/js/jquery.lazyload.min.js | 200 OK Content-Length: 2052 Content-Type: application/x-javascript | clean |
http://kxdyw.com/static/js/pp18610_v2.min.js | 200 OK Content-Length: 30702 Content-Type: application/x-javascript | malicious |
Malicious code - confirmed by antiviruses (see below) (function(f){f.Buffers=function(){this._s=new Array;this.type=false;if(arguments[0]=="queue"){this.type=true}};f.Buffers.prototype={push:function(j){if(arguments.length==0){return false}for(var h=0;h<arguments.length;h++){this._s.push(arguments[h])}return this._s.length},append:function(h){this.push(h)},pop:function(){if(this._s.length==0){return null}else{if(this.type){return this._s.pop()}else{return this._s.shift()}}},getTop:function(){if(this._s.length==0){return null}else{if(this.type){r Antivirus reports:
| ||
http://kxdyw.com/static/js/tuanpub2.3.min.js | 200 OK Content-Length: 9713 Content-Type: application/x-javascript | clean |
http://kxdyw.com/static/js/jquery_ujs.min.js | 200 OK Content-Length: 6562 Content-Type: application/x-javascript | clean |
http://kxdyw.com/static/js/taopi18610_v7.min.js | 200 OK Content-Length: 8717 Content-Type: application/x-javascript | clean |
http://kxdyw.com/static/js/jupub2.0.min.js | 200 OK Content-Length: 7731 Content-Type: application/x-javascript | clean |
http://kxdyw.com/static/js/uedfocusimg.min.js | 200 OK Content-Length: 11807 Content-Type: application/x-javascript | clean |
http://kxdyw.com/static/js/uedflash.min.js | 200 OK Content-Length: 3438 Content-Type: application/x-javascript | clean |
http://kxdyw.com/static/js/logopatch.min.js | 200 OK Content-Length: 293 Content-Type: application/x-javascript | clean |
http://kxdyw.com/static/js/index1.5.min.js | 200 OK Content-Length: 13562 Content-Type: application/x-javascript | clean |
http://kxdyw.com/data/static/361c81b8c145b7b1dca08b1bb6800ef6.js?2013042875 | 200 OK Content-Length: 116517 Content-Type: application/x-javascript | clean |
http://kxdyw.com/index.php?m=user&a=login | 200 OK Content-Length: 12767 Content-Type: text/html | clean |
http://kxdyw.com/static/js/jquery/jquery.js | 200 OK Content-Length: 91556 Content-Type: application/x-javascript | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: kxdyw.com
Result:
HTTP/1.1 200 OK
Cache-Control: private
Connection: close
Date: Sun, 20 Apr 2014 22:43:12 GMT
Pragma: no-cache
Server: Microsoft-IIS/6.0
Content-Type: text/html; charset=utf-8
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Set-Cookie: PHPSESSID=n6up887baiissrk72ugoukor62; path=/
X-Powered-By: Ftxia 4.0
GET / HTTP/1.1
Host: kxdyw.com
Result:
HTTP/1.1 200 OK
Cache-Control: private
Connection: close
Date: Sun, 20 Apr 2014 22:43:12 GMT
Pragma: no-cache
Server: Microsoft-IIS/6.0
Content-Type: text/html; charset=utf-8
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Set-Cookie: PHPSESSID=n6up887baiissrk72ugoukor62; path=/
X-Powered-By: Ftxia 4.0
Second query (visit from search engine):
GET / HTTP/1.1
Host: kxdyw.com
Referer: http://www.google.com/search?q=kxdyw.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: kxdyw.com
Referer: http://www.google.com/search?q=kxdyw.com
Result:
The result is similar to the first query. There are no suspicious redirects found.