Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=rlxl.com
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://rlxl.com/ | HTTP/1.1 200 OK Date: Thu, 21 Aug 2014 00:54:04 GMT Accept-Ranges: bytes ETag: "64e376f6e57cf1:61fa" Server: Microsoft-IIS/6.0 Content-Length: 28269 Content-Location: http://rlxl.com/index.html Content-Type: text/html Last-Modified: Sun, 13 Apr 2014 23:14:03 GMT X-Powered-By: ASP.NET | clean |
http://rlxl.com/index.html | 200 OK Content-Length: 28269 Content-Type: text/html | clean |
http://js.gaoduan.cc/page/?s=11 | 200 OK Content-Length: 12 Content-Type: text/html | clean |
http://js.gaoduan.cc/test404page.js | HTTP/1.1 301 Moved Permanently Connection: close Date: Thu, 21 Aug 2014 01:02:29 GMT Location: http://www.gaoduan.cc/test404page.js Server: nginx/1.0.15 Content-Length: 185 Content-Type: text/html | clean |
http://www.gaoduan.cc/test404page.js | 404 Not Found Content-Length: 2877 Content-Type: text/html | clean |
http://www.gaoduan.cc/ | 200 OK Content-Length: 40515 Content-Type: text/html | clean |
http://www.gaoduan.cc/templates/index/js/jquery-1.4.2.min.js | 200 OK Content-Length: 72174 Content-Type: application/x-javascript | clean |
http://www.gaoduan.cc/templates/index/js/mobanwang.js | 200 OK Content-Length: 4671 Content-Type: application/x-javascript | clean |
http://www.gaoduan.cc/templates/index/js/indexban.js | 200 OK Content-Length: 4035 Content-Type: application/x-javascript | clean |
http://www.gaoduan.cc/templates/index/js/passport.js | 200 OK Content-Length: 1641 Content-Type: application/x-javascript | clean |
http://www.gaoduan.cc/javascript/function.js | 200 OK Content-Length: 9591 Content-Type: application/x-javascript | clean |
http://www.gaoduan.cc/templates/index/js/base.js | 200 OK Content-Length: 10019 Content-Type: application/x-javascript | clean |
http://www.gaoduan.cc/templates/index/js/jquery-1.7.2.min.js | 200 OK Content-Length: 94843 Content-Type: application/x-javascript | clean |
http://www.gaoduan.cc/templates/index/js/jquery.flexslider-min.js | 200 OK Content-Length: 21414 Content-Type: application/x-javascript | clean |
http://www.gaoduan.cc/templates/index/js/scrolltopcontrol.js | 200 OK Content-Length: 2717 Content-Type: application/x-javascript | clean |
http://www.gaoduan.cc/templates/index/js/qq.js | 200 OK Content-Length: 8917 Content-Type: application/x-javascript | clean |
http://mysql1.bb800.com:7777/qq//jsgetJS?uid=31 | 200 OK Content-Length: 11088 | suspicious |
Hidden iFrame found. size: 0x0 src: http://ui.ptlogin2.qq.com/cgi-bin/login?hide_title_bar=1&low_login=0&qlogin_auto_login=1&no_verifyimg=1&link_target=blank&appid=100270393&style=12&target=self&s_url=http%3a//qzs.qq.com/qzone/v5/loginsucc.html?para=izone&pt_qr_app=%ca%d6%bb%faqq%bf%d5%bc%e4&pt_qr_link=http%3a//z.qzone.com/download.html&self_regurl=http%3a//qzs.qq.com/qzone/v6/reg/index.html&pt_qr_help_link=http%3a//z.qzone.com/download.html <iframe id='login_frame' height='0' scrolling='auto' width='0' frameborder='0' src='http://ui.ptlogin2.qq.com/cgi-bin/login?hide_title_bar=1&low_login=0&qlogin_auto_login=1&no_verifyimg=1&link_target=blank&appid=100270393&style=12&target=self&s_url=http%3a//qzs.qq.com/qzone/v5/loginsucc.html?para=izone&pt_qr_app=%ca%d6%bb%faqq%bf%d5%bc%e4&pt_qr_link=http%3a//z.qzone.com/download.html&self_regurl=http%3a//qzs.qq.com/qzone/v6/reg/index.html&pt_qr_help_link=http%3a//z.qzone.com/download.html'> |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: rlxl.com
Result:
HTTP/1.1 200 OK
Date: Thu, 21 Aug 2014 00:54:04 GMT
Accept-Ranges: bytes
ETag: "64e376f6e57cf1:61fa"
Server: Microsoft-IIS/6.0
Content-Length: 28269
Content-Location: http://rlxl.com/index.html
Content-Type: text/html
Last-Modified: Sun, 13 Apr 2014 23:14:03 GMT
X-Powered-By: ASP.NET
...28269 bytes of data.
GET / HTTP/1.1
Host: rlxl.com
Result:
HTTP/1.1 200 OK
Date: Thu, 21 Aug 2014 00:54:04 GMT
Accept-Ranges: bytes
ETag: "64e376f6e57cf1:61fa"
Server: Microsoft-IIS/6.0
Content-Length: 28269
Content-Location: http://rlxl.com/index.html
Content-Type: text/html
Last-Modified: Sun, 13 Apr 2014 23:14:03 GMT
X-Powered-By: ASP.NET
...28269 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: rlxl.com
Referer: http://www.google.com/search?q=rlxl.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: rlxl.com
Referer: http://www.google.com/search?q=rlxl.com
Result:
The result is similar to the first query. There are no suspicious redirects found.