Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=rxcqsifu.com
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://www.rxcqsifu.com/ | 200 OK Content-Length: 240 Content-Type: text/html | suspicious |
Page code contains blacklisted domain: d687ef1ed80f97de.0075.cdn.78302.com <meta http-equiv="Content-Type" content="text/html; charset=gb2312" />
<script language="javascript" type="text/javascript" src="http://d687ef1ed80f97de.0075.cdn.78302.com/nipaiyi/cdn/js/20150220173701001.js?d=www.rxcqsifu.com"></script> | ||
http://d687ef1ed80f97de.0075.cdn.78302.com/nipaiyi/cdn/js/20150220173701001.js?d=www.rxcqsifu.com | 200 OK Content-Length: 40466 Content-Type: application/x-javascript | malicious |
Malicious code found. Script contains blacklisted domain: www.rxcqsifu.com ...[126 bytes skipped]... 1/DTD/xhtml1-transitional.dtd\">"); document.writeln("<html xmlns=\"http://www.w3.org/1999/xhtml\">"); document.writeln("<head>"); document.writeln("<meta http-equiv=\"Content-Type\" content=\"text/html; charset=gb2312\" />"); document.writeln("<title>¡ï¡ï¡ï¡ïåÐң΢±ä¡ï¡ï¡ï¡ï</title>"); document.writeln("<link href=\"http://d687ef1ed80f97de.0075.cdn.78302.com/images/index.css?d=www.rxcqsifu.com\" tppabs=\"http://www.rxcqsifu.com/images/index.css\" rel=\"stylesheet\" type=\"text/css\" />"); document.writeln("<style type=\"text/css\">"); document.writeln("<!--"); document.writeln(".STYLE1 {color:#999999}"); document.writeln(".STYLE2 {"); document.writeln(" font-size:14px;"); document.writeln(" font-weight:bold;"); document.writeln(" color:#FFFF00;"); document.writeln("}"); document.writeln(".STYLE3 {"); documen ...[3500 bytes skipped]... Decoded script: <html><!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=gb2312" /> <title>¡ï¡ï¡ï¡ïåÐң΢±ä¡ï¡ï¡ï¡ï</title> <link href="http://d687ef1ed80f97de.0075.cdn.78302.com/images/index.css?d=www.rxcqsifu.com" tppabs="http://www.rxcqsifu.com/images/index.css" rel="stylesheet" type="text/css" /> <style type="text/css"> <!-- .STYLE1 {color:#999999} .STYLE2 { font-size:14px; font-weight:bold; color:#FFFF00; } .STYLE3 { font-size:14px; font-weight:bold; } .STYLE4 { font-size:16px; font-weight:bold; color:#FFFF00; } .STYLE5 {color:#FF00FF} .STYLE6 {colo ...[35514 bytes skipped]... | ||
http://www.rxcqsifu.com/test404page.js | 404 Not Found Content-Length: 5219 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: rxcqsifu.com
Result:
GET / HTTP/1.1
Host: rxcqsifu.com
Result:
Second query (visit from search engine):
GET / HTTP/1.1
Host: rxcqsifu.com
Referer: http://www.google.com/search?q=rxcqsifu.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: rxcqsifu.com
Referer: http://www.google.com/search?q=rxcqsifu.com
Result:
The result is similar to the first query. There are no suspicious redirects found.