Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=za.2.cqcounter.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://za.2.cqcounter.com/
Result: The website is marked by Yandex as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Yandex as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://za.2.cqcounter.com/ | HTTP/1.1 302 Moved Temporarily Connection: close Date: Mon, 25 Aug 2014 20:52:23 GMT Location: http://cqcounter.com/ Server: Apache Content-Type: text/html; charset=ISO-8859-1 | clean |
http://cqcounter.com/ | 200 OK Content-Length: 10167 Content-Type: text/html | clean |
http://cqcounter.com/?reg | 200 OK Content-Length: 19357 Content-Type: text/html | clean |
http://cqcounter.com/?settings | 200 OK Content-Length: 10272 Content-Type: text/html | clean |
http://cqcounter.com/?faq | 200 OK Content-Length: 18586 Content-Type: text/html | clean |
http://cqcounter.com/siteinfo/ | 200 OK Content-Length: 9949 Content-Type: text/html | clean |
http://partner.googleadservices.com/gampad/google_service.js | 200 OK Content-Length: 3868 Content-Type: text/javascript | clean |
http://cqcounter.com/whois/ | 200 OK Content-Length: 10920 Content-Type: text/html | clean |
http://cqcounter.com/traceroute/ | 200 OK Content-Length: 9107 Content-Type: text/html | clean |
http://n1.dlcache.com/whois/script.js | 200 OK Content-Length: 1051 Content-Type: application/x-javascript | suspicious |
Page code contains blacklisted domain: www.cqcounter.com ...[577 bytes skipped]... ,2,0,0,0,1,1,2); var agn = Array("left","center","right"); var tbl = document.getElementById(id); var row = tbl.tBodies[0].insertRow(tbl.tBodies[0].rows.length); for (i=0;i<10;i++) { cell = row.insertCell(i); if ((i==6) && (data[10]!="")) { node = image("http://n1.dlcache.com/flags/"+data[10]+".gif"); cell.appendChild(node); } (i==4) ? node = anchor('http://www.cqcounter.com/whois/?query='+data[i],'_blank',data[i]): node = text(data[i]); cell.appendChild(node); cell.className = 'vtrc'; cell.setAttribute('align',agn[ali[i]]); } } | ||
http://pagead2.googlesyndication.com/pagead/show_ads.js | 200 OK Content-Length: 21183 Content-Type: text/javascript | clean |
http://cqcounter.com/link/ | 200 OK Content-Length: 8411 Content-Type: text/html | clean |
http://63.231.252.75:8080/code.js | 500 timeout Content-Length: 30 Content-Type: text/plain | clean |
http://63.231.252.75:8080/test404page.js | 500 timeout Content-Length: 30 Content-Type: text/plain | clean |
http://cqcounter.com/rbl_check/ | 200 OK Content-Length: 9387 Content-Type: text/html | clean |
http://cqcounter.com/whois/what_is_my_ip.php | 200 OK Content-Length: 14463 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: za.2.cqcounter.com
Result:
HTTP/1.1 302 Moved Temporarily
Connection: close
Date: Mon, 25 Aug 2014 20:52:23 GMT
Location: http://cqcounter.com/
Server: Apache
Content-Type: text/html; charset=ISO-8859-1
GET / HTTP/1.1
Host: za.2.cqcounter.com
Result:
HTTP/1.1 302 Moved Temporarily
Connection: close
Date: Mon, 25 Aug 2014 20:52:23 GMT
Location: http://cqcounter.com/
Server: Apache
Content-Type: text/html; charset=ISO-8859-1
Second query (visit from search engine):
GET / HTTP/1.1
Host: za.2.cqcounter.com
Referer: http://www.google.com/search?q=za.2.cqcounter.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: za.2.cqcounter.com
Referer: http://www.google.com/search?q=za.2.cqcounter.com
Result:
The result is similar to the first query. There are no suspicious redirects found.