Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=8oxs.com
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
| Request | Server response | Status |
http://www.8oxs.com/ | HTTP/1.1 200 OK Date: Fri, 01 Aug 2014 17:24:20 GMT Accept-Ranges: bytes ETag: "883512ccccaccf1:d62" Server: Microsoft-IIS/6.0 Content-Length: 3838 Content-Location: http://www.8oxs.com/index.html Content-Type: text/html Last-Modified: Thu, 31 Jul 2014 14:36:21 GMT X-Powered-By: ASP.NET | clean |
http://www.8oxs.com/index.html | 200 OK Content-Length: 3838 Content-Type: text/html | clean |
http://www.8oxs.com/js/config.js | 200 OK Content-Length: 6761 Content-Type: application/x-javascript | suspicious |
Page code contains blacklisted domain: cnrdn.com ...[174 bytes skipped]... n = document.domain; var tmpdomain = ""; for(var i=0;i<arydomain.length; i++){ tmpdomain = arydomain[i]; if(domain.indexOf(tmpdomain) != -1){ domain = domain.replace(tmpdomain,""); domain = domain.substring(domain.lastIndexOf(".")+1,domain.length); domain = domain + tmpdomain; break; } } /* ÆäËü */ var cam_url = "js/vip.html"; //ÊÓƵCPSµØÖ· var down_url = "http://cnrdn.com/VqCE"; //QvodÏÂÔصØÖ· var qvodUrl = "/js/down.html"; //QvodÏÂÔصØÖ· /* Ư¸¡ */ var lc_set = true; //×ó¶ÔÁª¹ã¸æ¿ª¹Ø(true¿ª false¹Ø) var rc_set = true; //ÓÒ¶ÔÁª¹ã¸æ¿ª¹Ø(true¿ª false¹Ø) var lf_set = false; //×óϽǹã¸æ¿ª¹Ø(true¿ª false¹Ø) var rf_set = false; //ÓÒϽǹã¸æ¿ª¹Ø(true¿ª false¹Ø) var lc_url = "http://www.yth2222.com/?aff=192902"; //×ó¶ÔÁªÍøÖ· var lc_img = "http://p.qlogo.cn/qqmail_head/ajNVdqHZLLDBk0n81L7pQKR5iakZFEJovyIlB9vN5MBe ...[3366 bytes skipped]... | ||
http://www.8oxs.com/ck.js | 200 OK Content-Length: 1005 Content-Type: application/x-javascript | clean |
http://www.8oxs.com/js/layout.js | 200 OK Content-Length: 12181 Content-Type: application/x-javascript | clean |
http://www.8oxs.com/js/tj.js | 200 OK Content-Length: 77 Content-Type: application/x-javascript | clean |
http://www.8oxs.com/view/15477.html | 200 OK Content-Length: 3500 Content-Type: text/html | suspicious |
Page code contains blacklisted domain: www.xiaosegou.net ...[1525 bytes skipped]... lt;ul class="movieInfoList"> <li class="title">³¯ÈÕÄÎakari á÷ÁÔ</li> <li><em>ÀàÐÍ£º</em><a href="/list/4.html"><strong>Ò°Íⶳö</strong></a></li> <li><em>¸üУº</em>2014-7-31 22:19:49</li> <li><em>×î½üµØÖ·»ñÈ¡£º</em> xsegou@gmail.com</li> <li><em>×î½üµØÖ·»ñÈ¡£º</em> www.xiaosegou.net</li> <li><em>ÍƼö£º</em><a href="javascript:camLink();"><font color="red">ÓëÃÀŮͬ³Ç½»ÓÑ~ÂíÉÏÌåÑé</font></a></li> <li><em>ÍƼö£º</em><a href="javascript:camLink();"><font color="red">ÓëÃÀÅ®¼¤ÇéÂãÁÄ~ÂíÉÏÌåÑé</font></a></li> <div class="bdsharebuttonbox"><a href="#" class="bds_more" data-cmd="more">·ÖÏíµ½£º</a><a href="#" class="bds_copy" ...[2108 bytes skipped]... | ||
http://www.8oxs.com/js/gg.js | 200 OK Content-Length: 294 Content-Type: application/x-javascript | malicious |
Malicious code found. Script contains blacklisted domain: www.xiaosegou.net document.writeln("<div align=\"center\"><strong>Çë½÷¼Ç±¸ÓÃÓòÃû£º<font color=\"#FF0000\" size=\"+2\">www.xiaosegou.net<\/font> ÇëÎñ±Ø¼ÇסÎÒÃǵÄÍøÖ·£¡ÅÂÄúÕÒ²»µ½ÕâôºÃµÄÕ¾£¡<\/strong><strong><font color=\"red\">»ñÈ¡×îеØÖ·£ºxsegou@gmail.com<\/font><\/strong><\/a>");
document.writeln("<\/div>"); Decoded script: <div align="center"><strong>Çë½÷¼Ç±¸ÓÃÓòÃû£º<font color="#FF0000" size="+2">www.xiaosegou.net</font> ÇëÎñ±Ø¼ÇסÎÒÃǵÄÍøÖ·£¡ÅÂÄúÕÒ²»µ½ÕâôºÃµÄÕ¾£¡</strong><strong><font color="red">»ñÈ¡×îеØÖ·£ºxsegou@gmail.com</font></strong></a> </div> | ||
http://www.8oxs.com/js/count.js | 200 OK Content-Length: 77 Content-Type: application/x-javascript | clean |
http://www.8oxs.com/list/4.html | 200 OK Content-Length: 8843 Content-Type: text/html | clean |
http://www.8oxs.com/view/15196.html | 200 OK Content-Length: 3689 Content-Type: text/html | suspicious |
Page code contains blacklisted domain: www.xiaosegou.net ...[1641 bytes skipped]... vieInfoList"> <li class="title">ϲ»¶Ò°Íâ±ä̬¶³öµÄĸÇ× ÝÑÔÖ±ÃÀ</li> <li><em>ÀàÐÍ£º</em><a href="/list/4.html"><strong>Ò°Íⶳö</strong></a></li> <li><em>¸üУº</em>2014-6-14 14:21:24</li> <li><em>×î½üµØÖ·»ñÈ¡£º</em> xsegou@gmail.com</li> <li><em>×î½üµØÖ·»ñÈ¡£º</em> www.xiaosegou.net</li> <li><em>ÍƼö£º</em><a href="javascript:camLink();"><font color="red">ÓëÃÀŮͬ³Ç½»ÓÑ~ÂíÉÏÌåÑé</font></a></li> <li><em>ÍƼö£º</em><a href="javascript:camLink();"><font color="red">ÓëÃÀÅ®¼¤ÇéÂãÁÄ~ÂíÉÏÌåÑé</font></a></li> <div class="bdsharebuttonbox"><a href="#" class="bds_more" data-cmd="more">·ÖÏíµ½£º</a><a href="#" class="bds_copy" ...[2187 bytes skipped]... | ||
http://www.8oxs.com/view/ | 403 Forbidden Content-Length: 218 Content-Type: text/html | clean |
http://www.8oxs.com/test404page.js | HTTP/1.1 404 Not Found Date: Fri, 01 Aug 2014 17:24:27 GMT Server: Microsoft-IIS/6.0 Content-Length: 1071 Content-Type: text/html X-Powered-By: ASP.NET | clean |
http://www.8oxs.com/js/down.html | HTTP/1.1 200 OK Date: Fri, 01 Aug 2014 17:24:28 GMT Accept-Ranges: bytes ETag: "c0dd456b7a92cf1:d62" Server: Microsoft-IIS/6.0 Content-Length: 269 Content-Type: text/html Last-Modified: Sat, 28 Jun 2014 02:41:10 GMT X-Powered-By: ASP.NET | clean |
http://pan.baidu.com/s/1c0pdifi | HTTP/1.1 302 Found Cache-Control: no-cache Connection: close Date: Fri, 01 Aug 2014 17:24:28 GMT Pragma: no-cache Location: http://pan.baidu.com/error/404.html Server: lighttpd Content-Length: 5 Content-Type: text/html P3P: CP=" OTI DSP COR IVA OUR IND COM " Set-Cookie: BAIDUID=A9C3F964CDF76E4A03738132EEBD7333:FG=1; max-age=31536000; expires=Sat, 01-Aug-15 17:24:28 GMT; domain=.baidu.com; path=/; version=1 Set-Cookie: PANWEB=1; expires=Sat, 01-Aug-2015 17:24:28 GMT; path=/; domain=pan.baidu.com X-Powered-By: PHP/5.4.24 Yld: 5113349399773690723 Yme: ZIGW+S0rXEgUdTQESXf+qnFKtOUbSBz2rQpHwyiE | clean |
http://pan.baidu.com/error/404.html | 200 OK Content-Length: 6680 Content-Type: text/html | clean |
http://pan.baidu.com/ppres/static/js/buss/error_all.js | 200 OK Content-Length: 103264 Content-Type: application/x-javascript | clean |
http://www.8oxs.com/ppres/static/thirdparty/header/module_header.js?t=201303212934 | HTTP/1.1 404 Not Found Date: Fri, 01 Aug 2014 17:24:32 GMT Server: Microsoft-IIS/6.0 Content-Length: 1071 Content-Type: text/html X-Powered-By: ASP.NET | clean |
http://www.8oxs.com/player/15196.html?15196-0-0 | 200 OK Content-Length: 3118 Content-Type: text/html | clean |
http://www.8oxs.com/play/play.js | 200 OK Content-Length: 802 Content-Type: application/x-javascript | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: 8oxs.com
Result:
GET / HTTP/1.1
Host: 8oxs.com
Result:
Second query (visit from search engine):
GET / HTTP/1.1
Host: 8oxs.com
Referer: http://www.google.com/search?q=8oxs.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: 8oxs.com
Referer: http://www.google.com/search?q=8oxs.com
Result:
The result is similar to the first query. There are no suspicious redirects found.