Scanned pages/files
Request | Server response | Status |
http://www.a.com.cn/ | 200 OK Content-Length: 52376 Content-Type: text/html | clean |
http://js.adm.cnzz.net/js/abase.js | 200 OK Content-Length: 21394 Content-Type: application/x-javascript | malicious |
Malicious code - confirmed by antiviruses (see below) function FixedRealShow(){return document.body?(this.init.apply(this,arguments),void 0):!1}(function(window){function FnRegister(e,t){return w[e]||(w[e]=t)}function parseParams(e){var t=map[e];return t?{id:e||e,af:t.af||!1,did:t.aid||0,slotType:t.stype,isbefore:t.pop||0,htmlcode:t._html||0,width:t._w||0,height:t._h||0,stime:1e3*t.time||5e3,ptime:1e3*t.parktime||0,loadtime:1e3*t.loadtime||0,closePosition:t.cb||0,scroll:t.sc||0,position:t.pos||0,mleft:t._m_left||0,mtop:t._m_top||0,ip:t.ip||"",isifr Antivirus reports:
| ||
http://www.a.com.cn/statics/js/jquery.js | 200 OK Content-Length: 72174 Content-Type: application/javascript | clean |
http://www.a.com.cn/app/index/reuserstatus | 200 OK Content-Length: 230 Content-Type: text/html | clean |
http://www.a.com.cn/login | 200 OK Content-Length: 13534 Content-Type: text/html | clean |
http://www.a.com.cn/statics/js/Validform_v5.3.2_min.js | 200 OK Content-Length: 20532 Content-Type: application/javascript | clean |
http://v1.cnzz.com/z_stat.php?id=1000413997&web_id=1000413997 | 200 OK Content-Length: 9325 Content-Type: application/javascript | clean |
http://www.a.com.cn/info/sxk/pns/ | 200 OK Content-Length: 26581 Content-Type: text/html | clean |
http://www.a.com.cn/info | HTTP/1.1 301 Moved Permanently Connection: close Date: Sat, 13 Sep 2014 18:00:23 GMT Location: http://www.a.com.cn/info/ Server: Apache Vary: Accept-Encoding Content-Length: 233 Content-Type: text/html; charset=iso-8859-1 | clean |
http://www.a.com.cn/info/ | 200 OK Content-Length: 29760 Content-Type: text/html | clean |
http://www.a.com.cn/statics/js/jquery-1.7.2.min.js | 404 Not Found Content-Length: 6996 Content-Type: text/html | clean |
http://js.bjlcp.com/s1.js | 200 OK Content-Length: 580 Content-Type: application/x-javascript | clean |
http://www.a.com.cn/app/index/userstatus | 200 OK Content-Length: 168 Content-Type: text/html | clean |
http://www.a.com.cn/register | 200 OK Content-Length: 16056 Content-Type: text/html | clean |
http://www.a.com.cn/info/xmtjs | HTTP/1.1 301 Moved Permanently Connection: close Date: Sat, 13 Sep 2014 18:00:27 GMT Location: http://www.a.com.cn/info/xmtjs/ Server: Apache Vary: Accept-Encoding Content-Length: 239 Content-Type: text/html; charset=iso-8859-1 | clean |
http://www.a.com.cn/info/xmtjs/ | 200 OK Content-Length: 26145 Content-Type: text/html | clean |
http://www.a.com.cn/info/sxk | HTTP/1.1 301 Moved Permanently Connection: close Date: Sat, 13 Sep 2014 18:00:28 GMT Location: http://www.a.com.cn/info/sxk/ Server: Apache Vary: Accept-Encoding Content-Length: 237 Content-Type: text/html; charset=iso-8859-1 | clean |
http://www.a.com.cn/info/sxk/ | 200 OK Content-Length: 26574 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: a.com.cn
Result:
GET / HTTP/1.1
Host: a.com.cn
Result:
Second query (visit from search engine):
GET / HTTP/1.1
Host: a.com.cn
Referer: http://www.google.com/search?q=a.com.cn
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: a.com.cn
Referer: http://www.google.com/search?q=a.com.cn
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=a.com.cn
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://a.com.cn/
Result: a.com.cn is not infected or malware details are not published yet.
Result: a.com.cn is not infected or malware details are not published yet.