Scanned pages/files
| Request | Server response | Status |
http://artis-1199027.jjwxc.net/ | 200 OK Content-Length: 54485 Content-Type: text/html | clean |
http://js.adm.cnzz.net/js/abase.js | 200 OK Content-Length: 21394 Content-Type: application/x-javascript | malicious |
Malicious code - confirmed by antiviruses (see below) function FixedRealShow(){return document.body?(this.init.apply(this,arguments),void 0):!1}(function(window){function FnRegister(e,t){return w[e]||(w[e]=t)}function parseParams(e){var t=map[e];return t?{id:e||e,af:t.af||!1,did:t.aid||0,slotType:t.stype,isbefore:t.pop||0,htmlcode:t._html||0,width:t._w||0,height:t._h||0,stime:1e3*t.time||5e3,ptime:1e3*t.parktime||0,loadtime:1e3*t.loadtime||0,closePosition:t.cb||0,scroll:t.sc||0,position:t.pos||0,mleft:t._m_left||0,mtop:t._m_top||0,ip:t.ip||"",isifr Antivirus reports:
| ||
http://static.jjwxc.net/scripts/jquery-1.8.0.min.js | 200 OK Content-Length: 38395 Content-Type: application/x-javascript | clean |
http://static.jjwxc.net/scripts/jquery.blockUI.pack.js | 200 OK Content-Length: 5485 Content-Type: application/x-javascript | clean |
http://static.jjwxc.net/scripts/jjlogin.js?ver=20140328 | 200 OK Content-Length: 11969 Content-Type: application/x-javascript | clean |
http://static.jjwxc.net/scripts/main.120724.js?ver=20130911 | 200 OK Content-Length: 15143 Content-Type: application/x-javascript | clean |
http://static.jjwxc.net/scripts/check.js?var=20130812 | 200 OK Content-Length: 1037 Content-Type: application/x-javascript | clean |
http://w.cnzz.com/c.php?id=30075907 | 200 OK Content-Length: 9622 Content-Type: application/javascript | clean |
http://artis-1199027.jjwxc.net/test404page.js | HTTP/1.1 302 Moved Temporarily Connection: close Date: Thu, 10 Apr 2014 21:17:42 GMT Location: http://www.jjwxc.net/error404.php Content-Length: 160 Content-Type: text/html | clean |
http://www.jjwxc.net/error404.php | 200 OK Content-Length: 2147 Content-Type: text/html | clean |
http://www.jjwxc.net/test404page.js | HTTP/1.1 302 Moved Temporarily Connection: close Date: Thu, 10 Apr 2014 21:17:44 GMT Via: 1.1 ht19.powercdn.com (PowerCDN/2.4) Location: http://www.jjwxc.net/error404.php Content-Length: 160 Content-Type: text/html PowerCDN: MISS from ht19.powercdn.com X-Cache: MISS from CU-2-231-ZZ-JJCDN X-Cache-Lookup: MISS from CU-2-231-ZZ-JJCDN:80 | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: artis-1199027.jjwxc.net
Result:
HTTP/1.1 200 OK
Connection: close
Date: Thu, 10 Apr 2014 21:17:37 GMT
Accept-Ranges: bytes
Content-Length: 54485
Content-Type: text/html
Last-Modified: Thu, 10 Apr 2014 17:30:03 GMT
...54485 bytes of data.
GET / HTTP/1.1
Host: artis-1199027.jjwxc.net
Result:
HTTP/1.1 200 OK
Connection: close
Date: Thu, 10 Apr 2014 21:17:37 GMT
Accept-Ranges: bytes
Content-Length: 54485
Content-Type: text/html
Last-Modified: Thu, 10 Apr 2014 17:30:03 GMT
...54485 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: artis-1199027.jjwxc.net
Referer: http://www.google.com/search?q=artis-1199027.jjwxc.net
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: artis-1199027.jjwxc.net
Referer: http://www.google.com/search?q=artis-1199027.jjwxc.net
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=artis-1199027.jjwxc.net
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://artis-1199027.jjwxc.net/
Result: artis-1199027.jjwxc.net is not infected or malware details are not published yet.
Result: artis-1199027.jjwxc.net is not infected or malware details are not published yet.