Scanned pages/files
Request | Server response | Status |
http://i0.xat.com/ | HTTP/1.1 302 Moved Temporarily Cache-Control: public, max-age=432000 Connection: close Date: Tue, 24 Jun 2014 02:48:47 GMT Location: http://xat.com/ Server: cloudflare-nginx Content-Type: text/html Expires: Sun, 29 Jun 2014 02:48:47 GMT CF-Cache-Status: HIT CF-RAY: 13f59bbe2f2408bd-FRA Set-Cookie: __cfduid=ded89563e515f8763485655a043c3767f1403578127062; expires=Mon, 23-Dec-2019 23:50:00 GMT; path=/; domain=.xat.com; HttpOnly | clean |
http://xat.com/ | 200 OK Content-Length: 22533 Content-Type: text/html | suspicious |
Suspicious code found <script src="//ajax.googleapis.com/ajax/libs/jquery/1.9.1/jquery.min.js"></script> <script>window.jQuery || document.write('<script src="http://xat.com/js/vendor/jquery-1.9.1.min.js?v=AA8gCr3"><\/script>')</script> <script src="http://xat.com/js/vendor/jquery.cookie.js?v=AA8gCr3"></script> <script src="http://xat.com/js/vendor/jquery.cookiecuttr.js?v=AA8gCr3"></script> <script src="http://xat.com/js/ve <script src="http://xat.com/js/vendor/jquery.localize.js?v=AA8gCr3"></script> <script src="http://xat.com/js/main.js?v=AA8gCr3"></script> <script src="http://www.google-analytics.com/urchin.js" type="text/javascript"> </script> <script type="text/javascript"> _uacct = "UA-1813155-1"; if(!config.cookiedecline) urchinTracker(); </script> </body> </html> | ||
http://xat.com/test404page.js | 404 Not Found Content-Length: 91 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: i0.xat.com
Result:
HTTP/1.1 302 Moved Temporarily
Cache-Control: public, max-age=432000
Connection: close
Date: Tue, 24 Jun 2014 02:48:47 GMT
Location: http://xat.com/
Server: cloudflare-nginx
Content-Type: text/html
Expires: Sun, 29 Jun 2014 02:48:47 GMT
CF-Cache-Status: HIT
CF-RAY: 13f59bbe2f2408bd-FRA
Set-Cookie: __cfduid=ded89563e515f8763485655a043c3767f1403578127062; expires=Mon, 23-Dec-2019 23:50:00 GMT; path=/; domain=.xat.com; HttpOnly
GET / HTTP/1.1
Host: i0.xat.com
Result:
HTTP/1.1 302 Moved Temporarily
Cache-Control: public, max-age=432000
Connection: close
Date: Tue, 24 Jun 2014 02:48:47 GMT
Location: http://xat.com/
Server: cloudflare-nginx
Content-Type: text/html
Expires: Sun, 29 Jun 2014 02:48:47 GMT
CF-Cache-Status: HIT
CF-RAY: 13f59bbe2f2408bd-FRA
Set-Cookie: __cfduid=ded89563e515f8763485655a043c3767f1403578127062; expires=Mon, 23-Dec-2019 23:50:00 GMT; path=/; domain=.xat.com; HttpOnly
Second query (visit from search engine):
GET / HTTP/1.1
Host: i0.xat.com
Referer: http://www.google.com/search?q=i0.xat.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: i0.xat.com
Referer: http://www.google.com/search?q=i0.xat.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=i0.xat.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://i0.xat.com/
Result: i0.xat.com is not infected or malware details are not published yet.
Result: i0.xat.com is not infected or malware details are not published yet.