Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: igo5.com
Result:
HTTP/1.1 200 OK
Cache-Control: private
Connection: close
Date: Sun, 01 Mar 2015 01:09:17 GMT
ETag: cea54e756000102952b8d58d4045a838
Server: nginx
Content-Language: utf-8
Content-Length: 138358
Content-Type: text/html;charset=utf-8
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Last-Modified: Sat, 28 Feb 2015 07:54:41 GMT
Spot: 001
X-Powered-By: PHP/5.2.17
...138358 bytes of data.
GET / HTTP/1.1
Host: igo5.com
Result:
HTTP/1.1 200 OK
Cache-Control: private
Connection: close
Date: Sun, 01 Mar 2015 01:09:17 GMT
ETag: cea54e756000102952b8d58d4045a838
Server: nginx
Content-Language: utf-8
Content-Length: 138358
Content-Type: text/html;charset=utf-8
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Last-Modified: Sat, 28 Feb 2015 07:54:41 GMT
Spot: 001
X-Powered-By: PHP/5.2.17
...138358 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: igo5.com
Referer: http://www.google.com/search?q=igo5.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: igo5.com
Referer: http://www.google.com/search?q=igo5.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Scanned pages/files
| Request | Server response | Status |
http://igo5.com/ | 200 OK Content-Length: 138358 Content-Type: text/html | clean |
http://pw.cnzz.com/c.php?id=80833783&l=2 | 200 OK Content-Length: 10074 Content-Type: application/javascript | clean |
http://igo5.com/test404page.js | 200 OK Content-Length: 6634 Content-Type: text/html | clean |
http://igo5.com//www.google-analytics.com/analytics.js/ | 200 OK Content-Length: 68791 Content-Type: text/html | clean |
http://c.cnzz.com/core.php?web_id=80833783&l=2&t=q | 200 OK Content-Length: 751 Content-Type: application/javascript | clean |
http://igo5.com/statics/script/tools.js | 200 OK Content-Length: 111968 Content-Type: application/x-javascript | clean |
http://igo5.com/statics/script/goodscupcake.js | 200 OK Content-Length: 3411 Content-Type: application/x-javascript | clean |
http://www.igo5.com/themes/xidan/images/tab.js | 200 OK Content-Length: 6286 Content-Type: application/x-javascript | clean |
http://www.igo5.com/themes/xidan/images/DD_belatedPNG_0.0.8a.js | 200 OK Content-Length: 12331 Content-Type: application/x-javascript | clean |
http://www3.53kf.com/sendacc.jsp?cmd=ACC&did=0&sid=12&company_id=70777732&guest_id=6052583803&status=0&guest_name=&guest_ip=27.115.50.210&guest_ip_info=%E4%B8%8A%E6%B5%B7%E5%B8%82%5B%E8%81%94%E9%80%9A%5D&from_page=&talk_page=http%3A%2F%2Fhangjun%2Ftest.html&kf_time=1392284007&bto_id6d=-99&time=1392284044693 | 200 OK Content-Length: 55 Content-Type: text/xml | clean |
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=igo5.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://igo5.com/
Result: igo5.com is not infected or malware details are not published yet.
Result: igo5.com is not infected or malware details are not published yet.