Scanned pages/files
Request | Server response | Status |
http://nxgx.com/ | HTTP/1.1 301 Moved Permanently Date: Thu, 09 Oct 2014 09:35:01 GMT Location: http://www.nxgx.com/ Server: Microsoft-IIS/7.5 Content-Length: 143 Content-Type: text/html; charset=UTF-8 X-Powered-By: ASP.NET | clean |
http://www.nxgx.com/ | 200 OK Content-Length: 60360 Content-Type: text/html | clean |
http://www.nxgx.com/Scripts/jquery-1.7.min.js | 200 OK Content-Length: 94020 Content-Type: application/x-javascript | clean |
http://nxgx.com/Scripts/script1.js | HTTP/1.1 301 Moved Permanently Date: Thu, 09 Oct 2014 09:35:04 GMT Location: http://www.nxgx.com/Scripts/script1.js Server: Microsoft-IIS/7.5 Content-Length: 161 Content-Type: text/html; charset=UTF-8 X-Powered-By: ASP.NET | clean |
http://www.nxgx.com/scripts/script1.js | 200 OK Content-Length: 3190 Content-Type: application/x-javascript | clean |
http://nxgx.com/Scripts/jwplayer.js | HTTP/1.1 301 Moved Permanently Date: Thu, 09 Oct 2014 09:35:05 GMT Location: http://www.nxgx.com/Scripts/jwplayer.js Server: Microsoft-IIS/7.5 Content-Length: 162 Content-Type: text/html; charset=UTF-8 X-Powered-By: ASP.NET | clean |
http://www.nxgx.com/scripts/jwplayer.js | 200 OK Content-Length: 140104 Content-Type: application/x-javascript | clean |
http://w.sharethis.com/button/buttons.js | 200 OK Content-Length: 145804 Content-Type: application/x-javascript | malicious |
Malicious code - confirmed by antiviruses (see below) if(typeof(stlib)=="undefined"){var stlib={}}if(!stlib.functions){stlib.functions=[];stlib.functionCount=0}stlib.global={};stlib.global.hash=document.location.href.split("#");stlib.global.hash.shift();stlib.global.hash=stlib.global.hash.join("#");stlib.dynamicOn=true;stlib.debugOn=false;stlib.debug={count:0,messages:[],debug:function(b,a){if(a&&(typeof console)!="undefined"){console.log(b)}stlib.debug.messages.push(b)},show:function(a){for(message in stlib.debug.messages){if((typeof conso Antivirus reports:
| ||
http://syndication.exoclick.com/ads.php?type=728x90&login=spamxxx&cat=2&search=&ad_title_color=0000cc&bgcolor=FFFFFF&border=0&border_color=000000&font=&block_keywords=&ad_text_color=000000&ad_durl_color=008000&adult=0&sub=&text_only=0&show_thumb=&idzone=273502&idsite=126722 | 200 OK Content-Length: 641 Content-Type: text/javascript | clean |
http://syndication.exoclick.com/ads.php?type=300x250&login=spamxxx&cat=2&search=&ad_title_color=0000cc&bgcolor=FFFFFF&border=0&border_color=000000&font=&block_keywords=&ad_text_color=000000&ad_durl_color=008000&adult=0&sub=&text_only=0&show_thumb=&idzone=273504&idsite=126722 | 200 OK Content-Length: 644 Content-Type: text/javascript | clean |
http://syndication.exoclick.com/ads.php?type=250x250&login=spamxxx&cat=2&search=&ad_title_color=0000cc&bgcolor=FFFFFF&border=0&border_color=000000&font=&block_keywords=&ad_text_color=000000&ad_durl_color=008000&adult=0&sub=&text_only=0&show_thumb=&idzone=273508&idsite=126722 | 200 OK Content-Length: 644 Content-Type: text/javascript | clean |
http://syndication.exoclick.com/ads.php?type=300x250&login=spamxxx&cat=2&search=&ad_title_color=0000cc&bgcolor=FFFFFF&border=0&border_color=000000&font=&block_keywords=&ad_text_color=000000&ad_durl_color=008000&adult=0&sub=&text_only=0&show_thumb=&idzone=273510&idsite=126722 | 200 OK Content-Length: 644 Content-Type: text/javascript | clean |
http://syndication.exoclick.com/splash.php?cat=2&idsite=126722&idzone=309024&login=spamxxx&type=3 | 200 OK Content-Length: 5826 Content-Type: application/x-javascript | clean |
http://nxgx.com/category/anal | HTTP/1.1 301 Moved Permanently Date: Thu, 09 Oct 2014 09:35:12 GMT Location: http://www.nxgx.com/category/anal Server: Microsoft-IIS/7.5 Content-Length: 156 Content-Type: text/html; charset=UTF-8 X-Powered-By: ASP.NET | clean |
http://www.nxgx.com/category/anal | 200 OK Content-Length: 61859 Content-Type: text/html | clean |
http://www.nxgx.com/Scripts/script1.js | 200 OK Content-Length: 3190 Content-Type: application/x-javascript | clean |
http://nxgx.com/category/at-work | HTTP/1.1 301 Moved Permanently Date: Thu, 09 Oct 2014 09:35:14 GMT Location: http://www.nxgx.com/category/at-work Server: Microsoft-IIS/7.5 Content-Length: 159 Content-Type: text/html; charset=UTF-8 X-Powered-By: ASP.NET | clean |
http://www.nxgx.com/category/at-work | 200 OK Content-Length: 60638 Content-Type: text/html | clean |
http://www.nxgx.com/Scripts/jwplayer.js | 200 OK Content-Length: 140104 Content-Type: application/x-javascript | clean |
http://nxgx.com/category/beautiful-tits | HTTP/1.1 301 Moved Permanently Date: Thu, 09 Oct 2014 09:35:16 GMT Location: http://www.nxgx.com/category/beautiful-tits Server: Microsoft-IIS/7.5 Content-Length: 166 Content-Type: text/html; charset=UTF-8 X-Powered-By: ASP.NET | clean |
http://www.nxgx.com/category/beautiful-tits | 200 OK Content-Length: 60838 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: nxgx.com
Result:
HTTP/1.1 301 Moved Permanently
Date: Thu, 09 Oct 2014 09:35:01 GMT
Location: http://www.nxgx.com/
Server: Microsoft-IIS/7.5
Content-Length: 143
Content-Type: text/html; charset=UTF-8
X-Powered-By: ASP.NET
...143 bytes of data.
GET / HTTP/1.1
Host: nxgx.com
Result:
HTTP/1.1 301 Moved Permanently
Date: Thu, 09 Oct 2014 09:35:01 GMT
Location: http://www.nxgx.com/
Server: Microsoft-IIS/7.5
Content-Length: 143
Content-Type: text/html; charset=UTF-8
X-Powered-By: ASP.NET
...143 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: nxgx.com
Referer: http://www.google.com/search?q=nxgx.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: nxgx.com
Referer: http://www.google.com/search?q=nxgx.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=nxgx.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://nxgx.com/
Result: nxgx.com is not infected or malware details are not published yet.
Result: nxgx.com is not infected or malware details are not published yet.