Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=sex012.com
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: clientwebsitedemo.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Sun, 14 Dec 2014 02:45:12 GMT
Server: Apache/2.2.27 (Unix) mod_ssl/2.2.27 OpenSSL/0.9.8e-fips-rhel5 mod_bwlimited/1.4
Content-Type: text/html
X-Powered-By: PHP/5.3.28
GET / HTTP/1.1
Host: clientwebsitedemo.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Sun, 14 Dec 2014 02:45:12 GMT
Server: Apache/2.2.27 (Unix) mod_ssl/2.2.27 OpenSSL/0.9.8e-fips-rhel5 mod_bwlimited/1.4
Content-Type: text/html
X-Powered-By: PHP/5.3.28
Second query (visit from search engine):
GET / HTTP/1.1
Host: clientwebsitedemo.com
Referer: http://www.google.com/search?q=clientwebsitedemo.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: clientwebsitedemo.com
Referer: http://www.google.com/search?q=clientwebsitedemo.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Scanned pages/files
Request | Server response | Status |
http://www.sex012.com/ | HTTP/1.1 301 Moved Permanently Connection: close Date: Tue, 09 Sep 2014 19:30:51 GMT Location: http://www.cnmanual.com/ Server: nginx/1.7.2 Content-Length: 184 Content-Type: text/html | malicious |
http://www.cnmanual.com/ | HTTP/1.1 301 Moved Permanently Connection: close Date: Tue, 09 Sep 2014 19:30:51 GMT Location: portal.php Server: nginx/1.7.2 Content-Type: text/html X-Powered-By: PHP/5.5.14 | clean |
http://www.cnmanual.com/portal.php | 200 OK Content-Length: 62959 Content-Type: text/html | clean |
http://www.cnmanual.com/static/js/common.js?iZ0 | 200 OK Content-Length: 63412 Content-Type: application/javascript | clean |
http://www.sex012.com/static/js/logging.js?iZ0 | HTTP/1.1 301 Moved Permanently Connection: close Date: Tue, 09 Sep 2014 19:31:02 GMT Location: http://www.cnmanual.com/static/js/logging.js?iZ0 Server: nginx/1.7.2 Content-Length: 184 Content-Type: text/html | malicious |
http://www.cnmanual.com/static/js/logging.js?iz0 | 200 OK Content-Length: 603 Content-Type: application/javascript | clean |
http://www.sex012.com/member.php?mod=register | HTTP/1.1 301 Moved Permanently Connection: close Date: Tue, 09 Sep 2014 19:31:04 GMT Location: http://www.cnmanual.com/member.php?mod=register Server: nginx/1.7.2 Content-Length: 184 Content-Type: text/html | malicious |
http://www.cnmanual.com/member.php?mod=register | 200 OK Content-Length: 13325 Content-Type: text/html | clean |
http://www.cnmanual.com/static/js/portal.js?iZ0 | 200 OK Content-Length: 11436 Content-Type: application/javascript | clean |
http://www.sex012.com/static/js/register.js?iZ0 | HTTP/1.1 301 Moved Permanently Connection: close Date: Tue, 09 Sep 2014 19:31:08 GMT Location: http://www.cnmanual.com/static/js/register.js?iZ0 Server: nginx/1.7.2 Content-Length: 184 Content-Type: text/html | malicious |
http://www.cnmanual.com/static/js/register.js?iz0 | 200 OK Content-Length: 10917 Content-Type: application/javascript | clean |
http://www.sex012.com/home.php?mod=misc&ac=sendmail&rand=1410291064 | HTTP/1.1 301 Moved Permanently Connection: close Date: Tue, 09 Sep 2014 19:31:09 GMT Location: http://www.cnmanual.com/home.php?mod=misc&ac=sendmail&rand=1410291064 Server: nginx/1.7.2 Content-Length: 184 Content-Type: text/html | malicious |
http://www.cnmanual.com/home.php?mod=misc&ac=sendmail&rand=1410291064 | 200 OK Content-Length: 0 Content-Type: text/javascript | clean |
http://discuz.gtimg.cn/cloud/scripts/discuz_tips.js?v=1 | 200 OK Content-Length: 6173 Content-Type: application/x-javascript | clean |
http://www.sex012.com/jffz/big52gb.js | HTTP/1.1 301 Moved Permanently Connection: close Date: Tue, 09 Sep 2014 19:31:11 GMT Location: http://www.cnmanual.com/jffz/big52gb.js Server: nginx/1.7.2 Content-Length: 184 Content-Type: text/html | malicious |
http://www.cnmanual.com/jffz/big52gb.js | 200 OK Content-Length: 11251 Content-Type: application/javascript | clean |
http://f.ku63.com/f.asp?u=64816&m=0&n= | 200 OK Content-Length: 240 Content-Type: text/html | clean |
http://f.ku63.com/test404page.js | HTTP/1.1 302 Redirect Date: Tue, 09 Sep 2014 19:30:26 GMT Location: http://www.70e.com/err/404.html Server: Microsoft-IIS/7.5 Content-Length: 154 Content-Type: text/html; charset=UTF-8 X-Powered-By: ASP.NET | clean |
http://www.70e.com/err/404.html | 200 OK Content-Length: 271 Content-Type: text/html | clean |
http://www.70e.com/ | HTTP/1.1 302 Object moved Cache-Control: private Date: Tue, 09 Sep 2014 19:30:47 GMT Location: index.html Server: Microsoft-IIS/7.5 Content-Length: 108 Content-Type: text/html Set-Cookie: ASPSESSIONIDAADAQAQD=LCFGILFDPIHIBEAGBAPHKFJD; path=/ X-Powered-By: ASP.NET | clean |
http://www.70e.com/index.html | 200 OK Content-Length: 6838 Content-Type: text/html | clean |
http://www.70e.com/s_js/interface.js | 200 OK Content-Length: 396 Content-Type: application/x-javascript | clean |
http://www.70e.com/../index.html | 403 Forbidden Content-Length: 312 Content-Type: text/html | clean |
http://www.70e.com/test404page.js | 404 Not Found Content-Length: 5090 Content-Type: text/html | clean |