Scanned pages/files
Request | Server response | Status |
http://svechnoy-1211107.jjwxc.net/ | 200 OK Content-Length: 45245 Content-Type: text/html | clean |
http://js.adm.cnzz.net/js/abase.js | 200 OK Content-Length: 21394 Content-Type: application/x-javascript | malicious |
Malicious code - confirmed by antiviruses (see below) function FixedRealShow(){return document.body?(this.init.apply(this,arguments),void 0):!1}(function(window){function FnRegister(e,t){return w[e]||(w[e]=t)}function parseParams(e){var t=map[e];return t?{id:e||e,af:t.af||!1,did:t.aid||0,slotType:t.stype,isbefore:t.pop||0,htmlcode:t._html||0,width:t._w||0,height:t._h||0,stime:1e3*t.time||5e3,ptime:1e3*t.parktime||0,loadtime:1e3*t.loadtime||0,closePosition:t.cb||0,scroll:t.sc||0,position:t.pos||0,mleft:t._m_left||0,mtop:t._m_top||0,ip:t.ip||"",isifr Antivirus reports:
| ||
http://static.jjwxc.net/scripts/jquery-1.8.0.min.js | 200 OK Content-Length: 38395 Content-Type: application/x-javascript | clean |
http://static.jjwxc.net/scripts/jquery.blockUI.pack.js | 200 OK Content-Length: 4854 Content-Type: application/x-javascript | clean |
http://static.jjwxc.net/scripts/jjlogin.js?ver=20140415 | 200 OK Content-Length: 10135 Content-Type: application/x-javascript | clean |
http://static.jjwxc.net/scripts/main.120724.js?ver=20140415 | 200 OK Content-Length: 13160 Content-Type: application/x-javascript | clean |
http://static.jjwxc.net/scripts/check.js?var=20140415 | 200 OK Content-Length: 1037 Content-Type: application/x-javascript | clean |
http://w.cnzz.com/c.php?id=30075907 | 200 OK Content-Length: 9622 Content-Type: application/javascript | clean |
http://svechnoy-1211107.jjwxc.net/test404page.js | HTTP/1.1 302 Moved Temporarily Connection: close Date: Mon, 28 Apr 2014 08:16:18 GMT Location: http://www.jjwxc.net/error404.php Content-Length: 160 Content-Type: text/html | clean |
http://www.jjwxc.net/error404.php | 200 OK Content-Length: 2066 Content-Type: text/html | clean |
http://www.jjwxc.net/test404page.js | HTTP/1.1 302 Moved Temporarily Cache-Control: max-age=604800 Connection: close Date: Thu, 17 Apr 2014 10:01:18 GMT Via: 1.1 ak244.powercdn.com (PowerCDN/2.4) Warning: 113 ak244.powercdn.com (PowerCDN/2.4) This cache hit is still fresh and more than 1 day old Warning: 110 PowerCDN/2.4 "Response is stale" Age: 944100 Location: http://www.jjwxc.net/error404.php Content-Length: 160 Content-Type: text/html Expires: Thu, 24 Apr 2014 10:01:18 GMT PowerCDN: HIT from ak244.powercdn.com X-Cache: HIT from CTC-0-162-ZZ-JJCDN X-Cache-Lookup: HIT from CTC-0-162-ZZ-JJCDN:80 | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: svechnoy-1211107.jjwxc.net
Result:
HTTP/1.1 200 OK
Connection: close
Date: Mon, 28 Apr 2014 08:16:05 GMT
Accept-Ranges: bytes
Content-Length: 45245
Content-Type: text/html
Last-Modified: Mon, 28 Apr 2014 02:20:17 GMT
...45245 bytes of data.
GET / HTTP/1.1
Host: svechnoy-1211107.jjwxc.net
Result:
HTTP/1.1 200 OK
Connection: close
Date: Mon, 28 Apr 2014 08:16:05 GMT
Accept-Ranges: bytes
Content-Length: 45245
Content-Type: text/html
Last-Modified: Mon, 28 Apr 2014 02:20:17 GMT
...45245 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: svechnoy-1211107.jjwxc.net
Referer: http://www.google.com/search?q=svechnoy-1211107.jjwxc.net
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: svechnoy-1211107.jjwxc.net
Referer: http://www.google.com/search?q=svechnoy-1211107.jjwxc.net
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=svechnoy-1211107.jjwxc.net
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://svechnoy-1211107.jjwxc.net/
Result: svechnoy-1211107.jjwxc.net is not infected or malware details are not published yet.
Result: svechnoy-1211107.jjwxc.net is not infected or malware details are not published yet.