Scanned pages/files
| Request | Server response | Status |
http://sxgsxx.com/ | 200 OK Content-Length: 57099 Content-Type: text/html | suspicious |
Page code contains blacklisted domain: www.cnypva.com <!-- Powered by: BoXun? CMS 2.0,Company:BoXun Inc. --> <!-- ¼¼Êõµ¥Î»£ºÉ½Î÷²©Ñ¶ÊýÂëÊýÂë¿Æ¼¼ÓÐÏÞ¹«Ë¾ http://www.e186.cn--> <!-- Powered by: BoXun? CMS 2.0,Company:BoXun Inc. --> <!-- ¼¼Êõµ¥Î»£ºÉ½Î÷²©Ñ¶ÊýÂëÊýÂë¿Æ¼¼ÓÐÏÞ¹«Ë¾ http://www.e186.cn--> <!-- Powered by: BoXun? CMS 2.0,Company:BoXun Inc. --> <!-- ¼¼Êõµ¥Î»£ºÉ½Î÷²©Ñ¶ÊýÂëÊýÂë¿Æ¼¼ÓÐÏÞ¹«Ë¾ http://www.e186.cn--> <!-- Powered by: B ...[4534 bytes skipped]... | ||
http://sxgsxx.com/piao.js | HTTP/1.1 200 OK Date: Wed, 23 Jul 2014 23:21:15 GMT Accept-Ranges: bytes ETag: "2a5c6229016cc1:a4e16" Server: Microsoft-IIS/6.0 Content-Length: 3746 Content-Location: http://sxgsxx.com/piao.js Content-Type: application/x-javascript Last-Modified: Fri, 20 May 2011 01:49:20 GMT X-Powered-By: ASP.NET | clean |
http://sxgsxx.com/test404page.js | 404 Not Found Content-Length: 1308 Content-Type: text/html | clean |
http://sxgsxx.com/Scripts/AC_RunActiveContent.js | HTTP/1.1 200 OK Date: Wed, 23 Jul 2014 23:21:17 GMT Accept-Ranges: bytes ETag: "30ac13407abdc81:a4e16" Server: Microsoft-IIS/6.0 Content-Length: 8321 Content-Location: http://sxgsxx.com/Scripts/AC_RunActiveContent.js Content-Type: application/x-javascript Last-Modified: Sat, 24 May 2008 08:43:33 GMT X-Powered-By: ASP.NET | clean |
http://sxgsxx.com/scripts/ac_runactivecontent.js | HTTP/1.1 200 OK Date: Wed, 23 Jul 2014 23:21:19 GMT Accept-Ranges: bytes ETag: "30ac13407abdc81:a4e16" Server: Microsoft-IIS/6.0 Content-Length: 8321 Content-Location: http://sxgsxx.com/scripts/ac_runactivecontent.js Content-Type: application/x-javascript Last-Modified: Sat, 24 May 2008 08:43:33 GMT X-Powered-By: ASP.NET | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: sxgsxx.com
Result:
HTTP/1.1 200 OK
Cache-Control: private
Date: Wed, 23 Jul 2014 23:21:10 GMT
Server: Microsoft-IIS/6.0
Content-Length: 58874
Content-Type: text/html
Set-Cookie: ASPSESSIONIDSSRARCRR=GLAKCOPDOONGIPONKMELHGIO; path=/
X-Died: timeout at scan.pm line 1546.
X-Powered-By: ASP.NET
...58874 bytes of data.
GET / HTTP/1.1
Host: sxgsxx.com
Result:
HTTP/1.1 200 OK
Cache-Control: private
Date: Wed, 23 Jul 2014 23:21:10 GMT
Server: Microsoft-IIS/6.0
Content-Length: 58874
Content-Type: text/html
Set-Cookie: ASPSESSIONIDSSRARCRR=GLAKCOPDOONGIPONKMELHGIO; path=/
X-Died: timeout at scan.pm line 1546.
X-Powered-By: ASP.NET
...58874 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: sxgsxx.com
Referer: http://www.google.com/search?q=sxgsxx.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: sxgsxx.com
Referer: http://www.google.com/search?q=sxgsxx.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=sxgsxx.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://sxgsxx.com/
Result: sxgsxx.com is not infected or malware details are not published yet.
Result: sxgsxx.com is not infected or malware details are not published yet.