Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=sz.xue.net
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://sz.xue.net/
Result: The website is marked by Yandex as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Yandex as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
| Request | Server response | Status |
http://sz.xue.net/ | 200 OK Content-Length: 300614 Content-Type: text/html | suspicious |
Page code contains blacklisted domain: www.whunf.com <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=gb2312" /> <title>×ܲðÉ(³ÇÊлá)|ÉîÛÚ³ÇÊÐ×ܲðÉ,ѧϰÍø-ÉîÛÚѧϰÍø(xue.net/ceoba.com)|×ܲûáÒé|²Æ¾|ÉÌѧԺ|ÉîÛÚÅàѵÍø|ÉîÛÚÅàѵ¿Î³Ì|ÉîÛÚÆóÒµÅàѵ|ÉîÛÚ¹ÜÀíÅàѵ|ÉîÛÚ¹«¿ª¿Î ...[4273 bytes skipped]... | ||
http://www.ceoba.com/js/city_select2.js | 200 OK Content-Length: 4157 Content-Type: application/x-javascript | clean |
http://www.ceoba.com/js/sliding_door.js | 200 OK Content-Length: 4679 Content-Type: application/x-javascript | suspicious |
Page code contains blacklisted domain: www.xue.net ...[68 bytes skipped]... .getElementById('txtValue'); searchv.value = s; for(var i=0;i<=3;i++) { if (i!=s) { document.getElementById('search_'+i).className="" } else { document.getElementById('search_'+i).className="active"; } } switch (s) { case 0: document.getElementById('searchs').action="http://www.xue.net/soukc.asp"; break; case 1: document.getElementById('searchs').action="http://www.xue.net/souxx.asp"; break; case 2: document.getElementById('searchs').action="http://www.xue.net/souzx.asp"; break; case 3: document.getElementById('searchs').action="http://www.xue.net/souzt.asp"; break; } } //search_check function checktheform() { var searchv ...[4482 bytes skipped]... | ||
http://www.ceoba.com/js/dropdownmenu.js | HTTP/1.1 200 OK Date: Thu, 02 Oct 2014 15:28:51 GMT Accept-Ranges: bytes ETag: "aeb57fcf3aa9ce1:0" Server: Microsoft-IIS/7.5 Content-Length: 1078 Content-Type: text/html Last-Modified: Wed, 04 Sep 2013 06:48:49 GMT X-Powered-By: ASP.NET | clean |
http://www.ceoba.com/ | 500 timeout Content-Length: 30 Content-Type: text/plain | clean |
http://www.ceoba.com/test404page.js | HTTP/1.1 200 OK Date: Thu, 02 Oct 2014 15:28:57 GMT Accept-Ranges: bytes ETag: "aeb57fcf3aa9ce1:0" Server: Microsoft-IIS/7.5 Content-Length: 1078 Content-Type: text/html Last-Modified: Wed, 04 Sep 2013 06:48:49 GMT X-Powered-By: ASP.NET | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: sz.xue.net
Result:
HTTP/1.1 200 OK
Date: Thu, 02 Oct 2014 15:28:45 GMT
Accept-Ranges: bytes
ETag: "3feb213591bacf1:0"
Server: Microsoft-IIS/7.5
Content-Length: 364912
Content-Type: text/html
Last-Modified: Mon, 18 Aug 2014 03:05:04 GMT
X-Powered-By: ASP.NET
...364912 bytes of data.
GET / HTTP/1.1
Host: sz.xue.net
Result:
HTTP/1.1 200 OK
Date: Thu, 02 Oct 2014 15:28:45 GMT
Accept-Ranges: bytes
ETag: "3feb213591bacf1:0"
Server: Microsoft-IIS/7.5
Content-Length: 364912
Content-Type: text/html
Last-Modified: Mon, 18 Aug 2014 03:05:04 GMT
X-Powered-By: ASP.NET
...364912 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: sz.xue.net
Referer: http://www.google.com/search?q=sz.xue.net
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: sz.xue.net
Referer: http://www.google.com/search?q=sz.xue.net
Result:
The result is similar to the first query. There are no suspicious redirects found.