Scanned pages/files
Request | Server response | Status |
http://tosobrand.com/ | 200 OK Content-Length: 124254 Content-Type: text/html | suspicious |
Page code contains blacklisted domain: www.986ktv.com <h3><div id="link3805lianjiej1"> <a href="http://www.bitauto.com/zhuanti/adtopic/blydzzz/">9±¦À´ Ϊ¶¯¸Ð¼ÓËÙ700 Ȥ¶¯µüÆð</a> <a href="http://news.zol.com.cn/511/5110428.html">Apple WatchÓÀÔ¶´úÌæ²»ÁËÕâЩÊÖ±í</a><a href="http://www.4008000000.com/index.shtml?WT.mcid=C03-360DJ-09-211&WT.srch=1">½µ¼Û³µÏÕ</a><a href="http://bj.tuniu.com/tours/23411898#source=bb"><°Ä¿9ÈÕÓÎ>³ËÒøËóºÅÀÀ°¢½ð ...[4771 bytes skipped]... Deface/Content modification. The following signature was found: Hacked by Heimi ...[74425 bytes skipped]... .cn/adownloadw/index.asp"></a></div> <body onContextMenu="alert('ÄãÄܸ´ÖÆÎÒµÄÔ´ÂëÈ´ÎÞ·¨¸´ÖÆÎÒµÄÕæÐÄ.fuck you mother twenty minutes no problems By£ºHeimi QQ£º2638687857 '); return false" NOOP="if (window.event != null && window.event.button == 2) alert ('Thanks...');"> <head> <meta http-equiv="Content-Type" content="textml; charset=GB2312"> <title>Hacked by Heimi</title> </head> <body bgcolor="black"> <p align="center"> <a target="_blank" title="ºÚÃײ©¿Í" href="http://hackheimi.lofter.com/"> <img src="http://i2.tietuku.com/e402a3251928f561.jpg" border="0" width="450" height="450" alt="Heimi" /></a><br> <hr></hr> <p align="center"><b><font color="#ff0000" face="Comic Sans MS" size="7"> </font><span lang="en-us"& ...[84134 bytes skipped]... | ||
http://tosobrand.com/xjlsrw.xjlib.net/jint1/index.asp | 404 Not Found Content-Length: 1879 Content-Type: text/html | clean |
http://tosobrand.com/test404page.js | 404 Not Found Content-Length: 1879 Content-Type: text/html | clean |
http://tosobrand.com/www.tynjd.com/jint1/index.asp | 404 Not Found Content-Length: 1879 Content-Type: text/html | clean |
http://tosobrand.com/113.106.5.140/jint1/index.asp | 404 Not Found Content-Length: 1879 Content-Type: text/html | clean |
http://tosobrand.com/www.irce.org.cn/jint1/index.asp | 404 Not Found Content-Length: 1879 Content-Type: text/html | clean |
http://tosobrand.com/www.bxgsxw.cn/jint1/index.asp | 404 Not Found Content-Length: 1879 Content-Type: text/html | clean |
http://tosobrand.com/222.75.220.189/jint1/index.asp | 404 Not Found Content-Length: 1879 Content-Type: text/html | clean |
http://tosobrand.com/mail.21esn.com/jint1/index.asp | 404 Not Found Content-Length: 1879 Content-Type: text/html | clean |
http://tosobrand.com/www.dadouyoumo.com/jint1/index.asp | 404 Not Found Content-Length: 1879 Content-Type: text/html | clean |
http://tosobrand.com/210.83.26.132/jint1/index.asp | 404 Not Found Content-Length: 1879 Content-Type: text/html | clean |
http://tosobrand.com/hydentalclinic.com/jint1/index.asp | 404 Not Found Content-Length: 1879 Content-Type: text/html | clean |
http://tosobrand.com/202.109.115.218/jint1/index.asp | 404 Not Found Content-Length: 1879 Content-Type: text/html | clean |
http://tosobrand.com/mhzxxx.czxhzx.com/jint1/index.asp | 404 Not Found Content-Length: 1879 Content-Type: text/html | clean |
http://tosobrand.com/222.78.254.51/jint1/index.asp | 404 Not Found Content-Length: 1879 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: tosobrand.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Mon, 13 Apr 2015 04:59:52 GMT
Accept-Ranges: bytes
ETag: "49046-2ba3c3-5136cbefa8c27"
Server: nginx/1.0.15
Vary: Accept-Encoding
Content-Length: 2859971
Content-Type: text/html
Last-Modified: Sat, 11 Apr 2015 06:11:05 GMT
X-Died: timeout at scan.pm line 1566.
...2859971 bytes of data.
GET / HTTP/1.1
Host: tosobrand.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Mon, 13 Apr 2015 04:59:52 GMT
Accept-Ranges: bytes
ETag: "49046-2ba3c3-5136cbefa8c27"
Server: nginx/1.0.15
Vary: Accept-Encoding
Content-Length: 2859971
Content-Type: text/html
Last-Modified: Sat, 11 Apr 2015 06:11:05 GMT
X-Died: timeout at scan.pm line 1566.
...2859971 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: tosobrand.com
Referer: http://www.google.com/search?q=tosobrand.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: tosobrand.com
Referer: http://www.google.com/search?q=tosobrand.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=tosobrand.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://tosobrand.com/
Result: tosobrand.com is not infected or malware details are not published yet.
Result: tosobrand.com is not infected or malware details are not published yet.