Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: xp500.com
Result:
HTTP/1.1 301 Moved Permanently
Date: Sun, 05 Oct 2014 02:14:26 GMT
Location: http://www.xp500.com/
Server: Microsoft-IIS/6.0
Content-Length: 144
Content-Type: text/html
X-Powered-By: ASP.NET
...144 bytes of data.
GET / HTTP/1.1
Host: xp500.com
Result:
HTTP/1.1 301 Moved Permanently
Date: Sun, 05 Oct 2014 02:14:26 GMT
Location: http://www.xp500.com/
Server: Microsoft-IIS/6.0
Content-Length: 144
Content-Type: text/html
X-Powered-By: ASP.NET
...144 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: xp500.com
Referer: http://www.google.com/search?q=xp500.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: xp500.com
Referer: http://www.google.com/search?q=xp500.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Scanned pages/files
Request | Server response | Status |
http://xp500.com/ | HTTP/1.1 301 Moved Permanently Date: Sun, 05 Oct 2014 02:14:26 GMT Location: http://www.xp500.com/ Server: Microsoft-IIS/6.0 Content-Length: 144 Content-Type: text/html X-Powered-By: ASP.NET | clean |
http://www.xp500.com/ | HTTP/1.1 200 OK Date: Sun, 05 Oct 2014 02:14:27 GMT Accept-Ranges: bytes ETag: "e288e65389dccf1:8e2" Server: Microsoft-IIS/6.0 Content-Length: 30668 Content-Location: http://www.xp500.com/index.html Content-Type: text/html Last-Modified: Tue, 30 Sep 2014 08:34:19 GMT X-Powered-By: ASP.NET | clean |
http://www.xp500.com/index.html | 200 OK Content-Length: 30668 Content-Type: text/html | clean |
http://www.xp911.com/img/fx.js | 200 OK Content-Length: 840 Content-Type: application/x-javascript | clean |
http://xp500.com/js/tongji.js | HTTP/1.1 301 Moved Permanently Date: Sun, 05 Oct 2014 02:14:35 GMT Location: http://www.xp500.com/js/tongji.js Server: Microsoft-IIS/6.0 Content-Length: 156 Content-Type: text/html X-Powered-By: ASP.NET | clean |
http://www.xp500.com/js/tongji.js | 200 OK Content-Length: 128 Content-Type: application/x-javascript | clean |
http://xp500.com/software/ | HTTP/1.1 301 Moved Permanently Date: Sun, 05 Oct 2014 02:14:37 GMT Location: http://www.xp500.com/software/ Server: Microsoft-IIS/6.0 Content-Length: 153 Content-Type: text/html X-Powered-By: ASP.NET | clean |
http://www.xp500.com/software/ | HTTP/1.1 200 OK Date: Sun, 05 Oct 2014 02:14:37 GMT Accept-Ranges: bytes ETag: "4e91834789dccf1:8e2" Server: Microsoft-IIS/6.0 Content-Length: 16339 Content-Location: http://www.xp500.com/software/index.html Content-Type: text/html Last-Modified: Tue, 30 Sep 2014 08:33:58 GMT X-Powered-By: ASP.NET | clean |
http://www.xp500.com/software/index.html | 200 OK Content-Length: 6561 Content-Type: text/html | clean |
http://www.xp500.com/skin/default/js/tabs.js | 200 OK Content-Length: 1062 Content-Type: application/x-javascript | clean |
http://xp500.com/ghostxp/ | HTTP/1.1 301 Moved Permanently Date: Sun, 05 Oct 2014 02:14:45 GMT Location: http://www.xp500.com/ghostxp/ Server: Microsoft-IIS/6.0 Content-Length: 152 Content-Type: text/html X-Powered-By: ASP.NET | clean |
http://www.xp500.com/ghostxp/ | HTTP/1.1 200 OK Date: Sun, 05 Oct 2014 02:14:46 GMT Accept-Ranges: bytes ETag: "5a5414689dccf1:8e2" Server: Microsoft-IIS/6.0 Content-Length: 24806 Content-Location: http://www.xp500.com/ghostxp/index.html Content-Type: text/html Last-Modified: Tue, 30 Sep 2014 08:33:56 GMT X-Powered-By: ASP.NET | clean |
http://www.xp500.com/ghostxp/index.html | 200 OK Content-Length: 24806 Content-Type: text/html | clean |
http://www.xp500.com/e/public/onclick/?enews=doclass&classid=1 | 200 OK Content-Length: 0 Content-Type: text/html | clean |
http://www.xp500.com/test404page.js | 404 Not Found Content-Length: 1308 Content-Type: text/html | clean |
http://xp500.com/windows7/ | HTTP/1.1 301 Moved Permanently Date: Sun, 05 Oct 2014 02:14:55 GMT Location: http://www.xp500.com/windows7/ Server: Microsoft-IIS/6.0 Content-Length: 153 Content-Type: text/html X-Powered-By: ASP.NET | clean |
http://www.xp500.com/windows7/ | HTTP/1.1 200 OK Date: Sun, 05 Oct 2014 02:14:56 GMT Accept-Ranges: bytes ETag: "687b84689dccf1:8e2" Server: Microsoft-IIS/6.0 Content-Length: 24483 Content-Location: http://www.xp500.com/windows7/index.html Content-Type: text/html Last-Modified: Tue, 30 Sep 2014 08:33:56 GMT X-Powered-By: ASP.NET | clean |
http://www.xp500.com/windows7/index.html | 200 OK Content-Length: 24483 Content-Type: text/html | clean |
http://www.xp500.com/e/public/onclick/?enews=doclass&classid=2 | 200 OK Content-Length: 0 Content-Type: text/html | clean |
http://xp500.com/win8/ | HTTP/1.1 301 Moved Permanently Date: Sun, 05 Oct 2014 02:15:01 GMT Location: http://www.xp500.com/win8/ Server: Microsoft-IIS/6.0 Content-Length: 149 Content-Type: text/html X-Powered-By: ASP.NET | clean |
http://www.xp500.com/win8/ | HTTP/1.1 200 OK Date: Sun, 05 Oct 2014 02:15:01 GMT Accept-Ranges: bytes ETag: "c2dda4689dccf1:8e2" Server: Microsoft-IIS/6.0 Content-Length: 5733 Content-Location: http://www.xp500.com/win8/index.html Content-Type: text/html Last-Modified: Tue, 30 Sep 2014 08:33:56 GMT X-Powered-By: ASP.NET | clean |
http://www.xp500.com/win8/index.html | 200 OK Content-Length: 5733 Content-Type: text/html | clean |
http://www.xp500.com/e/public/onclick/?enews=doclass&classid=3 | 200 OK Content-Length: 0 Content-Type: text/html | clean |
http://xp500.com/bjbxt/ | HTTP/1.1 301 Moved Permanently Date: Sun, 05 Oct 2014 02:15:05 GMT Location: http://www.xp500.com/bjbxt/ Server: Microsoft-IIS/6.0 Content-Length: 150 Content-Type: text/html X-Powered-By: ASP.NET | clean |
http://www.xp500.com/bjbxt/ | HTTP/1.1 200 OK Date: Sun, 05 Oct 2014 02:15:05 GMT Accept-Ranges: bytes ETag: "1e77654689dccf1:8e2" Server: Microsoft-IIS/6.0 Content-Length: 7035 Content-Location: http://www.xp500.com/bjbxt/index.html Content-Type: text/html Last-Modified: Tue, 30 Sep 2014 08:33:56 GMT X-Powered-By: ASP.NET | clean |
http://www.xp500.com/bjbxt/index.html | 200 OK Content-Length: 7035 Content-Type: text/html | clean |
http://www.xp500.com/e/public/onclick/?enews=doclass&classid=10 | 200 OK Content-Length: 0 Content-Type: text/html | clean |
http://xp500.com/cjb/ | HTTP/1.1 301 Moved Permanently Date: Sun, 05 Oct 2014 02:15:08 GMT Location: http://www.xp500.com/cjb/ Server: Microsoft-IIS/6.0 Content-Length: 148 Content-Type: text/html X-Powered-By: ASP.NET | clean |
http://www.xp500.com/cjb/ | HTTP/1.1 200 OK Date: Sun, 05 Oct 2014 02:15:09 GMT Accept-Ranges: bytes ETag: "78d9674689dccf1:8e2" Server: Microsoft-IIS/6.0 Content-Length: 8056 Content-Location: http://www.xp500.com/cjb/index.html Content-Type: text/html Last-Modified: Tue, 30 Sep 2014 08:33:56 GMT X-Powered-By: ASP.NET | clean |
http://www.xp500.com/cjb/index.html | 200 OK Content-Length: 8056 Content-Type: text/html | clean |
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=xp500.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://xp500.com/
Result: xp500.com is not infected or malware details are not published yet.
Result: xp500.com is not infected or malware details are not published yet.