Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=xw.bjhmxx.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://xw.bjhmxx.com/
Result: The website is marked by Yandex as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Yandex as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://xw.bjhmxx.com/ | 200 OK Content-Length: 3676 Content-Type: text/html | malicious |
Malicious iFrame found. size: 395x251 src: http://www.bjhmxx.com/index1.asp This URL is marked by Yandex as suspicious <iframe src="http://www.bjhmxx.com/index1.asp" width="395" height="251" marginwidth="0" marginheight="0" hspace="0" vspace="0" frameborder="0" scrolling="no"> | ||
http://xw.bjhmxx.com/inc/jquery.js | 200 OK Content-Length: 78601 Content-Type: application/x-javascript | clean |
http://xw.bjhmxx.com/inc/iwms.js | 200 OK Content-Length: 23084 Content-Type: application/x-javascript | clean |
http://xw.bjhmxx.com/memberreg.aspx | 200 OK Content-Length: 5521 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) <!-- function sf_chg() { var s = document.getElementById("password").value; var o = document.getElementById("sf_tb"); if (o){ o = o.rows[0]; for(var i=0; i<3; i++){ o.cells[i].className = "sf_b"; } o.cells[sf_lever(s)-1].className = "sf_a"; } } function sf_lever(s) { if (s.length<6){ return 1; } var re = new RegExp(/^\d+$/); if (re.test(s)){ return 1; } } iwms.ajSrc=null; $.post('ajax.aspx',{act:'ajax',cmd:'usernameValid',name:iwms.ajEncode(ele.value)},function(r){ if (r.valid){ $msg.text("Óû§Ãû¿ÉÒÔʹÓÃ"); }else{ if(r.invalidWord.length>0){ $msg.html("Óû§Ãûº¬·Ç·¨×Ö·û <font color='red'>"+r.invalidWord+"</font>"); }else{ $msg.text("ÄãÌîдµÄÓû§ÃûÒѾ´æÔÚ£¬Çë¸ü»»£¡"); } ele.select(); } },'json'); } --> Antivirus reports:
| ||
http://xw.bjhmxx.com/search.aspx | 200 OK Content-Length: 6625 Content-Type: text/html | clean |
http://xw.bjhmxx.com/inc/calendarDateInput.js | 200 OK Content-Length: 13352 Content-Type: application/x-javascript | clean |
http://xw.bjhmxx.com/list.aspx?cid=156 | 200 OK Content-Length: 8567 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) var pager=new iwmsPager(1,1,false); Antivirus reports:
| ||
http://xw.bjhmxx.com/inc/pager.js | 200 OK Content-Length: 1442 Content-Type: application/x-javascript | clean |
http://xw.bjhmxx.com/list.aspx?cid=26 | 200 OK Content-Length: 1088 Content-Type: text/html | clean |
http://xw.bjhmxx.com/test404page.js | 404 Not Found Content-Length: 1308 Content-Type: text/html | clean |
http://xw.bjhmxx.com/file://58.128.148.17 | 404 Not Found Content-Length: 1308 Content-Type: text/html | clean |
http://xw.bjhmxx.com/list.aspx?cid=29 | 200 OK Content-Length: 15556 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) var pager=new iwmsPager(1,1,false); Antivirus reports:
| ||
http://xw.bjhmxx.com/list.aspx?cid=27 | 200 OK Content-Length: 7806 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) var pager=new iwmsPager(1,1,false); Antivirus reports:
| ||
http://xw.bjhmxx.com/ftp://ftp.bjhmxx.com/ | 404 Not Found Content-Length: 1308 Content-Type: text/html | clean |
http://xw.bjhmxx.com/list.aspx?cid=141 | 200 OK Content-Length: 5790 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: xw.bjhmxx.com
Result:
HTTP/1.1 200 OK
Cache-Control: no-cache
Date: Sun, 07 Sep 2014 19:05:41 GMT
Pragma: no-cache
Server: Microsoft-IIS/6.0
Content-Length: 3676
Content-Type: text/html; charset=gb2312
Expires: -1
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
...3676 bytes of data.
GET / HTTP/1.1
Host: xw.bjhmxx.com
Result:
HTTP/1.1 200 OK
Cache-Control: no-cache
Date: Sun, 07 Sep 2014 19:05:41 GMT
Pragma: no-cache
Server: Microsoft-IIS/6.0
Content-Length: 3676
Content-Type: text/html; charset=gb2312
Expires: -1
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
...3676 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: xw.bjhmxx.com
Referer: http://www.google.com/search?q=xw.bjhmxx.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: xw.bjhmxx.com
Referer: http://www.google.com/search?q=xw.bjhmxx.com
Result:
The result is similar to the first query. There are no suspicious redirects found.