Scanned pages/files
Request | Server response | Status |
http://youxiaxiazai.com/ | HTTP/1.1 301 Moved Permanently Date: Mon, 31 Mar 2014 17:40:11 GMT Location: http://www.youxiaxiazai.com/ Server: Microsoft-IIS/6.0 Content-Length: 151 Content-Type: text/html X-Powered-By: ASP.NET | clean |
http://www.youxiaxiazai.com/ | 200 OK Content-Length: 47311 Content-Type: text/html | clean |
http://www.youxiaxiazai.com/skins/default/common.js | 200 OK Content-Length: 1137 Content-Type: application/x-javascript | malicious |
Malicious code - confirmed by antiviruses (see below) function pageh(idt)
{ if(idt == 4) { document.getElementById('rowthit'+idt.toString()).className= 'down511'; } else { document.getElementById('rowthit'+idt.toString()).className= 'down514'; } document.getElementById('hittextstr'+idt.toString()).style.display = ''; for(var i=1;i<5;i++) { if(idt != i) { if(i==4) { document.getElementById('rowthit'+i.toString()).className= 'down512'; < img1=document.getElementById(img1); img2=document.getElementById(img2); if(adv.style.display=="none") { adv.style.display=""; img1.src="/images/midminus.gif"; img2.src="/images/open2.gif"; } else { adv.style.display="none"; img1.src="/images/midclose.gif"; img2.src="/images/close.gif"; } } function tofocurs() { document.getElementById("softkey").focus(); } Antivirus reports:
| ||
http://youxiaxiazai.com/wenzi.js | HTTP/1.1 301 Moved Permanently Date: Mon, 31 Mar 2014 17:40:13 GMT Location: http://www.youxiaxiazai.com/wenzi.js Server: Microsoft-IIS/6.0 Content-Length: 159 Content-Type: text/html X-Powered-By: ASP.NET | clean |
http://www.youxiaxiazai.com/wenzi.js | 200 OK Content-Length: 307 Content-Type: application/x-javascript | clean |
http://youxiaxiazai.com/dm/syyc.js | HTTP/1.1 301 Moved Permanently Date: Mon, 31 Mar 2014 17:40:14 GMT Location: http://www.youxiaxiazai.com/dm/syyc.js Server: Microsoft-IIS/6.0 Content-Length: 161 Content-Type: text/html X-Powered-By: ASP.NET | clean |
http://www.youxiaxiazai.com/dm/syyc.js | 200 OK Content-Length: 645 Content-Type: application/x-javascript | clean |
http://youxiaxiazai.com/dm/shouye.js | HTTP/1.1 301 Moved Permanently Date: Mon, 31 Mar 2014 17:40:16 GMT Location: http://www.youxiaxiazai.com/dm/shouye.js Server: Microsoft-IIS/6.0 Content-Length: 163 Content-Type: text/html X-Powered-By: ASP.NET | clean |
http://www.youxiaxiazai.com/dm/shouye.js | 200 OK Content-Length: 34 Content-Type: application/x-javascript | clean |
http://youxiaxiazai.com/dingbu.js | HTTP/1.1 301 Moved Permanently Date: Mon, 31 Mar 2014 17:40:16 GMT Location: http://www.youxiaxiazai.com/dingbu.js Server: Microsoft-IIS/6.0 Content-Length: 160 Content-Type: text/html X-Powered-By: ASP.NET | clean |
http://www.youxiaxiazai.com/dingbu.js | 200 OK Content-Length: 90 Content-Type: application/x-javascript | clean |
http://youxiaxiazai.com/tj.js | HTTP/1.1 301 Moved Permanently Date: Mon, 31 Mar 2014 17:40:17 GMT Location: http://www.youxiaxiazai.com/tj.js Server: Microsoft-IIS/6.0 Content-Length: 156 Content-Type: text/html X-Powered-By: ASP.NET | clean |
http://www.youxiaxiazai.com/tj.js | 200 OK Content-Length: 203 Content-Type: application/x-javascript | clean |
http://youxiaxiazai.com/RjAll.js | HTTP/1.1 301 Moved Permanently Date: Mon, 31 Mar 2014 17:40:19 GMT Location: http://www.youxiaxiazai.com/RjAll.js Server: Microsoft-IIS/6.0 Content-Length: 159 Content-Type: text/html X-Powered-By: ASP.NET | clean |
http://www.youxiaxiazai.com/rjall.js | 200 OK Content-Length: 0 Content-Type: application/x-javascript | clean |
http://youxiaxiazai.com/softlist/newlist-1.html | HTTP/1.1 301 Moved Permanently Date: Mon, 31 Mar 2014 17:40:19 GMT Location: http://www.youxiaxiazai.com/softlist/newlist-1.html Server: Microsoft-IIS/6.0 Content-Length: 174 Content-Type: text/html X-Powered-By: ASP.NET | clean |
http://www.youxiaxiazai.com/softlist/newlist-1.html | 200 OK Content-Length: 16198 Content-Type: text/html | clean |
http://www.youxiaxiazai.com/dm/qtall.js | 200 OK Content-Length: 34 Content-Type: application/x-javascript | clean |
http://youxiaxiazai.com/softlist/hotlist-1.html | HTTP/1.1 301 Moved Permanently Date: Mon, 31 Mar 2014 17:40:22 GMT Location: http://www.youxiaxiazai.com/softlist/hotlist-1.html Server: Microsoft-IIS/6.0 Content-Length: 174 Content-Type: text/html X-Powered-By: ASP.NET | clean |
http://www.youxiaxiazai.com/softlist/hotlist-1.html | 200 OK Content-Length: 16801 Content-Type: text/html | clean |
http://www.youxiaxiazai.com/RjAll.js | 200 OK Content-Length: 0 Content-Type: application/x-javascript | clean |
http://youxiaxiazai.com/flmap.html | HTTP/1.1 301 Moved Permanently Date: Mon, 31 Mar 2014 17:40:24 GMT Location: http://www.youxiaxiazai.com/flmap.html Server: Microsoft-IIS/6.0 Content-Length: 161 Content-Type: text/html X-Powered-By: ASP.NET | clean |
http://www.youxiaxiazai.com/flmap.html | 200 OK Content-Length: 13438 Content-Type: text/html | clean |
http://www.youxiaxiazai.com/softlist/list1_1.html | 200 OK Content-Length: 26932 Content-Type: text/html | clean |
http://www.youxiaxiazai.com/dm/fenleiye.js | 200 OK Content-Length: 34 Content-Type: application/x-javascript | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: youxiaxiazai.com
Result:
HTTP/1.1 301 Moved Permanently
Date: Mon, 31 Mar 2014 17:40:11 GMT
Location: http://www.youxiaxiazai.com/
Server: Microsoft-IIS/6.0
Content-Length: 151
Content-Type: text/html
X-Powered-By: ASP.NET
...151 bytes of data.
GET / HTTP/1.1
Host: youxiaxiazai.com
Result:
HTTP/1.1 301 Moved Permanently
Date: Mon, 31 Mar 2014 17:40:11 GMT
Location: http://www.youxiaxiazai.com/
Server: Microsoft-IIS/6.0
Content-Length: 151
Content-Type: text/html
X-Powered-By: ASP.NET
...151 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: youxiaxiazai.com
Referer: http://www.google.com/search?q=youxiaxiazai.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: youxiaxiazai.com
Referer: http://www.google.com/search?q=youxiaxiazai.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=youxiaxiazai.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://youxiaxiazai.com/
Result: youxiaxiazai.com is not infected or malware details are not published yet.
Result: youxiaxiazai.com is not infected or malware details are not published yet.