Malware Scanner report for youxiaxiazai.com

Malicious/Suspicious/Total urls checked: 1/0/25

1 page has malicious code. See details below

Blacklists: OK

Malicious Redirects: OK

Malicious/Hidden/Total iFrames: 0/0/0

Deface / Content modification: OK

Free periodic scanning and alerting: setup
(requires eVuln badge or a link to eVuln.com)

Malware & Hack Repair

Malware Removal
Blacklists Removal
Reason Eliminating
1 Month Hack Insurance

More details

Website Hack Insurance

Files & DB Monitoring
Daily Backups
Malware & Hack Detection
Unlimited Hack Repairs

More details

Scanned pages/files

Request	Server response	Status
http://youxiaxiazai.com/	HTTP/1.1 301 Moved Permanently Date: Mon, 31 Mar 2014 17:40:11 GMT Location: http://www.youxiaxiazai.com/ Server: Microsoft-IIS/6.0 Content-Length: 151 Content-Type: text/html X-Powered-By: ASP.NET	clean
http://www.youxiaxiazai.com/	200 OK Content-Length: 47311 Content-Type: text/html	clean
http://www.youxiaxiazai.com/skins/default/common.js	200 OK Content-Length: 1137 Content-Type: application/x-javascript	malicious
Malicious code - confirmed by antiviruses (see below) function pageh(idt) { if(idt == 4) { document.getElementById('rowthit'+idt.toString()).className= 'down511'; } else { document.getElementById('rowthit'+idt.toString()).className= 'down514'; } document.getElementById('hittextstr'+idt.toString()).style.display = ''; for(var i=1;i<5;i++) { if(idt != i) { if(i==4) { document.getElementById('rowthit'+i.toString()).className= 'down512'; < ... 335 bytes are skipped ...vid); img1=document.getElementById(img1); img2=document.getElementById(img2); if(adv.style.display=="none") { adv.style.display=""; img1.src="/images/midminus.gif"; img2.src="/images/open2.gif"; } else { adv.style.display="none"; img1.src="/images/midclose.gif"; img2.src="/images/close.gif"; } } function tofocurs() { document.getElementById("softkey").focus(); } Antivirus reports: Emsisoft Android.Adware.Dowgin.AS (B)
http://youxiaxiazai.com/wenzi.js	HTTP/1.1 301 Moved Permanently Date: Mon, 31 Mar 2014 17:40:13 GMT Location: http://www.youxiaxiazai.com/wenzi.js Server: Microsoft-IIS/6.0 Content-Length: 159 Content-Type: text/html X-Powered-By: ASP.NET	clean
http://www.youxiaxiazai.com/wenzi.js	200 OK Content-Length: 307 Content-Type: application/x-javascript	clean
http://youxiaxiazai.com/dm/syyc.js	HTTP/1.1 301 Moved Permanently Date: Mon, 31 Mar 2014 17:40:14 GMT Location: http://www.youxiaxiazai.com/dm/syyc.js Server: Microsoft-IIS/6.0 Content-Length: 161 Content-Type: text/html X-Powered-By: ASP.NET	clean
http://www.youxiaxiazai.com/dm/syyc.js	200 OK Content-Length: 645 Content-Type: application/x-javascript	clean
http://youxiaxiazai.com/dm/shouye.js	HTTP/1.1 301 Moved Permanently Date: Mon, 31 Mar 2014 17:40:16 GMT Location: http://www.youxiaxiazai.com/dm/shouye.js Server: Microsoft-IIS/6.0 Content-Length: 163 Content-Type: text/html X-Powered-By: ASP.NET	clean
http://www.youxiaxiazai.com/dm/shouye.js	200 OK Content-Length: 34 Content-Type: application/x-javascript	clean
http://youxiaxiazai.com/dingbu.js	HTTP/1.1 301 Moved Permanently Date: Mon, 31 Mar 2014 17:40:16 GMT Location: http://www.youxiaxiazai.com/dingbu.js Server: Microsoft-IIS/6.0 Content-Length: 160 Content-Type: text/html X-Powered-By: ASP.NET	clean
http://www.youxiaxiazai.com/dingbu.js	200 OK Content-Length: 90 Content-Type: application/x-javascript	clean
http://youxiaxiazai.com/tj.js	HTTP/1.1 301 Moved Permanently Date: Mon, 31 Mar 2014 17:40:17 GMT Location: http://www.youxiaxiazai.com/tj.js Server: Microsoft-IIS/6.0 Content-Length: 156 Content-Type: text/html X-Powered-By: ASP.NET	clean
http://www.youxiaxiazai.com/tj.js	200 OK Content-Length: 203 Content-Type: application/x-javascript	clean
http://youxiaxiazai.com/RjAll.js	HTTP/1.1 301 Moved Permanently Date: Mon, 31 Mar 2014 17:40:19 GMT Location: http://www.youxiaxiazai.com/RjAll.js Server: Microsoft-IIS/6.0 Content-Length: 159 Content-Type: text/html X-Powered-By: ASP.NET	clean
http://www.youxiaxiazai.com/rjall.js	200 OK Content-Length: 0 Content-Type: application/x-javascript	clean
http://youxiaxiazai.com/softlist/newlist-1.html	HTTP/1.1 301 Moved Permanently Date: Mon, 31 Mar 2014 17:40:19 GMT Location: http://www.youxiaxiazai.com/softlist/newlist-1.html Server: Microsoft-IIS/6.0 Content-Length: 174 Content-Type: text/html X-Powered-By: ASP.NET	clean
http://www.youxiaxiazai.com/softlist/newlist-1.html	200 OK Content-Length: 16198 Content-Type: text/html	clean
http://www.youxiaxiazai.com/dm/qtall.js	200 OK Content-Length: 34 Content-Type: application/x-javascript	clean
http://youxiaxiazai.com/softlist/hotlist-1.html	HTTP/1.1 301 Moved Permanently Date: Mon, 31 Mar 2014 17:40:22 GMT Location: http://www.youxiaxiazai.com/softlist/hotlist-1.html Server: Microsoft-IIS/6.0 Content-Length: 174 Content-Type: text/html X-Powered-By: ASP.NET	clean
http://www.youxiaxiazai.com/softlist/hotlist-1.html	200 OK Content-Length: 16801 Content-Type: text/html	clean
http://www.youxiaxiazai.com/RjAll.js	200 OK Content-Length: 0 Content-Type: application/x-javascript	clean
http://youxiaxiazai.com/flmap.html	HTTP/1.1 301 Moved Permanently Date: Mon, 31 Mar 2014 17:40:24 GMT Location: http://www.youxiaxiazai.com/flmap.html Server: Microsoft-IIS/6.0 Content-Length: 161 Content-Type: text/html X-Powered-By: ASP.NET	clean
http://www.youxiaxiazai.com/flmap.html	200 OK Content-Length: 13438 Content-Type: text/html	clean
http://www.youxiaxiazai.com/softlist/list1_1.html	200 OK Content-Length: 26932 Content-Type: text/html	clean
http://www.youxiaxiazai.com/dm/fenleiye.js	200 OK Content-Length: 34 Content-Type: application/x-javascript	clean

Malicious Redirects

First query (normal visit):
GET / HTTP/1.1
Host: youxiaxiazai.com

Result:
HTTP/1.1 301 Moved Permanently
Date: Mon, 31 Mar 2014 17:40:11 GMT
Location: http://www.youxiaxiazai.com/
Server: Microsoft-IIS/6.0
Content-Length: 151
Content-Type: text/html
X-Powered-By: ASP.NET

...151 bytes of data.

Second query (visit from search engine):
GET / HTTP/1.1
Host: youxiaxiazai.com
Referer: http://www.google.com/search?q=youxiaxiazai.com

Result:
The result is similar to the first query. There are no suspicious redirects found.

Safe Browsing / Blacklists

Query: http://www.google.com/safebrowsing/diagnostic?site=youxiaxiazai.com

Result: This site is not currently listed as suspicious.

Query: http://yandex.com/infected?l10n=en&url=http://youxiaxiazai.com/

Result: youxiaxiazai.com is not infected or malware details are not published yet.

Recently found suspicious websites

Malware Scanner report for youxiaxiazai.com

Malware & Hack Repair

Website Hack Insurance

Scanned pages/files

Malicious Redirects

Safe Browsing / Blacklists

Recently found suspicious websites

Company

Services

eVuln Labs

eVuln Tools