Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=yscxghj.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://yscxghj.com/
Result: The website is marked by Yandex as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Yandex as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://yscxghj.com/ | 200 OK Content-Length: 54762 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) <!-- imgUrl1="/UpLoadFiles/Article/2014/2014092616582681302.jpg"; imgtext1="ÏØÈË´ó³£Î¯»áÉóÒéͨ¹ýÓñɽÏسÇÊÐ×ÜÌå¹æ..."; imgLink1="/Article/ArticleShow.asp?ArticleID=747"; imgUrl2="/UpLoadFiles/Article/2014/2014072815481977226.jpg"; imgtext2="ÎÒ¾ÖÕÙ¿ªÁìµ¼°à×ÓרÌâÃñÖ÷Éú»î»áÇé¿öͨ..."; imgLink2="/Article/ArticleShow.asp?ArticleID=738"; imgUrl3="/UpLoadFiles/Article/2014/2014071808524816377.jpg"; imgtext3="ÎÒ¾ÖÕÙ¿ª°à×ÓרÌâÃñÖ÷Éú»î»á"; imgLink3="/Ar document.write('</object>'); } Antivirus reports:
| ||
http://yscxghj.com/inc/js/stm31.js | HTTP/1.1 200 OK Date: Sat, 04 Oct 2014 16:06:16 GMT Accept-Ranges: bytes ETag: "48ec9f6fc9a8ca1:9965f" Server: Microsoft-IIS/6.0 Content-Length: 34012 Content-Location: http://yscxghj.com/inc/js/stm31.js Content-Type: application/x-javascript Last-Modified: Mon, 08 Feb 2010 14:17:24 GMT X-Powered-By: ASP.NET | clean |
http://yscxghj.com/test404page.js | 404 Not Found Content-Length: 1308 Content-Type: text/html | clean |
http://yscxghj.com/inc/js/Font.js | HTTP/1.1 200 OK Date: Sat, 04 Oct 2014 16:06:20 GMT Accept-Ranges: bytes ETag: "0c5f26dc9a8ca1:9965f" Server: Microsoft-IIS/6.0 Content-Length: 9433 Content-Location: http://yscxghj.com/inc/js/Font.js Content-Type: application/x-javascript Last-Modified: Mon, 08 Feb 2010 14:17:22 GMT X-Powered-By: ASP.NET | clean |
http://yscxghj.com/inc/js/font.js | HTTP/1.1 200 OK Date: Sat, 04 Oct 2014 16:06:22 GMT Accept-Ranges: bytes ETag: "0c5f26dc9a8ca1:9965f" Server: Microsoft-IIS/6.0 Content-Length: 9433 Content-Location: http://yscxghj.com/inc/js/font.js Content-Type: application/x-javascript Last-Modified: Mon, 08 Feb 2010 14:17:22 GMT X-Powered-By: ASP.NET | clean |
http://yscxghj.com/inc/js/date.js | HTTP/1.1 200 OK Date: Sat, 04 Oct 2014 16:06:25 GMT Accept-Ranges: bytes ETag: "1adca86dc9a8ca1:9965f" Server: Microsoft-IIS/6.0 Content-Length: 647 Content-Location: http://yscxghj.com/inc/js/date.js Content-Type: application/x-javascript Last-Modified: Mon, 08 Feb 2010 14:17:21 GMT X-Powered-By: ASP.NET | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: yscxghj.com
Result:
HTTP/1.1 200 OK
Cache-Control: no-cache
Date: Sat, 04 Oct 2014 16:06:11 GMT
Server: Microsoft-IIS/6.0
Content-Length: 92129
Content-Type: text/html
Expires: Fri, 03 Oct 2014 16:06:10 GMT
Set-Cookie: Aspoo=GuestSID=78158011226449; expires=Sat, 04-Oct-2014 17:06:10 GMT; path=/
Set-Cookie: AspooKill=kill=No; path=/
Set-Cookie: ASPSESSIONIDSSASABCC=IOBDLPPDEIAJBENDLFONFDNN; path=/
Set-Cookie: safedog-flow-item=035AE5DBDB39FBC7B4E4; expires=Tue, 10-Nov-2150 17:39:27 GMT; domain=yscxghj.com; path=/
X-Died: timeout at scan.pm line 1546.
X-Powered-By: ASP.NET
...92129 bytes of data.
GET / HTTP/1.1
Host: yscxghj.com
Result:
HTTP/1.1 200 OK
Cache-Control: no-cache
Date: Sat, 04 Oct 2014 16:06:11 GMT
Server: Microsoft-IIS/6.0
Content-Length: 92129
Content-Type: text/html
Expires: Fri, 03 Oct 2014 16:06:10 GMT
Set-Cookie: Aspoo=GuestSID=78158011226449; expires=Sat, 04-Oct-2014 17:06:10 GMT; path=/
Set-Cookie: AspooKill=kill=No; path=/
Set-Cookie: ASPSESSIONIDSSASABCC=IOBDLPPDEIAJBENDLFONFDNN; path=/
Set-Cookie: safedog-flow-item=035AE5DBDB39FBC7B4E4; expires=Tue, 10-Nov-2150 17:39:27 GMT; domain=yscxghj.com; path=/
X-Died: timeout at scan.pm line 1546.
X-Powered-By: ASP.NET
...92129 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: yscxghj.com
Referer: http://www.google.com/search?q=yscxghj.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: yscxghj.com
Referer: http://www.google.com/search?q=yscxghj.com
Result:
The result is similar to the first query. There are no suspicious redirects found.