Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=zncjdx.xue.net
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://zncjdx.xue.net/
Result: The website is marked by Yandex as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Yandex as suspicious. - visiting this web site may harm your computer.
Details are available here.
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: galerija.info.tm
Result:
HTTP/1.1 500 Can't connect to galerija.info.tm:80
Content-Type: text/plain
GET / HTTP/1.1
Host: galerija.info.tm
Result:
HTTP/1.1 500 Can't connect to galerija.info.tm:80
Content-Type: text/plain
Second query (visit from search engine):
GET / HTTP/1.1
Host: galerija.info.tm
Referer: http://www.google.com/search?q=galerija.info.tm
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: galerija.info.tm
Referer: http://www.google.com/search?q=galerija.info.tm
Result:
The result is similar to the first query. There are no suspicious redirects found.
Scanned pages/files
| Request | Server response | Status |
http://zncjdx.xue.net/ | HTTP/1.1 302 Object moved Cache-Control: private Date: Fri, 03 Oct 2014 03:25:11 GMT Location: http://sz.xue.net/jg/zncjdx/ Server: Microsoft-IIS/7.5 Content-Length: 126 Content-Type: text/html Set-Cookie: ASPSESSIONIDQAAAARDB=AIGFHLADDOBAIGFGKGMEJODD; path=/ X-Powered-By: ASP.NET | malicious |
http://sz.xue.net/jg/zncjdx/ | 200 OK Content-Length: 62650 Content-Type: text/html | suspicious |
Page code contains blacklisted domain: www.xue.net <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=gb2312" /> <title>ÖÐÄϲƾÕþ·¨´óѧÉîÛÚ½ÌѧµãÖ÷Ò³ »¶ÓÄú£¡- ×Ü²Ã°É - ³ÇÊÐ×Ü²Ã°É - ³ÇÊÐѧϰÍø</title> <link rel="stylesheet" type="text/css" href="http://www.xue.net/css/tom.css" /> <script language="javascript"> var cnameyy = "zncjdx" var corp = "ÖÐÄϲƾÕþ·¨´óѧÉîÛÚ½Ìѧµã" var shuz = "zncjdx" </script> <script language="javascript" src="http://www.xue.net/js/Window.js"></script> </head> <body onload="checkcookie();"> <center><div class="top1"> <div class="top2"> <div class="se ...[4362 bytes skipped]... | ||
http://www.xue.net/js/Window.js | 200 OK Content-Length: 3566 Content-Type: application/x-javascript | clean |
http://www.xue.net/js/com_link.asp | 200 OK Content-Length: 321 Content-Type: text/html | clean |
http://www.xue.net/ | 200 OK Content-Length: 42704 Content-Type: text/html | suspicious |
Page code contains blacklisted domain: mx.xue.net ...[1290 bytes skipped]... ion value="1">ÃûУËÑË÷</option> <option value="2">×ÊѶËÑË÷</option> <option value="3">רÌâËÑË÷</option> </select> </div> <input type="image" name="Submit" src="http://www.xue.net/images/sou_bg.gif" /> </form> </div> <div class="top4"> <ul> <li><a href="http://mx.xue.net" target="_blank"><img src="http://www.xue.net/images/mx_kc.gif" height="23" width="91" /></a></li> <li><a href="http://zl.xue.net" target="_blank"><img src="http://www.xue.net/images/xuexi_zl.gif" height="23" width="91" /></a></li> <li><a href="http://www.xue.net/register.asp" target="_blank"><img src="http://www.xue.net/images/zhuce_1.gif" height="23" width="91" /></a></li> < ...[3020 bytes skipped]... | ||
http://count35.51yes.com/click.aspx?id=351754972&logo=1 | 200 OK Content-Length: 1777 Content-Type: text/html | clean |
http://count35.51yes.com/test404page.js | 404 Not Found Content-Length: 1308 Content-Type: text/html | clean |