瑞星卡卡安全论坛

首页 » 技术交流区 » 恶意网站交流 » 【麻烦看下】szwanju.com,疑似被挂
随缘92WJC - 2011-12-20 16:06:00
WHOIS信息

Domain name: szwanju.com

Registrant Contact:
liu xiaohai
liu xiaohai ()

Fax:
sichuanshengkaijiangxianchanglingzhentianmatoucun1
kaijiangxian, Sichuan 636250
CN

Administrative Contact:
liu xiaohai
liu xiaohai 
+86.13313858509
Fax: +86.13313858509
sichuanshengkaijiangxianchanglingzhentianmatoucun1
kaijiangxian, Sichuan 636250
CN

Technical Contact:
liu xiaohai
liu xiaohai
+86.13313858509
Fax: +86.13313858509
sichuanshengkaijiangxianchanglingzhentianmatoucun1
kaijiangxian, Sichuan 636250
CN

Status: Locked

Name Servers:
dns1.name-services.com
dns2.name-services.com
dns3.name-services.com
dns4.name-services.com
dns5.name-services.com

Creation date: 01 Mar 2011 02:24:00
Expiration date: 28 Feb 2012 21:24:00



用户系统信息:Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0; .NET CLR 2.0.50727; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729; TheWorld)
networkedition - 2011-12-20 16:33:00
网站ms被加黑链了。
redbsd - 2011-12-21 13:41:00
跟踪了以下链接,没有发现马,倒是有一些看似不正常的链接. 这要根据此网站结构分析了.
[wide]http://szwanju.com/
    [script]http://szwanju.com/baidu.js
        [frame]http://qiuzhu8.com/sfgg.htm
        [frame]http://qiuzhu8.com/sfgg.htm
            [frame]http://e.sf1234.cc/sf123.html
                [script]http://e.sf1234.cc/Js/link.js
                [script]http://e.sf1234.cc/Js/link1.js
                [script]http://e.sf1234.cc/sf123.js
                        [object]http://e.sf1234.cc/show.html
                [script]http://s112.cnzz.com/stat.php?id=1480397&web_id=1480397
    [script]http://szwanju.com/include/dedeajax2.js
    [script]http://szwanju.com/images/js/j.js
    [script]http://szwanju.com/templets/default/js/pic_scroll.js
    [script]http://szwanju.com/templets/default/js/jquery.cookie.js
    [script]http://szwanju.com/templets/default/js/changeSkin.js
    [script]http://www.dedecms.com/plus/ad_js.php?aid=4
        [script]http://www.dedecms.com/plus/\"http://gg.dedecms.com/afp/door/;ap=4e698489c17ec4000001;ct=js;pu=4ab0b7fed17d993f0001;/?\"
        [frame]http://www.dedecms.com/plus/\"
    [script]http://www.dedecms.com/plus/ad_js.php?aid=5
    [script]http://count14.51yes.com/click.aspx?id=146281686&logo=11
redbsd - 2011-12-21 13:43:00
再提一点,who 泄露很多信息,要适当保密啊.呵呵!
随缘92WJC - 2011-12-22 8:35:00
谢谢楼上2位了,是客户的网站!
1
查看完整版本: 【麻烦看下】szwanju.com,疑似被挂
© 2000 - 2025 Rising Corp. Ltd.