Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=1331.in
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://1331.in/ | 500 timeout Content-Length: 30 Content-Type: text/plain | clean |
http://1331.in/test404page.js | 200 OK Content-Length: 50611 Content-Type: text/html | suspicious |
Page code contains blacklisted domain: www2464.1331.in <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="X-UA-Compatible" content="IE=7" /> <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> <title>ç«ç¾¤è½¯ä»¶404;http://1331.in:80/test404page.js</title> </head> ...[4628 bytes skipped]... | ||
http://js.users.51.la/5525505.js | 200 OK Content-Length: 1945 Content-Type: application/x-javascript | clean |
http://1331.in/neirong/1/?西å®ç«ç¾¤è½¯ä»¶å»ºç« | 200 OK Content-Length: 52655 Content-Type: text/html | suspicious |
Page code contains blacklisted domain: www2464.1331.in <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="X-UA-Compatible" content="IE=7" /> <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> <title>ç«ç¾¤è½¯ä»¶%E8%A5%BF%E5%AE%89%E7%AB%99%E7%BE%A4%E8%BD%AF%E4%BB%B6%E5%BB%BA%E7%AB%99</tit ...[4624 bytes skipped]... | ||
http://rj.1300.in/jl/951n.cn.js | 200 OK Content-Length: 1854 Content-Type: application/x-javascript | malicious |
Malicious code - confirmed by antiviruses (see below) document.writeln("<SCRIPT LANGUAGE=\"Javascript\">");
document.writeln("<!--"); document.writeln("var Words =\"%3Ca%20target%3D%22%5Fblank%22%20title%3D%22SEO%u63A8%u5E7F%u7CFB%u7EDF%u7AD9%u7FA4%u8F6F%u4EF6%22%20href%3D%22http%3A%2F%2Ftb%2E1300%2Ein%2F%22%3E%2D%u6DD8%u5B9D%u8D2D%u4E70%2D%u4E2D%u56FD%u552F%u4E00%u5E94%u7528doc%u6587%u4EF6%u4F18%u5316%u7AD9%u7FA4%u7684%u8F6F%u4EF6%2D%3C%2Fa%3E%2D%3E%0D%0A%3Cscript%20language%3D%22JavaScript%22%20type%3D%22text%2FJavaScript%22%3E document.writeln("function SetNewWords()"); document.writeln("{"); document.writeln("var NewWords;"); document.writeln("NewWords = unescape(Words);"); document.writeln("document.write(NewWords);"); document.writeln("}"); document.writeln("SetNewWords();"); document.writeln("\/\/ -->"); document.writeln("<\/SCRIPT>") Antivirus reports:
| ||
http://1331.in/neirong/2/?nginx äºçº§ååæ³è§£æ | 200 OK Content-Length: 52742 Content-Type: text/html | suspicious |
Page code contains blacklisted domain: www4295.1331.in <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="X-UA-Compatible" content="IE=7" /> <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> <title>ç«ç¾¤è½¯ä»¶nginx%20%E4%BA%8C%E7%BA%A7%E5%9F%9F%E5%90%8D%E6%B3%9B%E8%A7%A3%E6%9E%90</titl ...[4624 bytes skipped]... | ||
http://1331.in/neirong/1/?èå¥ç«ç¾¤å®ç½ | 200 OK Content-Length: 52619 Content-Type: text/html | suspicious |
Page code contains blacklisted domain: www2464.1331.in <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="X-UA-Compatible" content="IE=7" /> <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> <title>ç«ç¾¤è½¯ä»¶%E8%8A%AD%E5%A5%87%E7%AB%99%E7%BE%A4%E5%AE%98%E7%BD%91</title> </h ...[4624 bytes skipped]... | ||
http://1331.in/neirong/3/?å±±è¥¿å»ºç« | 200 OK Content-Length: 52888 Content-Type: text/html | suspicious |
Page code contains blacklisted domain: www768.1331.in <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="X-UA-Compatible" content="IE=7" /> <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> <title>ç«ç¾¤è½¯ä»¶%E5%B1%B1%E8%A5%BF%E5%BB%BA%E7%AB%99</title> </head> ...[4634 bytes skipped]... | ||
http://1331.in/neirong/1/?å¼æºå¢å
è´¹èæ主æºç®¡çç³»ç» | 200 OK Content-Length: 52745 Content-Type: text/html | suspicious |
Page code contains blacklisted domain: www2464.1331.in <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="X-UA-Compatible" content="IE=7" /> <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> <title>ç«ç¾¤è½¯ä»¶%E5%BC%80%E6%BA%90%E5%9B%A2%E5%85%8D%E8%B4%B9%E8%99%9A%E6%8B%9F%E4%B8%BB%E6%9C%B ...[4586 bytes skipped]... | ||
http://1331.in/neirong/4/?1.0cmsç«ç¾¤ | 200 OK Content-Length: 52815 Content-Type: text/html | suspicious |
Page code contains blacklisted domain: www8023.1331.in <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="X-UA-Compatible" content="IE=7" /> <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> <title>ç«ç¾¤è½¯ä»¶1.0cms%E7%AB%99%E7%BE%A4</title> </head> <body> ...[4640 bytes skipped]... | ||
http://1331.in/neirong/3/?èå¥ç«ç¾¤å®ç½ | 200 OK Content-Length: 52924 Content-Type: text/html | suspicious |
Page code contains blacklisted domain: www768.1331.in <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="X-UA-Compatible" content="IE=7" /> <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> <title>ç«ç¾¤è½¯ä»¶%E8%8A%AD%E5%A5%87%E7%AB%99%E7%BE%A4%E5%AE%98%E7%BD%91</title> </h ...[4624 bytes skipped]... | ||
http://1331.in/neirong/2/?éå¥å»ºç«ç³»ç»å
è´¹ | 200 OK Content-Length: 52744 Content-Type: text/html | suspicious |
Page code contains blacklisted domain: www4295.1331.in <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="X-UA-Compatible" content="IE=7" /> <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> <title>ç«ç¾¤è½¯ä»¶%E9%94%90%E5%A5%87%E5%BB%BA%E7%AB%99%E7%B3%BB%E7%BB%9F%E5%85%8D%E8%B4%B9</tit ...[4624 bytes skipped]... | ||
http://1331.in/neirong/2/?å¢ä¸å¤®ç½ç«ç¾¤æå¡å¨ | 200 OK Content-Length: 52762 Content-Type: text/html | suspicious |
Page code contains blacklisted domain: www4295.1331.in <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="X-UA-Compatible" content="IE=7" /> <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> <title>ç«ç¾¤è½¯ä»¶%E5%9B%A2%E4%B8%AD%E5%A4%AE%E7%BD%91%E7%AB%99%E7%BE%A4%E6%9C%8D%E5%8A%A1%E5%99%A ...[4624 bytes skipped]... | ||
http://1331.in/neirong/3/?å¿«é建ç«è½¯ä»¶ | 200 OK Content-Length: 52924 Content-Type: text/html | suspicious |
Page code contains blacklisted domain: www768.1331.in <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="X-UA-Compatible" content="IE=7" /> <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> <title>ç«ç¾¤è½¯ä»¶%E5%BF%AB%E9%80%9F%E5%BB%BA%E7%AB%99%E8%BD%AF%E4%BB%B6</title> </h ...[4624 bytes skipped]... | ||
http://1331.in/neirong/3/?ç¾ä¸æ·å®¢ç«ç¾¤è½¯ä»¶æ·ç¹é | 200 OK Content-Length: 53014 Content-Type: text/html | suspicious |
Page code contains blacklisted domain: www768.1331.in <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="X-UA-Compatible" content="IE=7" /> <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> <title>ç«ç¾¤è½¯ä»¶%E7%99%BE%E4%B8%87%E6%B7%98%E5%AE%A2%E7%AB%99%E7%BE%A4%E8%BD%AF%E4%BB%B6%E6%B7%9 ...[4602 bytes skipped]... |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: 1331.in
Result:
HTTP/1.1 500 timeout
Content-Type: text/plain
GET / HTTP/1.1
Host: 1331.in
Result:
HTTP/1.1 500 timeout
Content-Type: text/plain
Second query (visit from search engine):
GET / HTTP/1.1
Host: 1331.in
Referer: http://www.google.com/search?q=1331.in
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: 1331.in
Referer: http://www.google.com/search?q=1331.in
Result:
The result is similar to the first query. There are no suspicious redirects found.