Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=168csd.com
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://www.168csd.com/ | 200 OK Content-Length: 238 Content-Type: text/html | suspicious |
Page code contains blacklisted domain: d687ef1ed80f97de.0075.cdn.78302.com <meta http-equiv="Content-Type" content="text/html; charset=gb2312" />
<script language="javascript" type="text/javascript" src="http://d687ef1ed80f97de.0075.cdn.78302.com/nipaiyi/cdn/js/20150220174545002.js?d=www.168csd.com"></script> | ||
http://d687ef1ed80f97de.0075.cdn.78302.com/nipaiyi/cdn/js/20150220174545002.js?d=www.168csd.com | 200 OK Content-Length: 14921 Content-Type: application/x-javascript | malicious |
Malicious code found. Script contains blacklisted domain: www.168csd.com ...[320 bytes skipped]... kikiwol.com/123.mp3\" tppabs=\"http://www.kikiwol.com/123.mp3\" autostart=true hidden=true loop=true width=\"0\" height=\"0\">"); document.writeln("<meta http-equiv=\"Content-Type\" content=\"text/html; charset=gb2312\" />"); document.writeln("<title>³àÔ´«Ëµ:Ò»¿î2014¶À¼Ò±àÖƵÄÓÎÏ·,×îй¥´òÌìÍ¥°æ£¡</title>"); document.writeln("<link href=\"http://d687ef1ed80f97de.0075.cdn.78302.com/images/index.css?d=www.168csd.com\" rel=\"stylesheet\" type=\"text/css\" />"); document.writeln("<style type=\"text/css\">"); document.writeln("<!--"); document.writeln(".STYLE1 {color:#999999}"); document.writeln(".STYLE2 {"); document.writeln(" font-size:14px;"); document.writeln(" font-weight:bold;"); document.writeln("}"); document.writeln(".STYLE3 {color:#FF00FF}"); document.writeln(".STYLE4 {color:#FF0000}"); document.writeln(".STYLE5 {color:#FFFF ...[3290 bytes skipped]... Decoded script: ...[156 bytes skipped]... p://www.w3.org/1999/xhtml"> <head> <EMBED SRC="http://www.kikiwol.com/123.mp3" tppabs="http://www.kikiwol.com/123.mp3" autostart=true hidden=true loop=true width="0" height="0"> <meta http-equiv="Content-Type" content="text/html; charset=gb2312" /> <title>³àÔ´«Ëµ:Ò»¿î2014¶À¼Ò±àÖƵÄÓÎÏ·,×îй¥´òÌìÍ¥°æ£¡</title> <link href="http://d687ef1ed80f97de.0075.cdn.78302.com/images/index.css?d=www.168csd.com" rel="stylesheet" type="text/css" /> <style type="text/css"> <!-- .STYLE1 {color:#999999} .STYLE2 { font-size:14px; font-weight:bold; } .STYLE3 {color:#FF00FF} .STYLE4 {color:#FF0000} .STYLE5 {color:#FFFF00} .STYLE7 {color:#66FF33} .STYLE8 {color:#33FF99} .STYLE9 {color:#3333CC} .STYLE11 {font-size:14px; font-weight:bold; color:#00FFFF; } --> </style> </head> <body> <d ...[11965 bytes skipped]... | ||
http://www.168csd.com/test404page.js | 404 Not Found Content-Length: 5222 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: 168csd.com
Result:
GET / HTTP/1.1
Host: 168csd.com
Result:
Second query (visit from search engine):
GET / HTTP/1.1
Host: 168csd.com
Referer: http://www.google.com/search?q=168csd.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: 168csd.com
Referer: http://www.google.com/search?q=168csd.com
Result:
The result is similar to the first query. There are no suspicious redirects found.