Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=177pp.com
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
| Request | Server response | Status |
http://www.177pp.com/ | 200 OK Content-Length: 10639 Content-Type: text/html | suspicious |
Page code contains blacklisted domain: www.98csc.net ...[3994 bytes skipped]... s_lie = 1; s_width = 140; s_height = 500; s_id = 29268; s_bk_color = "CCCCCC"; s_bt_color = "c90000"; s_bg_color = "ffffff"; s_px = 1; </script> <script src="http://e.70e.com/js/cpc_wz_tw_stxw_fd.js" type="text/javascript" charset="gb2312"></script> <p align="center"> <a href="http://www.98csc.net/ku_play_110_12791.exe" target="_blank"> <img src='http://img4.wowcpc.net/2012/homof/728x90.gif' width="728" height="90" border="0" /></a><br /> </p> </body> </html> | ||
http://www.177pp.com/exit.js | 200 OK Content-Length: 662 Content-Type: application/x-javascript | clean |
http://www.177pp.com/jquery/1.3.2/jquery.min.js | 200 OK Content-Length: 57254 Content-Type: application/x-javascript | clean |
http://e.70e.com/js/cpc_wz_tw_stxw.js | 200 OK Content-Length: 1448 Content-Type: application/x-javascript | clean |
http://u493025.778669.com/fshow.php?id=150377 | HTTP/1.1 302 Moved Temporarily Cache-Control: no-cache, must-revalidate Connection: close Date: Sun, 11 Jan 2015 20:51:27 GMT Location: http://think87.peowin.com/p.php?id=150377 Server: nginx/1.0.11 Content-Type: text/html P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" X-Powered-By: PHP/5.3.8 | clean |
http://think87.peowin.com/p.php?id=150377 | 200 OK Content-Length: 20552 Content-Type: text/html | clean |
http://pv.778669.com/ppdisplay.php?sid=40033&topu='+encodeURIComponent(document.location)+'&referer='+encodeURIComponent(document.referrer)+rTerm1.buildPara1()+' | 200 OK Content-Length: 0 Content-Type: text/html | clean |
http://pv.778669.com/test404page.js | 404 Not Found Content-Length: 571 Content-Type: text/html | clean |
http://js.tongji.linezing.com/2993663/tongji.js?20150112 | 200 OK Content-Length: 12831 Content-Type: application/x-javascript | clean |
http://t.ku63.com/t.asp?u=29268&t=3&m=5&j=30&n= | 200 OK Content-Length: 1374 Content-Type: text/html | clean |
http://t.ku63.com/js/w/_70e_T20140326.js | 200 OK Content-Length: 3284 Content-Type: application/x-javascript | clean |
http://t.ku63.com/js/t_20141209.js | 200 OK Content-Length: 13540 Content-Type: application/x-javascript | clean |
http://e.70e.com/js/cpc_wz_tw_stxw_fd.js | 200 OK Content-Length: 6207 Content-Type: application/x-javascript | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: 177pp.com
Result:
GET / HTTP/1.1
Host: 177pp.com
Result:
Second query (visit from search engine):
GET / HTTP/1.1
Host: 177pp.com
Referer: http://www.google.com/search?q=177pp.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: 177pp.com
Referer: http://www.google.com/search?q=177pp.com
Result:
The result is similar to the first query. There are no suspicious redirects found.