Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=2gmeitu.com
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
| Request | Server response | Status |
http://2gmeitu.com/ | 200 OK Content-Length: 26306 Content-Type: text/html | clean |
http://www.qqbocaiwang.com/js.js | 500 Can't connect to www.qqbocaiwang.com:80 (Bad hostname) Content-Length: 170 Content-Type: text/plain | clean |
http://www.qqbocaiwang.com/test404page.js | 500 Can't connect to www.qqbocaiwang.com:80 (Bad hostname) Content-Length: 170 Content-Type: text/plain | clean |
http://ad.2gmeitu.com/980_90.js | 404 Not Found Content-Length: 571 Content-Type: text/html | clean |
http://2gmeitu.com/templets/default/image/tj.js | 200 OK Content-Length: 9667 Content-Type: text/html | clean |
http://s84.cnzz.com/stat.php?id=4610366&web_id=4610366 | 200 OK Content-Length: 9321 Content-Type: application/javascript | clean |
http://ad.2gmeitu.com/tj.js | 200 OK Content-Length: 14698 Content-Type: application/x-javascript | suspicious |
Page code contains blacklisted domain: www.jsmbaidu.com var random = {
ad_num : 8, init : function(){ n = (Math.floor(Math.random()*random.ad_num+1)); switch(n){ case 1: document.write('<script type="text/javascript">u_a_client="3758";u_a_width="0";u_a_height="0";u_a_zones="5600";u_a_type="1";<\/script><script src="http://www.jsmbaidu.com/i.js"><\/script>'); document.writeln("<\script src='http://t.ku63.com/t.asp?u=50128&t=3&m=4&n=' charset='gb2312'><\/script>"); document.writeln("<\script src='http://f.ku63.com/f.asp?u=50128&m=0&n=' charset='gb2312'><\/script>"); document.writeln("<\script src='http://f.ku63.com/f.asp?u=50128&m=3&n=&w=1000' charset='gb2312'><\/script>" ...[3888 bytes skipped]... | ||
http://www.2gmeitu.com/plus/autoseo/auto.js | 200 OK Content-Length: 9667 Content-Type: text/html | clean |
http://www.2gmeitu.com/ | 200 OK Content-Length: 26306 Content-Type: text/html | clean |
http://www.2gmeitu.com/templets/default/image/tj.js | 200 OK Content-Length: 9667 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: 2gmeitu.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Fri, 18 Jul 2014 18:26:23 GMT
Accept-Ranges: bytes
Server: nginx/1.0.15
Vary: Accept-Encoding
Content-Length: 26306
Content-Type: text/html
Last-Modified: Sun, 08 Sep 2013 15:56:54 GMT
...26306 bytes of data.
GET / HTTP/1.1
Host: 2gmeitu.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Fri, 18 Jul 2014 18:26:23 GMT
Accept-Ranges: bytes
Server: nginx/1.0.15
Vary: Accept-Encoding
Content-Length: 26306
Content-Type: text/html
Last-Modified: Sun, 08 Sep 2013 15:56:54 GMT
...26306 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: 2gmeitu.com
Referer: http://www.google.com/search?q=2gmeitu.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: 2gmeitu.com
Referer: http://www.google.com/search?q=2gmeitu.com
Result:
The result is similar to the first query. There are no suspicious redirects found.