Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=37d64.ha.eefav.com
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
| Request | Server response | Status |
http://37d64.ha.eefav.com/ | 200 OK Content-Length: 9571 Content-Type: text/html | suspicious |
Page code contains blacklisted domain: www.mingshui.eefav.com ...[585 bytes skipped]... sheet" type="text/css" media="screen" /> </head> <body> <div id="header"> <div id="logo"> <h1>1.99Æß²Ê</h1> <p>ΪÄãÍƼö</p> </div> <div id="menu"> <ul> <li class="current_page_item"><a href="http://37d64.ha.eefav.com/">1.99Æß²ÊÊ×Ò³</a></li> <li><a href="http://www.mingshui.eefav.com/">´«Æænpc</a></li> <li><a href="http://www.kok3.eefav.com/">¶·ÆÆ´«Ææ</a></li> <li><a href="http://www.es.eefav.com/">´«Ææ´òÔª±¦½Å±¾</a></li> <li><a href="http://37d64.ha.eefav.com.map.html/">ÍøÕ¾µØͼ</a></li> </ul> </div> </div> <!-- end header --> <!-- start page --> <div id="page"> <!-- st ...[11881 bytes skipped]... | ||
http://37d64.ha.eefav.com/tj.js | 200 OK Content-Length: 144 Content-Type: text/javascript | clean |
http://37d64.ha.eefav.com/news2014-4-15/2375.html | 200 OK Content-Length: 2023 Content-Type: text/html | clean |
http://37d64.ha.eefav.com/map.htm | 200 OK Content-Length: 4275 Content-Type: text/html | suspicious |
Page code contains blacklisted domain: juxian.eefav.com ...[1648 bytes skipped]... N-TOP: 20px } #loginform { TEXT-ALIGN: center } </STYLE> <META name=GENERATOR content="MSHTML 8.00.6001.19393"></HEAD> <BODY link=#333333 vLink=#333333> <CENTER id=header> <H2>ÍøÕ¾µØͼ</H2></CENTER> <DIV id=nav><A href="/">·µ»ØÊ×Ò³</A> </DIV> <DIV id=content> <LI><A href="http://juxian.eefav.com" target=_blank>·ÂÊ¢´ó1.85</A> 2014-4-15</LI> <LI><A href="http://0592.eefav.com" target=_blank>´«Ææ˽·þÍøͨ</A> 2014-4-15</LI> <LI><A href="http://176lm.zzgjdz.com" target=_blank>ÃËÖØгÇËÀÍöÀ´Ï®</A> </LI> <LI><A href="http://zk.lexus-jx.com" target=_blank>΢±ä´«Ææ</A>& ...[2850 bytes skipped]... | ||
http://37d64.ha.eefav.com/3map.html | 200 OK Content-Length: 4279 Content-Type: text/html | suspicious |
Page code contains blacklisted domain: baiquan.eefav.com ...[1649 bytes skipped]... -TOP: 20px } #loginform { TEXT-ALIGN: center } </STYLE> <META name=GENERATOR content="MSHTML 8.00.6001.19393"></HEAD> <BODY link=#333333 vLink=#333333> <CENTER id=header> <H2>ÍøÕ¾µØͼ</H2></CENTER> <DIV id=nav><A href="/">·µ»ØÊ×Ò³</A> </DIV> <DIV id=content> <LI><A href="http://baiquan.eefav.com" target=_blank>170½ð±Ò´«Ææ</A> 2014-4-15</LI> <LI><A href="http://mygame.eefav.com" target=_blank>Ѫ¼ÀÀ¶ºÓ</A> 2014-4-15</LI> <LI><A href="http://dazhou.zzjtky.com" target=_blank>Æß²ÊÌìÒâ´«Ææ</A> </LI> <LI><A href="http://shitu.machineryzy.com" target=_blank>33wt</A>&n ...[2854 bytes skipped]... | ||
http://37d64.ha.eefav.com/5map.html | 200 OK Content-Length: 2024 Content-Type: text/html | suspicious |
Page code contains blacklisted domain: dto.eefav.com ...[1647 bytes skipped]... IN-TOP: 20px } #loginform { TEXT-ALIGN: center } </STYLE> <META name=GENERATOR content="MSHTML 8.00.6001.19393"></HEAD> <BODY link=#333333 vLink=#333333> <CENTER id=header> <H2>ÍøÕ¾µØͼ</H2></CENTER> <DIV id=nav><A href="/">·µ»ØÊ×Ò³</A> </DIV> <DIV id=content> <LI><A href="http://dto.eefav.com" target=_blank>´«Æ渴¹Å1.76</A> 2014-4-15</LI> <LI><A href="http://hxsj.eefav.com" target=_blank>Ê¢´óÈÈѪ´«ÆæÊ®ÖÜ</A> 2014-4-15</LI> <LI><A href="http://tankbb.a | ||
http://37d64.ha.eefav.com/test404page.js | 500 Error Content-Length: 14 Content-Type: text/html | clean |
http://37d64.ha.eefav.com/news2014-4-15/6333.html | 200 OK Content-Length: 1996 Content-Type: text/html | clean |
http://37d64.ha.eefav.com/news2014-4-15/9060.html | 200 OK Content-Length: 1978 Content-Type: text/html | clean |
http://37d64.ha.eefav.com/news2014-4-15/7471.html | 200 OK Content-Length: 1971 Content-Type: text/html | clean |
http://37d64.ha.eefav.com/news2014-4-15/4974.html | 200 OK Content-Length: 2017 Content-Type: text/html | clean |
http://37d64.ha.eefav.com/news2014-4-15/2607.html | 200 OK Content-Length: 2011 Content-Type: text/html | clean |
http://37d64.ha.eefav.com/news2014-4-15/2285.html | 200 OK Content-Length: 1967 Content-Type: text/html | clean |
http://37d64.ha.eefav.com/news2014-4-15/1364.html | 200 OK Content-Length: 2022 Content-Type: text/html | clean |
http://37d64.ha.eefav.com/news2014-4-15/6727.html | 200 OK Content-Length: 1954 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: 37d64.ha.eefav.com
Result:
HTTP/1.1 200 OK
Date: Tue, 15 Apr 2014 08:20:05 GMT
Server: Microsoft-IIS/6.0
Content-Length: 9571
Content-Type: text/html
...9571 bytes of data.
GET / HTTP/1.1
Host: 37d64.ha.eefav.com
Result:
HTTP/1.1 200 OK
Date: Tue, 15 Apr 2014 08:20:05 GMT
Server: Microsoft-IIS/6.0
Content-Length: 9571
Content-Type: text/html
...9571 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: 37d64.ha.eefav.com
Referer: http://www.google.com/search?q=37d64.ha.eefav.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: 37d64.ha.eefav.com
Referer: http://www.google.com/search?q=37d64.ha.eefav.com
Result:
The result is similar to the first query. There are no suspicious redirects found.