Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=666com1.tk
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
| Request | Server response | Status |
http://www.666com1.tk/ | 200 OK Content-Length: 162767 Content-Type: text/html | malicious |
Page code contains blacklisted domain: ylzhj.com ...[91 bytes skipped]... TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=gb2312" /> <link href="images/style.css" rel="stylesheet" type="text/css" /> <meta name="description" content="Ãâ·ÑµçÓ°,µçÓ°ÍøÖ·,µçÓ°ËÑË÷,µçÓ°µ¼º½,ÉÏÍøµ¼º½,ÍøÖ·´óÈ«,Ãâ·ÑµçÓ°ÍøÖ·" /> <title>Ãâ·ÑµçÓ°,µçÓ°ÍøÖ·,µçÓ°ËÑË÷,µçÓ°µ¼º½-ylzhj.com</title> <meta name="keywords" content="Óê¶ÍøÖ·´óÈ«,Ãâ·ÑµçÓ°,µçÓ°ÍøÖ·,µçÓ°ËÑË÷,µçÓ°µ¼º½,ÉÏÍøµ¼º½,ÍøÖ·´óÈ«,Ãâ·ÑµçÓ°ÍøÖ·" /> <link rel="shortcut icon" href="favicon.ico"/> <script type="text/javascript"> function MM_goToURL() { //v3.0 var i, args=MM_goToURL.arguments; document.MM_returnValue = false; for (i=0; i<(args.length-1); i+=2) eval(args[i]+".location='"+args[i+1]+"'"); } </script> </head> ...[204889 bytes skipped]... Malicious iFrame found. size: 960x320 src: http://www.ylzhj.com/01.html This URL is marked by Google as suspicious <iframe height='320' width='960' frameborder='no' scrolling='no' src= 'http://www.ylzhj.com/01.html'> | ||
http://www.666com1.tk/inc/come.js | 200 OK Content-Length: 86 Content-Type: application/x-javascript | clean |
http://www.orzks.com/plus/ad_js.php?aid=2 | HTTP/1.1 302 Found Cache-Control: private Date: Thu, 26 Jun 2014 17:08:39 GMT Location: http://www.hugedomains.com/domain_profile.cfm?d=orzks&e=com Server: Microsoft-IIS/8.0 Content-Length: 180 Content-Type: text/html; charset=utf-8 X-Powered-By: ASP.NET | clean |
http://www.hugedomains.com/domain_profile.cfm?d=orzks&e=com | 200 OK Content-Length: 12939 Content-Type: text/html | clean |
http://static.HugeDomains.com/js/common.js?d=2012-02-06 | 200 OK Content-Length: 6727 Content-Type: application/x-javascript | clean |
http://www.orzks.com//translate.google.com/translate_a/element.js?cb=googleTranslateElementInit/ | HTTP/1.1 302 Found Cache-Control: private Date: Thu, 26 Jun 2014 17:08:42 GMT Location: http://www.hugedomains.com/domain_profile.cfm?d=orzks&e=com Server: Microsoft-IIS/8.0 Content-Length: 180 Content-Type: text/html; charset=utf-8 X-Powered-By: ASP.NET | clean |
http://www.hugedomains.com/test404page.js | HTTP/1.1 302 Moved temporarily Cache-Control: private Connection: close Date: Thu, 26 Jun 2014 17:04:21 GMT Location: http://www.HugeDomains.com/ Server: Microsoft-IIS/8.5 Content-Length: 58 Content-Type: text/html Set-Cookie: BTP=1; expires=Fri, 26-Jun-2015 17:19:20 GMT; path=/; domain=hugedomains.com Set-Cookie: CFID=35417; expires=Sat, 24-Jun-2023 17:19:20 GMT; path=/ Set-Cookie: CFTOKEN=CB8698DF-740E-19C6-1771DCF3171E4930; expires=Sat, 24-Jun-2023 17:19:20 GMT; path=/ Set-Cookie: SHOPPINGCART=; expires=Sat, 26-Jul-2014 17:19:20 GMT; path=/ Set-Cookie: REFLOC=; expires=Fri, 26-Jun-2015 17:19:20 GMT; path=/ Set-Cookie: HD=EB197C1477C617C3D56A10612D730BB8008; expires=Fri, 26-Jun-2015 17:19:20 GMT; path=/ Set-Cookie: FWO=vQIF2KwBCfaKGgX1oBAW6PgJWK74QUeu%2F1hYqLVEFuW9Bkq5%2B0VbquRFXLP7Q0qv%2BE9bp%2FNHWrm0CS%2Fc%2BExd3fhBXamKQ1upikYuq%2F80W67%2FRFja%2FkZa3ItNWq7x; expires=Fri, 26-Jun-2015 17:19:20 GMT; path=/ Set-Cookie: PV=%2BAka%2F64QPPesAhk%3D; expires=Fri, 26-Jun-2015 17:19:20 GMT; path=/ X-Powered-By: ASP.NET | clean |
http://www.hugedomains.com/ | HTTP/1.1 200 OK Cache-Control: private Date: Thu, 26 Jun 2014 17:04:21 GMT Accept-Ranges: bytes ETag: W/"8c5368bb6291cf1:2a87" Server: Microsoft-IIS/8.5 Content-Length: 22367 Content-Location: http://www.hugedomains.com/index.htm Content-Type: text/html; charset=utf-8 Last-Modified: Thu, 26 Jun 2014 17:19:05 GMT X-Powered-By: ASP.NET | clean |
http://www.hugedomains.com/index.htm | 200 OK Content-Length: 22548 Content-Type: text/html | clean |
http://www.statcounter.com/counter/counter_xhtml.js | 200 OK Content-Length: 9028 Content-Type: application/x-javascript | clean |
http://js.adm.cnzz.net/s.php?sid=167502&l=sclm&uid=35508 | 200 OK Content-Length: 3677 Content-Type: application/x-javascript | clean |
http://u.scgglm.com/page/s.php?s=167251&w=960&h=90 | 200 OK Content-Length: 665 Content-Type: text/html | clean |
http://www.84lm.com/code/adview_pic_dl.php?r=1&c=7&w=175&h=250&b=0080ff&s=004080&bg=FFFFFF&p=808080&u=384&ty=mr&at=p4&tt=t1 | 200 OK Content-Length: 1168 Content-Type: text/html | clean |
http://www.hhlian.com/code/adview_pic_dl.php?r=4&c=1&w=108&h=500&b=0080ff&s=004080&bg=FFFFFF&p=808080&u=2944&ty=rl&at=p0&tt=t2 | 404 Not Found Content-Length: 0 | clean |
http://js.users.51.la/16376015.js | 200 OK Content-Length: 1979 Content-Type: application/x-javascript | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: 666com1.tk
Result:
GET / HTTP/1.1
Host: 666com1.tk
Result:
Second query (visit from search engine):
GET / HTTP/1.1
Host: 666com1.tk
Referer: http://www.google.com/search?q=666com1.tk
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: 666com1.tk
Referer: http://www.google.com/search?q=666com1.tk
Result:
The result is similar to the first query. There are no suspicious redirects found.