Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=777188.com
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: letvwang.com
Result:
HTTP/1.1 301 Moved Permanently
Connection: close
Date: Sat, 07 Mar 2015 10:16:56 GMT
Location: http://www.letvwang.com
Server: Microsoft-IIS/6.0
Content-Type: text/html; charset=gbk
X-Powered-By: ASP.NET
X-Powered-By: PHP/5.2.17
GET / HTTP/1.1
Host: letvwang.com
Result:
HTTP/1.1 301 Moved Permanently
Connection: close
Date: Sat, 07 Mar 2015 10:16:56 GMT
Location: http://www.letvwang.com
Server: Microsoft-IIS/6.0
Content-Type: text/html; charset=gbk
X-Powered-By: ASP.NET
X-Powered-By: PHP/5.2.17
Second query (visit from search engine):
GET / HTTP/1.1
Host: letvwang.com
Referer: http://www.google.com/search?q=letvwang.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: letvwang.com
Referer: http://www.google.com/search?q=letvwang.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Scanned pages/files
Request | Server response | Status |
http://www.777188.com/ | HTTP/1.1 302 Redirect Date: Wed, 28 Jan 2015 14:14:27 GMT Location: http://www.5682.com Server: Microsoft-IIS/7.5 Content-Length: 142 Content-Type: text/html; charset=UTF-8 | malicious |
http://www.5682.com/ | HTTP/1.1 302 Redirect Date: Wed, 28 Jan 2015 14:14:32 GMT Location: http://www.5683.com Server: Microsoft-IIS/7.5 Content-Length: 142 Content-Type: text/html; charset=UTF-8 | malicious |
http://www.5683.com/ | 200 OK Content-Length: 93559 Content-Type: text/html | malicious |
Page code contains blacklisted domain: www.90tif.com <htm>
<script language="JavaScript"> <!-- function SymError() { return true; } window.onerror = SymError; //--> </script> <SCRIPT LANGUAGE="javascript"> </SCRIPT> <head> <title>ÉñËãÍø|ÁùºÏ²ÊÂÛ̳|Ïã¸ÛÁùºÏ²Ê¿ª½±½á¹û|¿ª½±¼Ç¼²éѯµÈ´óÐÍͼ¿âÌØÂëÂòÂíÐÂÎÅÎÄ×Ö±¨µÀÍøÕ¾|www.5683.com|</title> <meta name= ...[4084 bytes skipped]... Malicious iFrame found. size: 100x230 src: http://vip.5683.com/6789kj/# This URL is marked by Google as suspicious <iframe name="i13" src="http://vip.5683.com/6789kj/#" width="100%" scrolling="no" border="0" frameborder="0" height="230" style="word-wrap: break-word; margin: 0px; padding: 0px"> Malicious iFrame found. size: 100x545 src: http://5683.com/9999kj.htm This URL is marked by Google as suspicious <iframe name="i14" src="http://5683.com/9999kj.htm" width="100%" scrolling="no" border="0" frameborder="0" height="545" style="word-wrap: break-word; margin: 0px; padding: 0px"> | ||
http://www.5683.com/lh5682/888.js | 200 OK Content-Length: 66495 Content-Type: application/x-javascript | malicious |
Malicious code found. Script contains blacklisted domain: www.885682.com document.writeln("<head>");
document.writeln("<style>"); document.writeln("<!--"); document.writeln("TD {"); document.writeln(" FONT-SIZE: 9pt"); document.writeln("}"); document.writeln("TABLE {"); document.writeln(" FONT-SIZE: 12px; CURSOR: default; COLOR: buttontext"); document.writeln("}"); document.writeln(".title_283"); document.writeln("{color:ffffff;text-align:center;font-size: 13p ...[4047 bytes skipped]... Decoded script: ...[22760 bytes skipped]... src="http://5683.com/tu/new.gif" width="8"></font><span style="word-wrap: break-word; ing: 0; margin: 0; padding: 0"><font color="#000000" face="ËÎÌå" style="margin: 0; padding: 0"><b style="margin: 0; padding: 0"><font color="#0000ff" face="Book Antiqua" style="margin: 0; padding: 0"><a title="[µã»÷ÊÕ²Ø]" style="color: #ffffff; margin: 0; padding: 0" href="javascript:window.external.addFavorite('http://www.885682.com/','¨p¨p¨pÏã¸ÛÁùºÏ²Ê¡¾ÉñËãÍø¡¿×ÊÁÏÖÐÐĨp¨p¨p-www.5683.com')"><font color="#0000FF" style="font-size: 11pt; margin: 0; padding: 0">5683.com</font></a></font></b></font></span></td> <td class=main_760 width="23%" height="21"> <b><font face="ËÎÌå" color="#FF0000">ÈýÁù×óÓÒ¿ª</font></b></td> <td class=main_760 width="21%" height="79" rowspan="3"> ...[35723 bytes skipped]... | ||
http://count32.51yes.com/click.aspx?id=327583568&logo=12 | 200 OK Content-Length: 1694 Content-Type: text/html | clean |
http://count32.51yes.com/test404page.js | 404 Not Found Content-Length: 1308 Content-Type: text/html | clean |
http://count48.51yes.com/click.aspx?id=487502221&logo=12 | 200 OK Content-Length: 1694 Content-Type: text/html | clean |