Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=812816.com
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://812816.com/ | HTTP/1.1 200 OK Date: Wed, 28 Jan 2015 17:58:59 GMT Accept-Ranges: bytes ETag: "8e5e364c4d3ad01:110d" Server: Microsoft-IIS/6.0 Content-Location: http://812816.com/index.htm Content-Type: text/html Last-Modified: Tue, 27 Jan 2015 16:21:25 GMT Set-Cookie: incap_ses_165_286612=IjpEB2+3Dn8SxkhodjNKAl4jyVQAAAAAldu1TayoW8E5N1Dw3XLc+g==; path=/; Domain=.812816.com Set-Cookie: visid_incap_286612=HZYMzUG3R1Owa+SgHnbb614jyVQAAAAAQUIPAAAAAAAkBxRVkNJMzObIfX3BH332; expires=Fri, 27 Jan 2017 15:48:57 GMT; path=/; Domain=.812816.com X-CDN: Incapsula X-Iinfo: 10-1426287-1426289 NNNN CT(170 -1 0) RT(1422467934429 20) q(0 0 2 -1) r(3 3) | clean |
http://812816.com/index.htm | 200 OK Content-Length: 41181 Content-Type: text/html | malicious |
Page code contains blacklisted domain: www.20092.com </style> <meta http-equiv="Content-Language" content="zh-cn"> <meta http-equiv="Content-Type" content="/text/html; charset=gb2312"> <title>ÎÔ»¢²ØÁúÐÄË®ÂÛ̳|ͼƬӡˢ³ö°æÏÂÔØ,ÉÏͼ×îÔç,ͼƬ×îÈ«,±¾Õ¾ÍøÖ·www.20092.com </title> <link href="/style/index.css" rel="stylesheet" type="/text/css"> <meta name="keywords" content="С°×ÁúÂÛ̳,Ì콫ͼ¿â,ºì½ãͼ¿â,118ͼ¿â,²¨Ð¤ÃÅβͼ¿â,×ÔÖÆͼ¿â,ºìÌ«Ñôͼ¿â,ÈÕÔÂͼ¿â,²Êɫͼ¿â-,ͳһͼ¿â,ͳһ²Êɫͼ¿âСϲͼ¿â,Сϲ²Êɫͼ¿â,°ÙºÏͼ¿â,°ÙºÏͼԴ×Ü»ã,°ÙºÏͼ¿â,¹Ô¹Ôͼ¿â,Ïã¸Û¹Ô¹Ôͼ¿â,Сϲͼ¿â,Сϲ²Êɫͼ¿â,¹Ô¹Ô²Êɫͼ¿â,¹Ô¹ÔÍø,ÑÇÖÞͼ¿â,»Ô¸çͼ¿â,ÁªºÏӡˢͼ¿â,ÁªºÏͼ¿â,ÐÀÐÀͼ¿â,ÐÀÐÀӡˢͼ¿â´óÈ« "> <met ...[3754 bytes skipped]... Malicious iFrame found. size: 500x84 src: http://www.20092.com/0xckj1.htm This URL is marked by Google as suspicious <iframe style="padding-bottom: 0px; margin: 0px; padding-left: 0px; padding-right: 0px; padding-top: 0px" height="84" border="0" frameborder="0" width="500" name="i18" scrolling="no" target="_blank" src="http://www.20092.com/0xckj1.htm"> | ||
http://812816.com/tencent://message/?uin=183648326&Site=ÎÔ»¢²ØÁú&Menu=yes | HTTP/1.1 200 OK Date: Wed, 28 Jan 2015 17:59:07 GMT Accept-Ranges: bytes ETag: "8e5e364c4d3ad01:110d" Server: Microsoft-IIS/6.0 Content-Location: http://812816.com/index.htm Content-Type: text/html Last-Modified: Tue, 27 Jan 2015 16:21:25 GMT Set-Cookie: incap_ses_165_286612=Ge/jODbZe1zGyUhodjNKAmYjyVQAAAAAfTsTBf6hEKFpKY2jTgistw==; path=/; Domain=.812816.com Set-Cookie: visid_incap_286612=818jn3/RTbGD/3ip4ywYSmYjyVQAAAAAQUIPAAAAAACHPXY3XG6f0IW7UGr/sF+O; expires=Fri, 27 Jan 2017 15:48:57 GMT; path=/; Domain=.812816.com X-CDN: Incapsula X-Iinfo: 10-1427427-1426289 PNNN RT(1422467941958 0) q(0 0 0 -1) r(2 2) | clean |
http://812816.com/test404page.js | HTTP/1.1 200 OK Date: Wed, 28 Jan 2015 17:59:11 GMT Accept-Ranges: bytes ETag: "8e5e364c4d3ad01:110d" Server: Microsoft-IIS/6.0 Content-Location: http://812816.com/index.htm Content-Type: text/html Last-Modified: Tue, 27 Jan 2015 16:21:25 GMT Set-Cookie: incap_ses_165_286612=R42qDOnJ3x3My0hodjNKAmojyVQAAAAACeszJhfSlqig4lA0ZEJATQ==; path=/; Domain=.812816.com Set-Cookie: visid_incap_286612=kEt/R6tmTUmLivsAxWu95GojyVQAAAAAQUIPAAAAAAAYl9/EPUz8mrRUDiUc12Xq; expires=Fri, 27 Jan 2017 15:48:19 GMT; path=/; Domain=.812816.com X-CDN: Incapsula X-Died: timeout at scan.pm line 1566. X-Iinfo: 9-1076659-1076660 NNNN CT(176 -1 0) RT(1422467946300 0) q(0 0 1 -1) r(3 3) | clean |
http://812816.com/tu111.htm | 200 OK Content-Length: 300634 Content-Type: text/html | suspicious |
Page code contains blacklisted domain: www.20092.com </style> <meta http-equiv="Content-Language" content="zh-cn"> <meta http-equiv="Content-Type" content="/text/html; charset=gb2312"> <title>ÎÔ»¢²ØÁúÐÄË®ÂÛ̳|רעÓÚÌṩÁùºÏ²ÊͼƬӡˢ³ö°æÏÂÔØ,ÉÏͼ×îÔç,ͼƬ×îÈ«,±¾Õ¾ÍøÖ·www.20092.com </title> <link href="/style/index.css" rel="stylesheet" type="/text/css"> <meta name="keywords" content="ÁùºÏС°×ÁúÂÛ̳,Ì콫ͼ¿â,ºì½ãͼ¿â,118ͼ¿â,ÁùºÏ²Êͼ¿â,ÁùºÏ²Ê¿ª½±½á¹û,ÁùºÏ²Ê¿ª½±¼Ç¼,²¨Ð¤ÃÅβͼ¿â,×ÔÖÆͼ¿â,ºìÌ«Ñôͼ¿â,ÈÕÔÂͼ¿â,²Êɫͼ¿â-,ͳһͼ¿â,ͳһ²Êɫͼ¿âСϲͼ¿â,Сϲ²Êɫͼ¿â,°ÙºÏͼ¿â,°ÙºÏͼԴ×Ü»ã,°ÙºÏͼ¿â,¹Ô¹Ôͼ¿â,Ïã¸Û¹Ô¹Ôͼ¿â,Сϲͼ¿â,Сϲ²Êɫͼ¿â,¹Ô¹Ô²Êɫͼ¿â,¹Ô¹ÔÍø,ÑÇÖÞͼ¿â,»Ô¸çͼ¿â,ÁªºÏӡˢͼ¿â,ÁªºÏͼ¿â ...[4194 bytes skipped]... | ||
http://812816.com/bbs | HTTP/1.1 301 Moved Permanently Date: Wed, 28 Jan 2015 17:59:17 GMT Location: http://812816.com/bbs/ Server: Microsoft-IIS/6.0 Content-Length: 145 Content-Type: text/html Set-Cookie: incap_ses_165_286612=u/4iOJfMkTSszkhodjNKAm8jyVQAAAAA0eAHBs4ENA0tXC7gkvnRhA==; path=/; Domain=.812816.com Set-Cookie: visid_incap_286612=x4pB6bMPRqObNzHdn6Yk4G8jyVQAAAAAQUIPAAAAAACQOrt8SpNwuNRcFvGgOHiM; expires=Fri, 27 Jan 2017 15:48:57 GMT; path=/; Domain=.812816.com X-CDN: Incapsula X-Iinfo: 10-1428960-1426289 PNNN RT(1422467951752 1) q(0 0 0 -1) r(2 2) U11 | clean |
http://812816.com/bbs/ | HTTP/1.1 200 OK Date: Wed, 28 Jan 2015 17:59:18 GMT Accept-Ranges: bytes ETag: "aaf0477a223bd01:110d" Server: Microsoft-IIS/6.0 Content-Location: http://812816.com/bbs/index.htm Content-Type: text/html Last-Modified: Wed, 28 Jan 2015 17:47:26 GMT Set-Cookie: incap_ses_165_286612=x5saafmU/DAhz0hodjNKAnEjyVQAAAAA6C/gdrOyyELXQtjfogL2qg==; path=/; Domain=.812816.com Set-Cookie: visid_incap_286612=wEv9YzewQpCsZNZsXnb8mnEjyVQAAAAAQUIPAAAAAACrwGuJ9zgLhiHl0girfRfl; expires=Fri, 27 Jan 2017 15:48:57 GMT; path=/; Domain=.812816.com X-CDN: Incapsula X-Iinfo: 10-1429187-1426289 PNNN RT(1422467952980 1) q(0 0 0 -1) r(2 2) | clean |
http://812816.com/bbs/index.htm | 200 OK Content-Length: 69885 Content-Type: text/html | malicious |
Page code contains blacklisted domain: www.20092.com <SCRIPT LANGUAGE="JavaScript" src="/256x159.js"></SCRIPT>
<script type="text/javascript">var setN=0;</script> </head> <body onClick="if(setN!=1){window.external.addFavorite('http://www.20092.com',' ÎÔ»¢²ØÁúÐÄË®ÂÛ̳£¬Ò»ÂëÖÐÌØ¡¢Ò»Ð¤ÖÐÌظßÊÖÁ¬ÖÐ6ÆÚ');setN=1;}"> <a href="http://www.20092.com" target="_blank"></a> </body> </html> <p></p> <div align="center"> <b style="WORD-WRAP: break-word"> <font style="WORD-WRAP: break-word; FONT-SIZE: 14pt" face="ËÎÌå"> <span style="WORD-WRAP: break-word; FONT-SIZE: 9pt"> <font s ...[4152 bytes skipped]... Malicious iFrame found. size: 936x492 src: http://www.20092.com/007.htm This URL is marked by Google as suspicious <iframe frameborder="0" width="936" scrolling="no" height="492" name="i16" border="0" target="_blank" src="http://www.20092.com/007.htm" style="margin: 0; padding: 0"> | ||
http://812816.com/256x159.js | 200 OK Content-Length: 1682 Content-Type: application/x-javascript | malicious |
Malicious code found. Script contains blacklisted domain: www.20092.com var img_group1 = new Array(); img_group1[0] = "/11/009.gif"; img_group1[1] = "/11/009.gif"; rd_ad_img1 = Math.floor(Math.random() * img_group1.length); document.write("<div align='center'>"); document.write("<div id='ShowAD1' style='position:absolute; z-index: 100;'>"); document.write("<div id='ImgLayer1' style='position:absolute; z-index:1; left: 0px;'>"); document.write("<a href='http://www.20092.com/bbs/topic/58358.htm' target='_blank' onclick=ShowAD1.style.display='block'><img src='"+img_group1[rd_ad_img1]+"' width='100' height='500' border='0'></a></div></div></div>"); ShowAD1.style.top=document.body.clientHeight-132; ShowAD1.style.left=document.body.clientWidth-195; moveL(); function moveL() { ShowAD1.style.top=document.body.scrollTop+document.body.clientHeight-560; Sh ...[977 bytes skipped]... Decoded script: <div align='center'><div id='ShowAD1' style='position:absolute; z-index: 100;'><div id='ImgLayer1' style='position:absolute; z-index:1; left: 0px;'><a href='http://www.20092.com/bbs/topic/58358.htm' target='_blank' onclick=ShowAD1.style.display='block'><img src='/11/009.gif' width='100' height='500' border='0'></a></div></div></div> | ||
http://count1.51yes.com/click.aspx?id=18476984&logo=12 | 200 OK Content-Length: 1691 Content-Type: text/html | clean |
http://812816.com/tu222.htm | 200 OK Content-Length: 171803 Content-Type: text/html | suspicious |
Page code contains blacklisted domain: www.20092.com </style> <meta http-equiv="Content-Language" content="zh-cn"> <meta http-equiv="Content-Type" content="/text/html; charset=gb2312"> <title>ÎÔ»¢²ØÁúÐÄË®ÂÛ̳|רעÓÚÌṩÁùºÏ²ÊͼƬӡˢ³ö°æÏÂÔØ,ÉÏͼ×îÔç,ͼƬ×îÈ«,±¾Õ¾ÍøÖ·www.20092.com </title> <link href="/style/index.css" rel="stylesheet" type="/text/css"> <meta name="keywords" content="ÁùºÏС°×ÁúÂÛ̳,Ì콫ͼ¿â,ºì½ãͼ¿â,118ͼ¿â,ÁùºÏ²Êͼ¿â,ÁùºÏ²Ê¿ª½±½á¹û,ÁùºÏ²Ê¿ª½±¼Ç¼,²¨Ð¤ÃÅβͼ¿â,×ÔÖÆͼ¿â,ºìÌ«Ñôͼ¿â,ÈÕÔÂͼ¿â,²Êɫͼ¿â-,ͳһͼ¿â,ͳһ²Êɫͼ¿âСϲͼ¿â,Сϲ²Êɫͼ¿â,°ÙºÏͼ¿â,°ÙºÏͼԴ×Ü»ã,°ÙºÏͼ¿â,¹Ô¹Ôͼ¿â,Ïã¸Û¹Ô¹Ôͼ¿â,Сϲͼ¿â,Сϲ²Êɫͼ¿â,¹Ô¹Ô²Êɫͼ¿â,¹Ô¹ÔÍø,ÑÇÖÞͼ¿â,»Ô¸çͼ¿â,ÁªºÏӡˢͼ¿â,ÁªºÏͼ¿â ...[4200 bytes skipped]... | ||
http://812816.com/003.htm | 200 OK Content-Length: 18355 Content-Type: text/html | suspicious |
Page code contains blacklisted domain: www.20092.com <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<!-- saved from url=(0029)http://www.20092.com/ --> <HTMLL><HTML><HEAD><TITLE>Ïã¸ÛÁùºÏ²Ê¹«Ë¾×ÊÁÏhttp://www.20092.com</TITLE> <META content="text/htmll; charset=gb2312" http-equiv=Content-Type> <STYLE type=text/css>TD { COLOR: #000000; FONT-SIZE: 12px } TH { COLOR: #000000; FONT-SIZE: 12px } .aaa { LINE-HEIGHT: 30px; FONT-SIZE: 32px; FONT-WEIGHT: bold } .bbb { FONT-WEIGHT: ...[4364 bytes skipped]... | ||
http://812816.com/recycle.cgi?keyword=¼«ÏÞµ¥Ë«Íõ | 200 OK Content-Length: 25552 Content-Type: text/html | suspicious |
Page code contains blacklisted domain: www.20092.com ...[4008 bytes skipped]... NG-RIGHT: 0px; FONT-WEIGHT: 700; TEXT-DECORATION: none; PADDING-TOP: 0px"> <font style="WORD-WRAP: break-word; FONT-SIZE: 14pt" color="#ffffff" size="3"> <span style="font-weight: 700; text-decoration: none"> <font style="WORD-WRAP: break-word; FONT-SIZE: 14pt" color="#ffffff" size="3" face="Book Antiqua"> <a style="COLOR: #000000; FONT-SIZE: 10pt; TEXT-DECORATION: none" target="_blank" href="http://www.20092.com/bbs/topic/58358.htm"> <img border="0" src="http://www.20092.com/images/89012.gif" width="934" height="50"></a></font></span></font></span></font> <iframe border="0" name="I1" align="center" marginWidth="0" frameBorder="0" width="100%" scrolling="no" height="545" target="_blank" src="/007.htm"></iframe> </p> | ||
http://812816.com/bbs/topic/81908389.htm | 200 OK Content-Length: 22302 Content-Type: text/html | suspicious |
Page code contains blacklisted domain: www.20092.com <html> <head> <meta http-equiv="Content-Language" content="zh-cn"> <meta http-equiv="Content-Type" content="text/html; charset=gb2312"> <title>£°£±£²ÆÚ£û¼«ÏÞµ¥Ë«Íõ£ýÈýβÖÐÌØ~~~~~~~~ÔÙ´´»Ô»Í ---·¢±í10ÆÚ´íÒ»</title> <style> <!-- a:active { font-size: 10pt; text-decoration: none } a:link { font-size: 10pt; text-decoration: none } a:visited { ...[4518 bytes skipped]... | ||
http://812816.com/count.cgi?tid=81908389&rid=0& | 200 OK Content-Length: 56 Content-Type: text/html | clean |
http://812816.com/reply.cgi?action=reply&tid=81908389& | 200 OK Content-Length: 10267 Content-Type: text/html | clean |
http://812816.com/jsscript/postcode.js | 200 OK Content-Length: 10266 Content-Type: application/x-javascript | clean |
http://812816.com/./post.cgi?action=post& | 200 OK Content-Length: 10232 Content-Type: text/html | clean |
http://812816.com/./jsscript/postcode.js | 200 OK Content-Length: 7982 Content-Type: application/x-javascript | clean |
http://812816.com/././post.cgi?action=post& | 200 OK Content-Length: 10232 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: 812816.com
Result:
HTTP/1.1 200 OK
Date: Wed, 28 Jan 2015 17:58:59 GMT
Accept-Ranges: bytes
ETag: "8e5e364c4d3ad01:110d"
Server: Microsoft-IIS/6.0
Content-Location: http://812816.com/index.htm
Content-Type: text/html
Last-Modified: Tue, 27 Jan 2015 16:21:25 GMT
Set-Cookie: incap_ses_165_286612=IjpEB2+3Dn8SxkhodjNKAl4jyVQAAAAAldu1TayoW8E5N1Dw3XLc+g==; path=/; Domain=.812816.com
Set-Cookie: visid_incap_286612=HZYMzUG3R1Owa+SgHnbb614jyVQAAAAAQUIPAAAAAAAkBxRVkNJMzObIfX3BH332; expires=Fri, 27 Jan 2017 15:48:57 GMT; path=/; Domain=.812816.com
X-CDN: Incapsula
X-Iinfo: 10-1426287-1426289 NNNN CT(170 -1 0) RT(1422467934429 20) q(0 0 2 -1) r(3 3)
GET / HTTP/1.1
Host: 812816.com
Result:
HTTP/1.1 200 OK
Date: Wed, 28 Jan 2015 17:58:59 GMT
Accept-Ranges: bytes
ETag: "8e5e364c4d3ad01:110d"
Server: Microsoft-IIS/6.0
Content-Location: http://812816.com/index.htm
Content-Type: text/html
Last-Modified: Tue, 27 Jan 2015 16:21:25 GMT
Set-Cookie: incap_ses_165_286612=IjpEB2+3Dn8SxkhodjNKAl4jyVQAAAAAldu1TayoW8E5N1Dw3XLc+g==; path=/; Domain=.812816.com
Set-Cookie: visid_incap_286612=HZYMzUG3R1Owa+SgHnbb614jyVQAAAAAQUIPAAAAAAAkBxRVkNJMzObIfX3BH332; expires=Fri, 27 Jan 2017 15:48:57 GMT; path=/; Domain=.812816.com
X-CDN: Incapsula
X-Iinfo: 10-1426287-1426289 NNNN CT(170 -1 0) RT(1422467934429 20) q(0 0 2 -1) r(3 3)
Second query (visit from search engine):
GET / HTTP/1.1
Host: 812816.com
Referer: http://www.google.com/search?q=812816.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: 812816.com
Referer: http://www.google.com/search?q=812816.com
Result:
The result is similar to the first query. There are no suspicious redirects found.