Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=8888av.info
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://8888av.info/ | 200 OK Content-Length: 35261 Content-Type: text/html | suspicious |
Page code contains blacklisted domain: www.55aa.info <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="zh" lang="zh"> <head> <meta http-equiv="Content-Type" content="text/html; charset=gb2312" /> <div class="wrap"> <script type="text/javascript" language="javascript" src="http://www.55aa.info/js/ads/alltop.js"></script> <script type="text/javascript" language="javascript" src="http://www.55aa.info/js/ads/content-intro-banner.js"></script> <script src="http://www.088ad.com/page/?s=1050"></script> <title>Ó°ÒôÏÈ·æÄÐÈËÕ¾,¼ª¼ªÓ°ÒôÄÐÈËÕ¾,xfplay³ÉÈËÕ¾7Ìì²¥²¥ Â×ÀíµçÓ°_Â×ÀíƬ,º«¹úÂ×ÀíµçÓ°,º«¹úÂ×ÀíƬ,jjvodÄÐÈ˵çÓ°,ÃÅʼþÊÓƵ - ÄÐÈ˲»Ê¶Ó°ÒôÏÈ·æÄÐÈËÕ¾,¼ª¼ ...[4068 bytes skipped]... | ||
http://www.55aa.info/js/ads/alltop.js | 200 OK Content-Length: 164 Content-Type: application/x-javascript | clean |
http://www.55aa.info/js/ads/content-intro-banner.js | 200 OK Content-Length: 0 Content-Type: application/x-javascript | clean |
http://www.088ad.com/page/?s=1050 | 200 OK Content-Length: 12 Content-Type: text/html | clean |
http://www.088ad.com/test404page.js | 404 Not Found Content-Length: 1308 Content-Type: text/html | clean |
http://8888av.info/js/ads/stts.js | 404 Not Found Content-Length: 1308 Content-Type: text/html | clean |
http://www.55aa.info/js/ads/zxj.js | 200 OK Content-Length: 72 Content-Type: application/x-javascript | clean |
http://www.55aa.info/js/ads/1.js | 200 OK Content-Length: 6739 Content-Type: application/x-javascript | clean |
http://8888av.info/inc/avzyz_api.asp | 200 OK Content-Length: 0 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: 8888av.info
Result:
HTTP/1.1 200 OK
Cache-Control: private
Connection: close
Date: Wed, 10 Sep 2014 22:09:31 GMT
Server: Microsoft-IIS/6.0
Content-Type: text/html
Set-Cookie: ASPSESSIONIDQAARATCQ=CHEMCCEAOBIBBHMPKPPEJOML; path=/
X-Powered-By: ASP.NET
GET / HTTP/1.1
Host: 8888av.info
Result:
HTTP/1.1 200 OK
Cache-Control: private
Connection: close
Date: Wed, 10 Sep 2014 22:09:31 GMT
Server: Microsoft-IIS/6.0
Content-Type: text/html
Set-Cookie: ASPSESSIONIDQAARATCQ=CHEMCCEAOBIBBHMPKPPEJOML; path=/
X-Powered-By: ASP.NET
Second query (visit from search engine):
GET / HTTP/1.1
Host: 8888av.info
Referer: http://www.google.com/search?q=8888av.info
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: 8888av.info
Referer: http://www.google.com/search?q=8888av.info
Result:
The result is similar to the first query. There are no suspicious redirects found.