Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=closea.com
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://closea.com/ | 200 OK Content-Length: 56565 Content-Type: text/html | suspicious |
Hidden iFrame found. size: 10x0 src: http://xin62814.3322.org:89/wm/lz3223.htm <iframe src= http://xin62814.3322.org:89/wm/lz3223.htm width=10 height=0> Hidden iFrame found. size: 10x0 src: http://xin62814.3322.org:89/wm/lz3223.htm <iframe src=http://xin62814.3322.org:89/wm/lz3223.htm width=10 height=0> | ||
http://%71%2En%6Ae%32.%63n/ | 500 Can't connect to q.nje2.cn:80 (Bad hostname) Content-Length: 150 Content-Type: text/plain | clean |
http://%71%2En%6Ae%32.%63n/test404page.js | 500 Can't connect to q.nje2.cn:80 (Bad hostname) Content-Length: 150 Content-Type: text/plain | clean |
http://r.%74l%69%6E%65e%2E%63%6Fm.%63n/ | 200 OK Content-Length: 4836 Content-Type: text/html | clean |
http://www.google.com/adsense/domains/caf.js | 200 OK Content-Length: 258 Content-Type: text/javascript | clean |
http://r.%74l%69%6E%65e%2E%63%6Fm.%63n/privacy.html | 200 OK Content-Length: 6142 Content-Type: text/html | clean |
http://w%2Eck%744.%63%6E/ | 200 OK Content-Length: 14804 Content-Type: text/html | clean |
http://a1.dnbizcdn.com/js/b/client.js | 200 OK Content-Length: 1723 Content-Type: application/x-javascript | clean |
http://cpro.baidustatic.com/cpro/ui/domain_parking.js | 200 OK Content-Length: 174780 Content-Type: application/x-javascript | clean |
http://cpro.baidustatic.com/cpro/ui/ci.js | 200 OK Content-Length: 71507 Content-Type: application/x-javascript | clean |
http://a1.dnbizcdn.com/js/b/jquery.min.js | 200 OK Content-Length: 78601 Content-Type: application/x-javascript | clean |
http://a1.dnbizcdn.com/js/b/caf.js | 200 OK Content-Length: 8900 Content-Type: application/x-javascript | clean |
http://e%2Eckt%34.c%6E/ | 200 OK Content-Length: 14807 Content-Type: text/html | clean |
http://%77%2El%6Fv%652012.%69%6Ef%6F/ | 500 Can't connect to w.love2012.info:80 (Bad hostname) Content-Length: 162 Content-Type: text/plain | clean |
http://q.l%69%67h%7420%31%32.%69nfo/ | 500 Can't connect to q.light2012.info:80 (Bad hostname) Content-Length: 164 Content-Type: text/plain | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: closea.com
Result:
HTTP/1.1 200 OK
Cache-Control: private
Date: Mon, 11 Aug 2014 18:57:37 GMT
Server: Microsoft-IIS/6.0
Content-Length: 56565
Content-Type: text/html; Charset=UTF-8
Set-Cookie: ASPSESSIONIDAQQBTBQS=ABGFLKHAGLJEJCHNGHPIOLAN; path=/
X-Powered-By: ASP.NET
...56565 bytes of data.
GET / HTTP/1.1
Host: closea.com
Result:
HTTP/1.1 200 OK
Cache-Control: private
Date: Mon, 11 Aug 2014 18:57:37 GMT
Server: Microsoft-IIS/6.0
Content-Length: 56565
Content-Type: text/html; Charset=UTF-8
Set-Cookie: ASPSESSIONIDAQQBTBQS=ABGFLKHAGLJEJCHNGHPIOLAN; path=/
X-Powered-By: ASP.NET
...56565 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: closea.com
Referer: http://www.google.com/search?q=closea.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: closea.com
Referer: http://www.google.com/search?q=closea.com
Result:
The result is similar to the first query. There are no suspicious redirects found.