New scan:

Malware Scanner report for doudougu.net

Malicious/Suspicious/Total urls checked
7/0/25
7 pages have malicious code. See details below
Blacklists
Found
The website is marked by Google as suspicious.

The website "doudougu.net" is probably hacked and losing its visitors. You need to take action as soon as possible to fix security issues.
Malicious Redirects
OK
Malicious/Hidden/Total iFrames
7/0/8
7 malicious iframes found. See details below
Deface / Content modification
OK

Free periodic scanning and alerting: setup
(requires eVuln badge or a link to eVuln.com)

Malware & Hack Repair

  • Malware Removal
  • Blacklists Removal
  • Reason Eliminating
  • 1 Month Hack Insurance

More details

Website Hack Insurance

  • Files & DB Monitoring
  • Daily Backups
  • Malware & Hack Detection
  • Unlimited Hack Repairs

More details

Safe Browsing / Blacklists

Query: http://www.google.com/safebrowsing/diagnostic?site=doudougu.net

Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.

Scanned pages/files

RequestServer responseStatus
http://doudougu.net/
200 OK
Content-Length: 13152
Content-Type: text/html
malicious
Page code contains blacklisted domain: www.5898.cc

...[1468 bytes skipped]...
;"></div><script language="javascript" type="text/javascript">var boardxml='',ISAPI_ReWrite = 0,forum_picurl='skins/Default/';</script>
<div class="header">
<table width="100%">
<tr>

<td style="text-align:right;padding:0px;" valign="bottom"><iframe scrolling='no' frameborder='0' marginheight='0' marginwidth='0' width='100%' height='7350' allowTransparency src=http://www.5898.cc/></iframe></td>
</tr>
</table>
<div class="menu">
<span>
<a href="dv_rss.asp?s=xml&boardid=0"><img src="images/rss.gif" alt="" style="margin-right:5px;" /></a>
<script type="text/javascript">
try{
if(self==top){
document.write('<a href="index.asp?action=frameon" target="_top" title="ÏÔʾ×ó²à°æÃæµ¼º½">×óÀ¸</a>');
}
else{ src="skins/D
...[2541 bytes skipped]...

Malicious iFrame found.
size: 100x7350     
src: http://www.5898.cc/
This URL is marked by Google as suspicious

<iframe scrolling='no' frameborder='0' marginheight='0' marginwidth='0' width='100%' height='7350' allowtransparency src=http://www.5898.cc/>

http://doudougu.net/inc/dv_wnd.js
200 OK
Content-Length: 4011
Content-Type: application/x-javascript
clean
http://doudougu.net/inc/main82.js
200 OK
Content-Length: 23074
Content-Type: application/x-javascript
clean
http://doudougu.net/inc/dv_index.js
200 OK
Content-Length: 4095
Content-Type: application/x-javascript
clean
http://doudougu.net/inc/dv_ajax.js
200 OK
Content-Length: 6347
Content-Type: application/x-javascript
clean
http://doudougu.net/dv_rss.asp?s=xml&boardid=0
200 OK
Content-Length: 1907
Content-Type: text/xml
clean
http://doudougu.net/test404page.js
200 OK
Content-Length: 3173
Content-Type: text/html
clean
http://doudougu.net/cookies.asp?action=dispRight
HTTP/1.1 302 Object moved
Cache-Control: private
Date: Sun, 14 Sep 2014 03:05:26 GMT
Location: index.asp
Server: IIS
Content-Length: 130
Content-Type: text/html; Charset=GB2312
Set-Cookie: Disp=right=1; expires=Sat, 20-Sep-2014 16:00:00 GMT; path=/
Set-Cookie: DvForum+8%2E2%5Fdoudougu%2Enet=StatUserID=7819803828; expires=Sun, 14-Sep-2014 04:05:26 GMT; path=/
Set-Cookie: ASPSESSIONIDSQBDBRDD=IDHHFCICONPMBMOGKBNNCBHJ; path=/
X-Powered-By: WAF/2.0
clean
http://doudougu.net/index.asp
200 OK
Content-Length: 13152
Content-Type: text/html
malicious
Page code contains blacklisted domain: www.5898.cc

...[1468 bytes skipped]...
;"></div><script language="javascript" type="text/javascript">var boardxml='',ISAPI_ReWrite = 0,forum_picurl='skins/Default/';</script>
<div class="header">
<table width="100%">
<tr>

<td style="text-align:right;padding:0px;" valign="bottom"><iframe scrolling='no' frameborder='0' marginheight='0' marginwidth='0' width='100%' height='7350' allowTransparency src=http://www.5898.cc/></iframe></td>
</tr>
</table>
<div class="menu">
<span>
<a href="dv_rss.asp?s=xml&boardid=0"><img src="images/rss.gif" alt="" style="margin-right:5px;" /></a>
<script type="text/javascript">
try{
if(self==top){
document.write('<a href="index.asp?action=frameon" target="_top" title="ÏÔʾ×ó²à°æÃæµ¼º½">×óÀ¸</a>');
}
else{ src="skins/D
...[2541 bytes skipped]...

Malicious iFrame found.
size: 100x7350     
src: http://www.5898.cc/
This URL is marked by Google as suspicious

<iframe scrolling='no' frameborder='0' marginheight='0' marginwidth='0' width='100%' height='7350' allowtransparency src=http://www.5898.cc/>

http://doudougu.net/login.asp
200 OK
Content-Length: 7691
Content-Type: text/html
malicious
Page code contains blacklisted domain: www.5898.cc

...[1480 bytes skipped]...
;"></div><script language="javascript" type="text/javascript">var boardxml='',ISAPI_ReWrite = 0,forum_picurl='skins/Default/';</script>
<div class="header">
<table width="100%">
<tr>

<td style="text-align:right;padding:0px;" valign="bottom"><iframe scrolling='no' frameborder='0' marginheight='0' marginwidth='0' width='100%' height='7350' allowTransparency src=http://www.5898.cc/></iframe></td>
</tr>
</table>
<div class="menu">
<span>
<a href="dv_rss.asp?s=xml&boardid=0"><img src="images/rss.gif" alt="" style="margin-right:5px;" /></a>
<script type="text/javascript">
try{
if(self==top){
document.write('<a href="index.asp?action=frameon" target="_top" title="ÏÔʾ×ó²à°æÃæµ¼º½">×óÀ¸</a>');
="clear:both" />
&
...[2604 bytes skipped]...

Malicious iFrame found.
size: 100x7350     
src: http://www.5898.cc/
This URL is marked by Google as suspicious

<iframe scrolling='no' frameborder='0' marginheight='0' marginwidth='0' width='100%' height='7350' allowtransparency src=http://www.5898.cc/>

http://doudougu.net/inc/ajax_log.js
200 OK
Content-Length: 5636
Content-Type: application/x-javascript
clean
http://doudougu.net/reg.asp?action=apply
HTTP/1.1 302 Object moved
Cache-Control: private
Date: Sun, 14 Sep 2014 03:05:31 GMT
Location: showerr.asp?ErrCodes=<li>±¾ÂÛ̳ÔÝʱֹͣע²á¡£&action=OtherErr
Server: IIS
Content-Length: 192
Content-Type: text/html; Charset=GB2312
Set-Cookie: geturl=%2Freg%2Easp%3Faction%3Dapply; path=/
Set-Cookie: DvForum+8%2E2%5Fdoudougu%2Enet=StatUserID=7819804377; expires=Sun, 14-Sep-2014 04:05:30 GMT; path=/
Set-Cookie: ASPSESSIONIDSQBDBRDD=LDHHFCICCDJLJIJFPAABBGOM; path=/
X-Powered-By: WAF/2.0
clean
http://doudougu.net/showerr.asp?errcodes=<li>±¾ÂÛ̳ÔÝʱֹͣע²á¡£&action=othererr
200 OK
Content-Length: 7573
Content-Type: text/html
malicious
Page code contains blacklisted domain: www.5898.cc

...[1484 bytes skipped]...
;"></div><script language="javascript" type="text/javascript">var boardxml='',ISAPI_ReWrite = 0,forum_picurl='skins/Default/';</script>
<div class="header">
<table width="100%">
<tr>

<td style="text-align:right;padding:0px;" valign="bottom"><iframe scrolling='no' frameborder='0' marginheight='0' marginwidth='0' width='100%' height='7350' allowTransparency src=http://www.5898.cc/></iframe></td>
</tr>
</table>
<div class="menu">
<span>
<a href="dv_rss.asp?s=xml&boardid=0"><img src="images/rss.gif" alt="" style="margin-right:5px;" /></a>
<script type="text/javascript">
try{
if(self==top){
document.write('<a href="index.asp?action=frameon" target="_top" title="ÏÔʾ×ó²à°æÃæµ¼º½">×óÀ¸</a>'); right; padding:10px" class="tablebody
...[2540 bytes skipped]...

Malicious iFrame found.
size: 100x7350     
src: http://www.5898.cc/
This URL is marked by Google as suspicious

<iframe scrolling='no' frameborder='0' marginheight='0' marginwidth='0' width='100%' height='7350' allowtransparency src=http://www.5898.cc/>

http://doudougu.net/cookies.asp?action=stylemod&boardid=0
HTTP/1.1 302 Object moved
Cache-Control: private
Date: Sun, 14 Sep 2014 03:05:33 GMT
Location: index.asp
Server: IIS
Content-Length: 130
Content-Type: text/html; Charset=GB2312
Set-Cookie: skin=skinid%5F0=; expires=Sat, 20-Sep-2014 16:00:00 GMT; path=/
Set-Cookie: DvForum+8%2E2%5Fdoudougu%2Enet=StatUserID=7819804611; expires=Sun, 14-Sep-2014 04:05:32 GMT; path=/
Set-Cookie: ASPSESSIONIDSQBDBRDD=NDHHFCICOEFPPHFOKGKHAGKK; path=/
X-Powered-By: WAF/2.0
clean
http://doudougu.net/show.asp?boardid=0
HTTP/1.1 302 Object moved
Cache-Control: private
Date: Sun, 14 Sep 2014 03:05:34 GMT
Location: showerr.asp?BoardID=0&ErrCodes=54&action=%C2%DB%CC%B3%D5%B9%C7%F8
Server: IIS
Content-Length: 194
Content-Type: text/html; Charset=GB2312
Set-Cookie: geturl=%2Fshow%2Easp%3Fboardid%3D0; path=/
Set-Cookie: DvForum+8%2E2%5Fdoudougu%2Enet=StatUserID=7819804689; expires=Sun, 14-Sep-2014 04:05:34 GMT; path=/
Set-Cookie: ASPSESSIONIDSQBDBRDD=ODHHFCICNPBPMJAAPNIHJMKM; path=/
X-Powered-By: WAF/2.0
clean
http://doudougu.net/showerr.asp?boardid=0&errcodes=54&action=%c2%db%cc%b3%d5%b9%c7%f8
200 OK
Content-Length: 7653
Content-Type: text/html
malicious
Page code contains blacklisted domain: www.5898.cc

...[1484 bytes skipped]...
;"></div><script language="javascript" type="text/javascript">var boardxml='',ISAPI_ReWrite = 0,forum_picurl='skins/Default/';</script>
<div class="header">
<table width="100%">
<tr>

<td style="text-align:right;padding:0px;" valign="bottom"><iframe scrolling='no' frameborder='0' marginheight='0' marginwidth='0' width='100%' height='7350' allowTransparency src=http://www.5898.cc/></iframe></td>
</tr>
</table>
<div class="menu">
<span>
<a href="dv_rss.asp?s=xml&boardid=0"><img src="images/rss.gif" alt="" style="margin-right:5px;" /></a>
<script type="text/javascript">
try{
if(self==top){
document.write('<a href="index.asp?action=frameon" target="_top" title="ÏÔʾ×ó²à°æÃæµ¼º½">×óÀ¸</a>'); right; padding:10px" class="tablebody
...[2540 bytes skipped]...

Malicious iFrame found.
size: 100x7350     
src: http://www.5898.cc/
This URL is marked by Google as suspicious

<iframe scrolling='no' frameborder='0' marginheight='0' marginwidth='0' width='100%' height='7350' allowtransparency src=http://www.5898.cc/>

http://doudougu.net/show.asp?filetype=0&boardid=0
HTTP/1.1 302 Object moved
Cache-Control: private
Date: Sun, 14 Sep 2014 03:05:36 GMT
Location: showerr.asp?BoardID=0&ErrCodes=54&action=%C2%DB%CC%B3%D5%B9%C7%F8
Server: IIS
Content-Length: 194
Content-Type: text/html; Charset=GB2312
Set-Cookie: geturl=%2Fshow%2Easp%3Ffiletype%3D0%26boardid%3D0; path=/
Set-Cookie: DvForum+8%2E2%5Fdoudougu%2Enet=StatUserID=7819804888; expires=Sun, 14-Sep-2014 04:05:36 GMT; path=/
Set-Cookie: ASPSESSIONIDSQBDBRDD=AEHHFCICPGNDDPDEJMGNLIAL; path=/
X-Powered-By: WAF/2.0
clean
http://doudougu.net/show.asp?filetype=1&boardid=0
HTTP/1.1 302 Object moved
Cache-Control: private
Date: Sun, 14 Sep 2014 03:05:37 GMT
Location: showerr.asp?BoardID=0&ErrCodes=54&action=%C2%DB%CC%B3%D5%B9%C7%F8
Server: IIS
Content-Length: 194
Content-Type: text/html; Charset=GB2312
Set-Cookie: geturl=%2Fshow%2Easp%3Ffiletype%3D1%26boardid%3D0; path=/
Set-Cookie: DvForum+8%2E2%5Fdoudougu%2Enet=StatUserID=7819804952; expires=Sun, 14-Sep-2014 04:05:36 GMT; path=/
Set-Cookie: ASPSESSIONIDSQBDBRDD=BEHHFCICLHPFJLFJOEJOFKOE; path=/
X-Powered-By: WAF/2.0
clean
http://doudougu.net/show.asp?filetype=2&boardid=0
HTTP/1.1 302 Object moved
Cache-Control: private
Date: Sun, 14 Sep 2014 03:05:37 GMT
Location: showerr.asp?BoardID=0&ErrCodes=54&action=%C2%DB%CC%B3%D5%B9%C7%F8
Server: IIS
Content-Length: 194
Content-Type: text/html; Charset=GB2312
Set-Cookie: geturl=%2Fshow%2Easp%3Ffiletype%3D2%26boardid%3D0; path=/
Set-Cookie: DvForum+8%2E2%5Fdoudougu%2Enet=StatUserID=7819805017; expires=Sun, 14-Sep-2014 04:05:36 GMT; path=/
Set-Cookie: ASPSESSIONIDSQBDBRDD=CEHHFCICBBLKILOGBFPHBKOL; path=/
X-Powered-By: WAF/2.0
clean
http://doudougu.net/show.asp?filetype=3&boardid=0
HTTP/1.1 302 Object moved
Cache-Control: private
Date: Sun, 14 Sep 2014 03:05:38 GMT
Location: showerr.asp?BoardID=0&ErrCodes=54&action=%C2%DB%CC%B3%D5%B9%C7%F8
Server: IIS
Content-Length: 194
Content-Type: text/html; Charset=GB2312
Set-Cookie: geturl=%2Fshow%2Easp%3Ffiletype%3D3%26boardid%3D0; path=/
Set-Cookie: DvForum+8%2E2%5Fdoudougu%2Enet=StatUserID=7819805088; expires=Sun, 14-Sep-2014 04:05:38 GMT; path=/
Set-Cookie: ASPSESSIONIDSQBDBRDD=DEHHFCICIMGJFEIPBKIIMPNO; path=/
X-Powered-By: WAF/2.0
clean
http://doudougu.net/show.asp?filetype=4&boardid=0
HTTP/1.1 302 Object moved
Cache-Control: private
Date: Sun, 14 Sep 2014 03:05:39 GMT
Location: showerr.asp?BoardID=0&ErrCodes=54&action=%C2%DB%CC%B3%D5%B9%C7%F8
Server: IIS
Content-Length: 194
Content-Type: text/html; Charset=GB2312
Set-Cookie: geturl=%2Fshow%2Easp%3Ffiletype%3D4%26boardid%3D0; path=/
Set-Cookie: DvForum+8%2E2%5Fdoudougu%2Enet=StatUserID=7819805150; expires=Sun, 14-Sep-2014 04:05:38 GMT; path=/
Set-Cookie: ASPSESSIONIDSQBDBRDD=EEHHFCICBEEAAEEHIACJJCIM; path=/
X-Powered-By: WAF/2.0
clean
http://doudougu.net/Query.asp
HTTP/1.1 302 Object moved
Cache-Control: private
Date: Sun, 14 Sep 2014 03:05:40 GMT
Location: showerr.asp?BoardID=0&ErrCodes=60&action=%B7%C3%CE%CA%BD%F0%D7%D6%CB%FE%D3%E9%C0%D6%CD%F8
Server: IIS
Content-Length: 218
Content-Type: text/html; Charset=GB2312
Set-Cookie: DvForum+8%2E2%5Fdoudougu%2Enet=StatUserID=7819805274; expires=Sun, 14-Sep-2014 04:05:40 GMT; path=/
Set-Cookie: ASPSESSIONIDSQBDBRDD=FEHHFCICBFKKCABONNDDICAJ; path=/
X-Powered-By: WAF/2.0
clean
http://doudougu.net/showerr.asp?boardid=0&errcodes=60&action=%b7%c3%ce%ca%bd%f0%d7%d6%cb%fe%d3%e9%c0%d6%cd%f8
200 OK
Content-Length: 7673
Content-Type: text/html
malicious
Page code contains blacklisted domain: www.5898.cc

...[1492 bytes skipped]...
;"></div><script language="javascript" type="text/javascript">var boardxml='',ISAPI_ReWrite = 0,forum_picurl='skins/Default/';</script>
<div class="header">
<table width="100%">
<tr>

<td style="text-align:right;padding:0px;" valign="bottom"><iframe scrolling='no' frameborder='0' marginheight='0' marginwidth='0' width='100%' height='7350' allowTransparency src=http://www.5898.cc/></iframe></td>
</tr>
</table>
<div class="menu">
<span>
<a href="dv_rss.asp?s=xml&boardid=0"><img src="images/rss.gif" alt="" style="margin-right:5px;" /></a>
<script type="text/javascript">
try{
if(self==top){
document.write('<a href="index.asp?action=frameon" target="_top" title="ÏÔʾ×ó²à°æÃæµ¼º½">×óÀ¸right; padding:10px" class="tablebody1" ><b&g
...[2526 bytes skipped]...

Malicious iFrame found.
size: 100x7350     
src: http://www.5898.cc/
This URL is marked by Google as suspicious

<iframe scrolling='no' frameborder='0' marginheight='0' marginwidth='0' width='100%' height='7350' allowtransparency src=http://www.5898.cc/>

http://doudougu.net/plus_popwan.asp
200 OK
Content-Length: 5967
Content-Type: text/html
malicious
Page code contains blacklisted domain: www.5898.cc

...[1480 bytes skipped]...
;"></div><script language="javascript" type="text/javascript">var boardxml='',ISAPI_ReWrite = 0,forum_picurl='skins/Default/';</script>
<div class="header">
<table width="100%">
<tr>

<td style="text-align:right;padding:0px;" valign="bottom"><iframe scrolling='no' frameborder='0' marginheight='0' marginwidth='0' width='100%' height='7350' allowTransparency src=http://www.5898.cc/></iframe></td>
</tr>
</table>
<div class="menu">
<span>
<a href="dv_rss.asp?s=xml&boardid=0"><img src="images/rss.gif" alt="" style="margin-right:5px;" /></a>
<script type="text/javascript">
try{
if(self==top){
document.write('<a href="index.asp?action=frameon" target="_top" title="ÏÔʾ×ó²à°æÃæµ¼º½">×óÀ¸</a>');
ipt language="JavaScript">
...[2522 bytes skipped]...

Malicious iFrame found.
size: 100x7350     
src: http://www.5898.cc/
This URL is marked by Google as suspicious

<iframe scrolling='no' frameborder='0' marginheight='0' marginwidth='0' width='100%' height='7350' allowtransparency src=http://www.5898.cc/>

http://doudougu.net/Plus_popwan/fuc_script.js
200 OK
Content-Length: 2557
Content-Type: application/x-javascript
clean

Malicious Redirects

First query (normal visit):
GET / HTTP/1.1
Host: doudougu.net

Result:
HTTP/1.1 200 OK
Cache-Control: private
Date: Sun, 14 Sep 2014 03:05:17 GMT
Server: IIS
Content-Length: 13152
Content-Type: text/html; Charset=GB2312
Set-Cookie: geturl=%2Findex%2Easp%3F; path=/
Set-Cookie: DvForum+8%2E2%5Fdoudougu%2Enet=StatUserID=7816210393; expires=Sun, 14-Sep-2014 04:05:16 GMT; path=/
Set-Cookie: ASPSESSIONIDSQBDBRDD=GDHHFCICBMIOIKNODNLPJEOP; path=/
Set-Cookie: safedog-flow-item=F9E435B6F260349789AF4631AF6DECB6; expires=Wen, 21-Oct-2150 04:38:33 GMT; domain=doudougu.net; path=/
X-Powered-By: WAF/2.0

...13152 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: doudougu.net
Referer: http://www.google.com/search?q=doudougu.net

Result:
The result is similar to the first query. There are no suspicious redirects found.