Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=follimon.com
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
| Request | Server response | Status |
http://follimon.com/ | 200 OK Content-Length: 240 Content-Type: text/html | suspicious |
Page code contains blacklisted domain: d687ef1ed80f97de.0075.cdn.78302.com <meta http-equiv="Content-Type" content="text/html; charset=gb2312" />
<script language="javascript" type="text/javascript" src="http://d687ef1ed80f97de.0075.cdn.78302.com/nipaiyi/cdn/js/20150201092438001.js?d=www.follimon.com"></script> | ||
http://d687ef1ed80f97de.0075.cdn.78302.com/nipaiyi/cdn/js/20150201092438001.js?d=www.follimon.com | 200 OK Content-Length: 38611 Content-Type: application/x-javascript | malicious |
Malicious code found. Script contains blacklisted domain: www.follimon.com ...[3889 bytes skipped]... }"); document.writeln("window.onscroll=scall;"); document.writeln("window.onresize=scall;"); document.writeln("window.onload=scall;"); document.writeln("//-->"); document.writeln("</SCRIPT>"); document.writeln("</body>"); document.writeln("</html>"); document.writeln("<script language=\"javascript\" type=\"text/javascript\" src=\"http://anti-ddos.78302.com/antiddos/safe.js?d=www.follimon.com\"></script>"); Decoded script: ...[2435 bytes skipped]... w>ONSÒ»Ò¹½»ÓÑ1Çø</font></a></td> <td align="center"><a href="http://www.baidu.com" class="STYLE1"><font color=yellow>ONSÒ»Ò¹½»ÓÑ2Çø</font></a></td> </tr> <tr> <td height="30" align="center"><a href="http://www.91liao.com/Register.asp?id=a1-5921" ><img src="http://d687ef1ed80f97de.0075.cdn.78302.com/button3.gif?d=www.follimon.com" width="155" height="54" border="0" alt="µã»÷½øÈë"/></a></td> <td align="center"><a href="http://www.91liao.com/Register.asp?id=a1-5921" ><img src="http://d687ef1ed80f97de.0075.cdn.78302.com/button3.gif?d=www.follimon.com" width="155" height="54" border="0" alt="µã»÷½øÈë"/></a></td> </tr> </table></td> </tr> <tr> <td height="23" colspan="5" align="cente ...[23029 bytes skipped]... | ||
http://follimon.com/test404page.js | 404 Not Found Content-Length: 5228 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: follimon.com
Result:
HTTP/1.1 200 OK
Cache-Control: 604800
Connection: close
Date: Thu, 26 Feb 2015 13:09:07 GMT
Accept-Ranges: bytes
ETag: "5afca8d8bd3dd01:0"
Server: nginx/1.6.2
Content-Length: 240
Content-Type: text/html
Last-Modified: Sun, 01 Feb 2015 01:24:38 GMT
X-Powered-By: ASP.NET
...240 bytes of data.
GET / HTTP/1.1
Host: follimon.com
Result:
HTTP/1.1 200 OK
Cache-Control: 604800
Connection: close
Date: Thu, 26 Feb 2015 13:09:07 GMT
Accept-Ranges: bytes
ETag: "5afca8d8bd3dd01:0"
Server: nginx/1.6.2
Content-Length: 240
Content-Type: text/html
Last-Modified: Sun, 01 Feb 2015 01:24:38 GMT
X-Powered-By: ASP.NET
...240 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: follimon.com
Referer: http://www.google.com/search?q=follimon.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: follimon.com
Referer: http://www.google.com/search?q=follimon.com
Result:
The result is similar to the first query. There are no suspicious redirects found.