Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=haose.eu
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://haose.eu/ | 200 OK Content-Length: 16488 Content-Type: text/html | clean |
http://x3.xclicks.net/js2/x6358.js | 200 OK Content-Length: 714 Content-Type: application/x-javascript | clean |
http://haose.eu/js/dt.js | 200 OK Content-Length: 15168 Content-Type: application/x-javascript | clean |
http://haose.eu/js/shijian.js | 200 OK Content-Length: 886 Content-Type: application/x-javascript | clean |
http://static.clickpapa.com/c.js | 200 OK Content-Length: 5559 Content-Type: application/x-javascript | suspicious |
Suspicious code. Script contains iFrame. (function ()
{ var dc = { id: 0, width: 0, height: 0, client: 0 }; var codes_domain = 'www.clickpapa.com'; dv = function(option) { var option_name = "clickpapa_ad_"+option; if (window[option_name] != undefined && window[option_name] != "") return window[option_name]; else return dc[option_name]; }; if(window.ClickPapa == und ...[4047 bytes skipped]... Decoded script: <iframe src='http://www.clickpapa.com/d.php?&id=undefined&client=undefined&keywords="My Title"&count=1&screen_size="undefinedxundefined"&browser="Netscape-4"&OS="Windows XP"&lang="undefined"&cookie="true"' frameborder='0' scrolling='no' name='cft-1' id='cft-1' width='undefined' height='undefined'></iframe> | ||
http://plug.plugerr.com/widget/1nu | 200 OK Content-Length: 44 Content-Type: text/javascript | clean |
http://www.ipcounter.de/countnew.php?u=68929456&c=pink | 200 OK Content-Length: 243 Content-Type: text/html | clean |
http://www.ipcounter.de/count_js.php?u=68929456&color=pink | 200 OK Content-Length: 230 Content-Type: text/javascript | clean |
http://www.ipcounter.de/test404page.js | 200 OK Content-Length: 0 Content-Type: text/html | clean |
http://js.users.51.la/15853218.js | 200 OK Content-Length: 1979 Content-Type: application/x-javascript | clean |
http://langmm.cf/js/float.js | 200 OK Content-Length: 259 Content-Type: text/javascript | clean |
http://qihuu.pw/js/tan.js | 200 OK Content-Length: 2459 Content-Type: application/x-javascript | clean |
http://daoda.cf/js/right.js | 200 OK Content-Length: 258 Content-Type: text/javascript | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: haose.eu
Result:
HTTP/1.1 200 OK
Connection: close
Date: Thu, 05 Mar 2015 09:22:09 GMT
Server: kangle/3.4.6
Content-Length: 16488
Content-Type: text/html
Last-Modified: Fri, 13 Feb 2015 16:12:31 GMT
...16488 bytes of data.
GET / HTTP/1.1
Host: haose.eu
Result:
HTTP/1.1 200 OK
Connection: close
Date: Thu, 05 Mar 2015 09:22:09 GMT
Server: kangle/3.4.6
Content-Length: 16488
Content-Type: text/html
Last-Modified: Fri, 13 Feb 2015 16:12:31 GMT
...16488 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: haose.eu
Referer: http://www.google.com/search?q=haose.eu
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: haose.eu
Referer: http://www.google.com/search?q=haose.eu
Result:
The result is similar to the first query. There are no suspicious redirects found.