Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=skluo.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://skluo.com/
Result: The website is marked by Yandex as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Yandex as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
| Request | Server response | Status |
http://skluo.com/ | HTTP/1.1 200 OK Date: Mon, 21 Jul 2014 00:21:01 GMT Accept-Ranges: bytes ETag: "ecef1a8adca3cf1:301" Server: Microsoft-IIS/6.0 Content-Length: 12833 Content-Location: http://skluo.com/index.html Content-Type: text/html Last-Modified: Sun, 20 Jul 2014 05:36:22 GMT X-Powered-By: ASP.NET | clean |
http://skluo.com/index.html | 200 OK Content-Length: 12833 Content-Type: text/html | suspicious |
Page code contains blacklisted domain: sycln.com ...[2209 bytes skipped]... .getElementById("bdshell_js").src = "http://bdimg.share.baidu.com/static/js/shell_v2.js?t=" + new Date().getHours(); </script> </div> </div> <div id="nav"> <div class="nav-top"> <ul> <li class="index"><h1><a href="http://skluo.com/">º¼ÖÝÇØÐÇ»úеÓÐÏÞ¹«Ë¾</a></h1></li> </a></li> <li><a href="http://sycln.com/bcw" target="_blank">²©²ÊÒµ</a></li> <li><a href="http://0411le.com/wwdqwz" target="_blank">¶Ä³¡</a></li> <li><a href="http://16866888.com/zgzqdq" target="_blank">´ó·¢¹ú¼Ê</a></li> <li><a href="http://wangluozhuchiren.com/bckh" target="_blank">»Ê¹ÚͶעÍø</a></li> <li><a href="http://www.bdqcc.com/amdq" target="_blank">¶Ä²©Ç§Êõ</a></li> </u ...[1986 bytes skipped]... | ||
http://skluo.com/common.js | 200 OK Content-Length: 280 Content-Type: application/x-javascript | malicious |
Malicious code found. Script contains blacklisted domain: www.1581588.com var gotourl = "http://www.1581588.com/";
document.writeln("<div style=\"background-color:#FFF;\"><IFRAME border=0 name=I1 align=center marginWidth=0 src=\""+gotourl+"\" frameBorder=0 width=\"100%\" scrolling=no height=4000 target=\"_blank\" target=\"_blank\"><\/IFRAME><\/div>"); Decoded script: <div style="background-color:#FFF;"><IFRAME border=0 name=I1 align=center marginWidth=0 src="http://www.1581588.com/" frameBorder=0 width="100%" scrolling=no height=4000 target="_blank" target="_blank"></IFRAME></div> | ||
http://skluo.com/tj.js | 200 OK Content-Length: 120 Content-Type: application/x-javascript | clean |
http://skluo.com/sitemap.html | 200 OK Content-Length: 28954 Content-Type: text/html | clean |
http://skluo.com/6i888/ | HTTP/1.1 200 OK Date: Mon, 21 Jul 2014 00:21:05 GMT Accept-Ranges: bytes ETag: "8a7fd157d0a3cf1:301" Server: Microsoft-IIS/6.0 Content-Length: 13506 Content-Location: http://skluo.com/6i888/index.html Content-Type: text/html Last-Modified: Sun, 20 Jul 2014 04:09:03 GMT X-Powered-By: ASP.NET | clean |
http://skluo.com/6i888/index.html | 200 OK Content-Length: 13506 Content-Type: text/html | clean |
http://skluo.com/0hj2g/ | HTTP/1.1 200 OK Date: Mon, 21 Jul 2014 00:21:06 GMT Accept-Ranges: bytes ETag: "a882b2341aa3cf1:301" Server: Microsoft-IIS/6.0 Content-Length: 13397 Content-Location: http://skluo.com/0hj2g/index.html Content-Type: text/html Last-Modified: Sat, 19 Jul 2014 06:25:16 GMT X-Powered-By: ASP.NET | clean |
http://skluo.com/0hj2g/index.html | 200 OK Content-Length: 13397 Content-Type: text/html | clean |
http://skluo.com/g0qbd/ | HTTP/1.1 200 OK Date: Mon, 21 Jul 2014 00:21:08 GMT Accept-Ranges: bytes ETag: "2603c3bca3cf1:301" Server: Microsoft-IIS/6.0 Content-Length: 13454 Content-Location: http://skluo.com/g0qbd/index.html Content-Type: text/html Last-Modified: Sat, 19 Jul 2014 04:45:14 GMT X-Powered-By: ASP.NET | clean |
http://skluo.com/g0qbd/index.html | 200 OK Content-Length: 13454 Content-Type: text/html | clean |
http://skluo.com/xocbu/ | HTTP/1.1 200 OK Date: Mon, 21 Jul 2014 00:21:09 GMT Accept-Ranges: bytes ETag: "1066c586dca3cf1:301" Server: Microsoft-IIS/6.0 Content-Length: 13462 Content-Location: http://skluo.com/xocbu/index.html Content-Type: text/html Last-Modified: Sun, 20 Jul 2014 05:36:16 GMT X-Powered-By: ASP.NET | clean |
http://skluo.com/xocbu/index.html | 200 OK Content-Length: 13462 Content-Type: text/html | clean |
http://skluo.com/xocbu/118.html | 200 OK Content-Length: 17268 Content-Type: text/html | clean |
http://skluo.com/6i888/117.html | 200 OK Content-Length: 16884 Content-Type: text/html | clean |
http://skluo.com/0hj2g/116.html | 200 OK Content-Length: 16586 Content-Type: text/html | clean |
http://skluo.com/g0qbd/115.html | 200 OK Content-Length: 17055 Content-Type: text/html | clean |
http://skluo.com/g0qbd/114.html | 200 OK Content-Length: 16814 Content-Type: text/html | clean |
http://skluo.com/0hj2g/113.html | 200 OK Content-Length: 16824 Content-Type: text/html | clean |
http://skluo.com/xocbu/112.html | 200 OK Content-Length: 16795 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: skluo.com
Result:
HTTP/1.1 200 OK
Date: Mon, 21 Jul 2014 00:21:01 GMT
Accept-Ranges: bytes
ETag: "ecef1a8adca3cf1:301"
Server: Microsoft-IIS/6.0
Content-Length: 12833
Content-Location: http://skluo.com/index.html
Content-Type: text/html
Last-Modified: Sun, 20 Jul 2014 05:36:22 GMT
X-Powered-By: ASP.NET
...12833 bytes of data.
GET / HTTP/1.1
Host: skluo.com
Result:
HTTP/1.1 200 OK
Date: Mon, 21 Jul 2014 00:21:01 GMT
Accept-Ranges: bytes
ETag: "ecef1a8adca3cf1:301"
Server: Microsoft-IIS/6.0
Content-Length: 12833
Content-Location: http://skluo.com/index.html
Content-Type: text/html
Last-Modified: Sun, 20 Jul 2014 05:36:22 GMT
X-Powered-By: ASP.NET
...12833 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: skluo.com
Referer: http://www.google.com/search?q=skluo.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: skluo.com
Referer: http://www.google.com/search?q=skluo.com
Result:
The result is similar to the first query. There are no suspicious redirects found.