Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=szndl.com
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://szndl.com/ | HTTP/1.1 200 OK Date: Thu, 26 Jun 2014 12:21:17 GMT Accept-Ranges: bytes ETag: "d631eacfc353cf1:c7b6" Server: Microsoft-IIS/6.0 Content-Length: 20018 Content-Location: http://szndl.com/index.html Content-Type: text/html Last-Modified: Wed, 09 Apr 2014 07:17:48 GMT X-Powered-By: ASP.NET | clean |
http://szndl.com/index.html | 200 OK Content-Length: 20018 Content-Type: text/html | suspicious |
Page code contains blacklisted domain: www.181178.com ...[494 bytes skipped]... ¼ÒÀÖȫѶÍøÊÇȨÍþµÄ²©²ÊÓéÀÖµ¼º½ÍøÕ¾,¼°Ê±ÊÕ¼°üÀ¨»Ê¹Ú×ãÇòÍøÖ·¡¢Ôƶ¦ÍøÖ·¡¢½ðɳÍøÖ·¡¢°Ù¼ÒÀÖÍøÖ·µÈÊÀ½çÈÈÃŵIJ©²ÊÍøÕ¾¡£ " /><link href="skins/2009/css/sdcms.css" rel="stylesheet" type="text/css" /><script>var webdir="/";</script><script src="/editor/jquery.js" language="javascript"></script><script src="/skins/2009/js/sdcms.js" language="javascript"></script><SCRIPT language=JavaScript src="http://www.181178.com/qq.js"></SCRIPT><style><!--.s_nav{height:45px}p{margin:0;padding:0;list-style:none}.s_nav a{color:#0000cc;font-size:14px}.s_nav .s_logo{margin-right:20px;float:left}--></style></head><body><div class="width"><div id="top_logo"><a class="s_logo" onmousedown="return c({'fm':'tab','tab':'logo'})" href="http://www.baidu.com/"><img title="µ½°Ù¶ÈÊ×Ò³" border="0" alt="µ½°Ù¶ÈÊ×Ò³" src="http://www.baidu.com/img/baidu_jgylogo3.gif" ...[23407 bytes skipped]... | ||
http://szndl.com/editor/jquery.js | 200 OK Content-Length: 72328 Content-Type: application/x-javascript | clean |
http://szndl.com/skins/2009/js/sdcms.js | 200 OK Content-Length: 13293 Content-Type: application/x-javascript | clean |
http://www.181178.com/qq.js | 200 OK Content-Length: 166 Content-Type: application/x-javascript | malicious |
Malicious code found. Script contains blacklisted domain: www.5780.com document.writeln("<IFRAME border=0 name=I1 align=center marginWidth=0 src=\" http://www.5780.com/\" frameBorder=0 width=\"1360\" scrolling=no height=8158></IFRAME>"); Decoded script: <IFRAME border=0 name=I1 align=center marginWidth=0 src=" http://www.5780.com/" frameBorder=0 width="1360" scrolling=no height=8158></IFRAME> | ||
http://count16.51yes.com/click.aspx?id=160190615&logo=7 | 200 OK Content-Length: 1777 Content-Type: text/html | clean |
http://count16.51yes.com/test404page.js | 404 Not Found Content-Length: 1308 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: szndl.com
Result:
HTTP/1.1 200 OK
Date: Thu, 26 Jun 2014 12:21:17 GMT
Accept-Ranges: bytes
ETag: "d631eacfc353cf1:c7b6"
Server: Microsoft-IIS/6.0
Content-Length: 20018
Content-Location: http://szndl.com/index.html
Content-Type: text/html
Last-Modified: Wed, 09 Apr 2014 07:17:48 GMT
X-Powered-By: ASP.NET
...20018 bytes of data.
GET / HTTP/1.1
Host: szndl.com
Result:
HTTP/1.1 200 OK
Date: Thu, 26 Jun 2014 12:21:17 GMT
Accept-Ranges: bytes
ETag: "d631eacfc353cf1:c7b6"
Server: Microsoft-IIS/6.0
Content-Length: 20018
Content-Location: http://szndl.com/index.html
Content-Type: text/html
Last-Modified: Wed, 09 Apr 2014 07:17:48 GMT
X-Powered-By: ASP.NET
...20018 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: szndl.com
Referer: http://www.google.com/search?q=szndl.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: szndl.com
Referer: http://www.google.com/search?q=szndl.com
Result:
The result is similar to the first query. There are no suspicious redirects found.