Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=tt5yy.com
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://tt5yy.com/ | HTTP/1.1 200 OK Date: Fri, 03 Oct 2014 11:48:36 GMT Accept-Ranges: bytes ETag: "627872685addcf1:b77" Server: Microsoft-IIS/6.0 Content-Length: 68560 Content-Location: http://tt5yy.com/index.html Content-Type: text/html Last-Modified: Wed, 01 Oct 2014 09:30:58 GMT X-Powered-By: ASP.NET | clean |
http://tt5yy.com/index.html | 200 OK Content-Length: 68560 Content-Type: text/html | clean |
http://tt5yy.com/js/common.js | 200 OK Content-Length: 8205 Content-Type: application/x-javascript | clean |
http://tt5yy.com/js/function.js | 200 OK Content-Length: 14229 Content-Type: application/x-javascript | clean |
http://tt5yy.com/js/max_history.js | 200 OK Content-Length: 5643 Content-Type: application/x-javascript | clean |
http://tt5yy.com/js/ads/2.js | 200 OK Content-Length: 684 Content-Type: application/x-javascript | suspicious |
Page code contains blacklisted domain: js.union.doudouguo.com document.writeln("<script type=\"text\/javascript\" src=\"http:\/\/www.yinhelink.com\/tulian\/950x90.js\"><\/script>")
document.write("<script type=\'text\/javascript\'>"); document.write(" ddgu_uid = \'12173\';"); document.write(" ddgu_zid = \'11543\';"); document.write(" ddgu_type = \'1\'; "); document.write(" ddgu_w = \'960\';"); document.write(" ddgu_h = \'90\';"); document.write(" ddgu_row = \'1\';"); document.write(" ddgu_col = \'1\';"); document.write(" ddgu_fd_type = \'5\';"); document.write(" ddgu_pf = \'0\';"); document.write("<\/script>"); document.write("<script src=\'http:\/\/js.union.doudouguo.com\/cpro.js\'><\/script>"); | ||
http://tt5yy.com/js/ads/3.js | 200 OK Content-Length: 564 Content-Type: application/x-javascript | suspicious |
Page code contains blacklisted domain: js.union.doudouguo.com document.write("<script type=\'text\/javascript\'>");
document.write(" ddgu_uid = \'12173\';"); document.write(" ddgu_zid = \'11543\';"); document.write(" ddgu_type = \'1\'; "); document.write(" ddgu_w = \'960\';"); document.write(" ddgu_h = \'90\';"); document.write(" ddgu_row = \'1\';"); document.write(" ddgu_col = \'1\';"); document.write(" ddgu_fd_type = \'5\';"); document.write(" ddgu_pf = \'0\';"); document.write("<\/script>"); document.write("<script src=\'http:\/\/js.union.doudouguo.com\/cpro.js\'><\/script>"); | ||
http://tt5yy.com/js/ads/1.js | 200 OK Content-Length: 0 Content-Type: application/x-javascript | clean |
http://js.users.51.la/15179689.js | 200 OK Content-Length: 1980 Content-Type: application/x-javascript | clean |
http://tt5yy.com/js/ads/7.js | 200 OK Content-Length: 84 Content-Type: application/x-javascript | clean |
http://tt5yy.com/js/ads/21.js | 200 OK Content-Length: 0 Content-Type: application/x-javascript | clean |
http://tt5yy.com/gbook.asp | 200 OK Content-Length: 13973 Content-Type: text/html | clean |
http://tt5yy.com/js/ads/16.js | 200 OK Content-Length: 454 Content-Type: application/x-javascript | suspicious |
Page code contains blacklisted domain: js.union.doudouguo.com document.writeln("<script type=\"text\/javascript\">");
document.writeln("ddgu_uid=\"12173\";"); document.writeln("ddgu_wid=\"12601\";"); document.writeln("ddgu_zid=\"17014\";"); document.writeln("ddgu_aid=\"32\";"); document.writeln("ddgu_type=\"4\";"); document.writeln("ddgu_w=\"336\";"); document.writeln("ddgu_h=\"280\";"); document.writeln("<\/script>"); document.writeln("<script src=\"http:\/\/js.union.doudouguo.com\/c.js\"><\/script>") | ||
http://tt5yy.com/js/ads/17.js | 200 OK Content-Length: 0 Content-Type: application/x-javascript | clean |
http://tt5yy.com/top/new.html | 200 OK Content-Length: 14791 Content-Type: text/html | clean |
http://tt5yy.com/top/ | 403 Forbidden Content-Length: 218 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: tt5yy.com
Result:
HTTP/1.1 200 OK
Date: Fri, 03 Oct 2014 11:48:36 GMT
Accept-Ranges: bytes
ETag: "627872685addcf1:b77"
Server: Microsoft-IIS/6.0
Content-Length: 68560
Content-Location: http://tt5yy.com/index.html
Content-Type: text/html
Last-Modified: Wed, 01 Oct 2014 09:30:58 GMT
X-Powered-By: ASP.NET
...68560 bytes of data.
GET / HTTP/1.1
Host: tt5yy.com
Result:
HTTP/1.1 200 OK
Date: Fri, 03 Oct 2014 11:48:36 GMT
Accept-Ranges: bytes
ETag: "627872685addcf1:b77"
Server: Microsoft-IIS/6.0
Content-Length: 68560
Content-Location: http://tt5yy.com/index.html
Content-Type: text/html
Last-Modified: Wed, 01 Oct 2014 09:30:58 GMT
X-Powered-By: ASP.NET
...68560 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: tt5yy.com
Referer: http://www.google.com/search?q=tt5yy.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: tt5yy.com
Referer: http://www.google.com/search?q=tt5yy.com
Result:
The result is similar to the first query. There are no suspicious redirects found.