Scanned pages/files
Request | Server response | Status |
http://wdsgzj.com/ | 200 OK Content-Length: 29895 Content-Type: text/html | suspicious |
Page code contains blacklisted domain: www.fcqc.com <script language=javascript src=http://www.haofbi.com/js/w.js></script><script language=javascript src=http://www.haofbi.com/js/w.js></script><script language=javascript src=http://www.haofbi.com/js/w.js></script><script language=javascript src=http://www.haofbi.com/js/w.js></script>
<script language=javascript src=http://www.haofbi.com/js/w.js></script><script language=javascript src ...[4240 bytes skipped]... | ||
http://www.haofbi.com/js/w.js | HTTP/1.1 302 Found Connection: close Date: Sun, 05 Oct 2014 00:35:22 GMT Location: http://sameid.net/limit.html Server: Apache/2.4.6 (Ubuntu) Content-Length: 212 Content-Type: text/html; charset=iso-8859-1 Set-Cookie: uri=%2Fjs%2Fw%2Ejs;Path=/;Max-Age=31536000 Set-Cookie: ref=direct;Path=/;Max-Age=31536000 | clean |
http://sameid.net/limit.html | 500 timeout Content-Length: 30 Content-Type: text/plain | clean |
http://sameid.net/test404page.js | 500 timeout Content-Length: 30 Content-Type: text/plain | clean |
http://wdsgzj.com/js/popup/jquery-1.4.3.min.js | 200 OK Content-Length: 2629 Content-Type: application/x-javascript | clean |
http://wdsgzj.com/js/droppy.js | 200 OK Content-Length: 1051 Content-Type: application/x-javascript | clean |
http://wdsgzj.com/js/thickbox.js | 200 OK Content-Length: 2631 Content-Type: application/x-javascript | clean |
http://wdsgzj.com/js/helper.js | 200 OK Content-Length: 17109 Content-Type: application/x-javascript | clean |
http://wdsgzj.com/js/png.js | 200 OK Content-Length: 2072 Content-Type: application/x-javascript | clean |
http://tui.cnzz.net/cs.php?id=1000015796 | 200 OK Content-Length: 0 Content-Type: application/x-javascript | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: wdsgzj.com
Result:
HTTP/1.1 200 OK
Cache-Control: private
Date: Sun, 05 Oct 2014 00:36:18 GMT
Server: Microsoft-IIS/6.0
Content-Length: 29895
Content-Type: text/html
Set-Cookie: ASPSESSIONIDASABRAAQ=IJKHINIDGIPNLDHHGABMHKBF; path=/
X-Powered-By: ASP.NET
...29895 bytes of data.
GET / HTTP/1.1
Host: wdsgzj.com
Result:
HTTP/1.1 200 OK
Cache-Control: private
Date: Sun, 05 Oct 2014 00:36:18 GMT
Server: Microsoft-IIS/6.0
Content-Length: 29895
Content-Type: text/html
Set-Cookie: ASPSESSIONIDASABRAAQ=IJKHINIDGIPNLDHHGABMHKBF; path=/
X-Powered-By: ASP.NET
...29895 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: wdsgzj.com
Referer: http://www.google.com/search?q=wdsgzj.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: wdsgzj.com
Referer: http://www.google.com/search?q=wdsgzj.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=wdsgzj.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://wdsgzj.com/
Result: wdsgzj.com is not infected or malware details are not published yet.
Result: wdsgzj.com is not infected or malware details are not published yet.