Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=www822ss.com
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: www822ss.com
Result:
HTTP/1.1 200 OK
Date: Wed, 04 Mar 2015 20:50:37 GMT
Accept-Ranges: bytes
ETag: "8a837c75c955d01:41a"
Server: Microsoft-IIS/6.0
Content-Length: 9601
Content-Location: http://www822ss.com/Default.htm
Content-Type: text/html
Last-Modified: Tue, 03 Mar 2015 15:48:14 GMT
X-Powered-By: ASP.NET
...9601 bytes of data.
GET / HTTP/1.1
Host: www822ss.com
Result:
HTTP/1.1 200 OK
Date: Wed, 04 Mar 2015 20:50:37 GMT
Accept-Ranges: bytes
ETag: "8a837c75c955d01:41a"
Server: Microsoft-IIS/6.0
Content-Length: 9601
Content-Location: http://www822ss.com/Default.htm
Content-Type: text/html
Last-Modified: Tue, 03 Mar 2015 15:48:14 GMT
X-Powered-By: ASP.NET
...9601 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: www822ss.com
Referer: http://www.google.com/search?q=www822ss.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: www822ss.com
Referer: http://www.google.com/search?q=www822ss.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Scanned pages/files
Request | Server response | Status |
http://www822ss.com/ | HTTP/1.1 200 OK Date: Wed, 04 Mar 2015 20:50:37 GMT Accept-Ranges: bytes ETag: "8a837c75c955d01:41a" Server: Microsoft-IIS/6.0 Content-Length: 9601 Content-Location: http://www822ss.com/Default.htm Content-Type: text/html Last-Modified: Tue, 03 Mar 2015 15:48:14 GMT X-Powered-By: ASP.NET | clean |
http://www822ss.com/default.htm | 200 OK Content-Length: 9601 Content-Type: text/html | clean |
http://www822ss.com/client.js | 200 OK Content-Length: 0 Content-Type: application/x-javascript | clean |
http://www.xxx130.com/dianying/ad4.js | 404 Not Found Content-Length: 9483 Content-Type: text/html | clean |
http://www.xxx130.com/dianying/exit.js | 404 Not Found Content-Length: 9483 Content-Type: text/html | clean |
http://e.ku63.com/js/cpc_wz_tw_stxw.js | 200 OK Content-Length: 1448 Content-Type: application/x-javascript | clean |
http://e.ku63.com/js/cpc_wz_tw_stxw_fd.js | 500 timeout Content-Length: 30 Content-Type: text/plain | clean |
http://e.ku63.com/test404page.js | 404 Not Found Content-Length: 5085 Content-Type: text/html | clean |
http://t.ku63.com/t.asp?u=36166&t=3&m=4&j=30&n= | 200 OK Content-Length: 1374 Content-Type: text/html | clean |
http://t.ku63.com/js/w/_70e_T20140326.js | 200 OK Content-Length: 3284 Content-Type: application/x-javascript | clean |
http://t.ku63.com/js/t_20141209.js | 200 OK Content-Length: 13540 Content-Type: application/x-javascript | clean |
http://u034024.778669.com/fshow.php?id=158595 | HTTP/1.1 302 Moved Temporarily Cache-Control: no-cache, must-revalidate Connection: close Date: Wed, 04 Mar 2015 20:49:58 GMT Location: http://think87.peowin.com/p.php?id=158595 Server: nginx/1.0.11 Content-Type: text/html P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" X-Powered-By: PHP/5.3.8 | clean |
http://think87.peowin.com/p.php?id=158595 | 200 OK Content-Length: 15279 Content-Type: text/html | clean |
http://pv.778669.com/ppdisplay.php?sid=57561&topu='+encodeURIComponent(document.location)+'&referer='+encodeURIComponent(document.referrer)+rTerm1.buildPara1()+' | 200 OK Content-Length: 0 Content-Type: text/html | clean |
http://js.tongji.linezing.com/2993663/tongji.js?20150305 | 200 OK Content-Length: 12831 Content-Type: application/x-javascript | clean |
http://js.users.51.la/4861867.js | 200 OK Content-Length: 1979 Content-Type: application/x-javascript | clean |
http://www822ss.com/top.js | 200 OK Content-Length: 611 Content-Type: application/x-javascript | clean |