Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=wytsdh.com
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
| Request | Server response | Status |
http://wytsdh.com/ | HTTP/1.1 200 OK Date: Thu, 29 Jan 2015 18:21:03 GMT Accept-Ranges: bytes ETag: "a65518ee7934d01:11ae" Server: Microsoft-IIS/6.0 Content-Length: 60678 Content-Location: http://wytsdh.com/index.htm Content-Type: text/html Last-Modified: Tue, 20 Jan 2015 06:25:48 GMT X-Powered-By: ASP.NET | clean |
http://wytsdh.com/index.htm | 200 OK Content-Length: 60678 Content-Type: text/html | suspicious |
Page code contains blacklisted domain: www.hrsdh.in ...[728 bytes skipped]... t;script src="http://s22.cnzz.com/stat.php?id=5865912&web_id=5865912" language="JavaScript"></script></div> <script language='javascript' type='text/javascript'> ¡¡¡¡ </script> <div class="wrapper"> <table cellspacing=0 cellpadding=0 width="900" height="25" border=0 bgColor=#8E8E8E> <tr> <SCRIPT type=text/javascript src="http://www.hrsdh.in/ads1.js"></SCRIPT> <td width=45><font color=#930000 style='font-size: 14px'>¹«¸æ£º</font></td> <td width=855><font color=#930000 style='font-size: 14px'>ÎåÔÂÌìÉ«µ¼º½ÏÖÒѸİ棬±ØÐëÌá½»Õ¾µãÊÕ¼·ñÔòÊÕ¼²»µ½¡£Ê×Ò³½«±ä³ÉËæ»úµ÷תÁ´½Ó£¬ÓÌÔ¥¹¤×÷Á¿Ì«´ó¾¡ÇëÁ½âIPÖÊÁ¿²»»á¼õÍË£¡</font> </td> </tr> </table> <SPAN style="display:none"></SPAN> <table width="900" height="70" borde ...[3542 bytes skipped]... | ||
http://s22.cnzz.com/stat.php?id=5865912&web_id=5865912 | 200 OK Content-Length: 10069 Content-Type: application/javascript | clean |
http://www.hrsdh.in/ads1.js | 200 OK Content-Length: 1796 Content-Type: application/x-javascript | clean |
http://wytsdh.com/<script src= | 404 Not Found Content-Length: 1308 Content-Type: text/html | clean |
http://wytsdh.com/test404page.js | 404 Not Found Content-Length: 1308 Content-Type: text/html | clean |
http://wytsdh.com/tan.js | 500 timeout Content-Length: 30 Content-Type: text/plain | clean |
http://www.hrsdh.in/duilian.js | 500 timeout Content-Length: 30 Content-Type: text/plain | clean |
http://www.hrsdh.in/you.js | 200 OK Content-Length: 315 Content-Type: application/x-javascript | malicious |
Malicious code found. Script contains blacklisted domain: www.66ml.in document.writeln("<script type=\"text/javascript\">");
document.writeln("banner4_iframe=null;"); document.writeln("banner4_ifrv=0;"); document.writeln("banner4_iframe=window.open(\'http://www.66ml.in',\'_blank\');"); document.writeln("if(banner4_iframe!=null)banner4_ifrv=1;"); document.writeln("</script>"); Decoded script: banner4_iframe=null; banner4_ifrv=0; banner4_iframe=window.open('http://www.66ml.in','_blank'); if(banner4_iframe!=null)banner4_ifrv=1; | ||
http://www.hrsdh.in/zuo.js | 200 OK Content-Length: 788 Content-Type: application/x-javascript | clean |
http://www.hrsdh.in/ads2.js | 200 OK Content-Length: 1203 Content-Type: application/x-javascript | clean |
http://www.hrsdh.in/ads3.js | 200 OK Content-Length: 651 Content-Type: application/x-javascript | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: wytsdh.com
Result:
HTTP/1.1 200 OK
Date: Thu, 29 Jan 2015 18:21:03 GMT
Accept-Ranges: bytes
ETag: "a65518ee7934d01:11ae"
Server: Microsoft-IIS/6.0
Content-Length: 60678
Content-Location: http://wytsdh.com/index.htm
Content-Type: text/html
Last-Modified: Tue, 20 Jan 2015 06:25:48 GMT
X-Powered-By: ASP.NET
...60678 bytes of data.
GET / HTTP/1.1
Host: wytsdh.com
Result:
HTTP/1.1 200 OK
Date: Thu, 29 Jan 2015 18:21:03 GMT
Accept-Ranges: bytes
ETag: "a65518ee7934d01:11ae"
Server: Microsoft-IIS/6.0
Content-Length: 60678
Content-Location: http://wytsdh.com/index.htm
Content-Type: text/html
Last-Modified: Tue, 20 Jan 2015 06:25:48 GMT
X-Powered-By: ASP.NET
...60678 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: wytsdh.com
Referer: http://www.google.com/search?q=wytsdh.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: wytsdh.com
Referer: http://www.google.com/search?q=wytsdh.com
Result:
The result is similar to the first query. There are no suspicious redirects found.