Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=yian123.com
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://www.yian123.com/ | 200 OK Content-Length: 239 Content-Type: text/html | suspicious |
Page code contains blacklisted domain: d687ef1ed80f97de.0075.cdn.78302.com <meta http-equiv="Content-Type" content="text/html; charset=gb2312" />
<script language="javascript" type="text/javascript" src="http://d687ef1ed80f97de.0075.cdn.78302.com/nipaiyi/cdn/js/20150201062407003.js?d=www.yian123.com"></script> | ||
http://d687ef1ed80f97de.0075.cdn.78302.com/nipaiyi/cdn/js/20150201062407003.js?d=www.yian123.com | 200 OK Content-Length: 7840 Content-Type: application/x-javascript | malicious |
Malicious code found. Script contains blacklisted domain: www.yian123.com ...[705 bytes skipped]... nt.writeln("<meta name=\"Keywords\" content=\"¡¶2SKK´«Ææ¡·Æ·ÖÊ´ó·þ ×öÄãÕæÕýϲ°®µÄ´«Ææ\"/>"); document.writeln("<meta http-equiv=\"X-UA-Compatible\" content=\"IE=EmulateIE7\" />"); document.writeln("<link rel=\"shortcut icon\" href=\"favicon.ico\" />"); document.writeln("<title>ÈÈѪ´«Ëµ</title>"); document.writeln("<link href=\"http://d687ef1ed80f97de.0075.cdn.78302.com/css/aimir3.css?d=www.yian123.com\" rel=\"stylesheet\" type=\"text/css\" />"); document.writeln("<style type=\"text/css\">"); document.writeln("<!--"); document.writeln("-->"); document.writeln("</style>"); document.writeln("<script src=\"http://d687ef1ed80f97de.0075.cdn.78302.com/Scripts/AC_RunActiveContent.js?d=www.yian123.com\" type=\"text/javascript\"></script>"); document.writeln("<script type=\"text/javascript\">"); document.writeln(" ...[2987 bytes skipped]... Decoded script: ...[415 bytes skipped]... ùÓÐ,ÑϽûתÔØ" /> <meta name="Description" content="¡¶2SKK´«Ææ¡·Æ·ÖÊ´ó·þ ×öÄãÕæÕýϲ°®µÄ´«Ææ"/> <meta name="Keywords" content="¡¶2SKK´«Ææ¡·Æ·ÖÊ´ó·þ ×öÄãÕæÕýϲ°®µÄ´«Ææ"/> <meta http-equiv="X-UA-Compatible" content="IE=EmulateIE7" /> <link rel="shortcut icon" href="favicon.ico" /> <title>ÈÈѪ´«Ëµ</title> <link href="http://d687ef1ed80f97de.0075.cdn.78302.com/css/aimir3.css?d=www.yian123.com" rel="stylesheet" type="text/css" /> <style type="text/css"> <!-- --> </style> <!-- function MM_preloadImages() { //v3.0 var d=document; if(d.images){ if(!d.MM_p) d.MM_p=new Array(); var i,j=d.MM_p.length,a=MM_preloadImages.arguments; for(i=0; i<a.length; i++) if (a[i].indexOf("#")!=0){ d.MM_p[j]=new Image; d.MM_p[j++].src=a[i];}} } function MM_findObj(n, d) { //v4.01 var p,i,x; if(!d) d=docum ...[4566 bytes skipped]... | ||
http://www.yian123.com/test404page.js | 404 Not Found Content-Length: 5217 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: yian123.com
Result:
GET / HTTP/1.1
Host: yian123.com
Result:
Second query (visit from search engine):
GET / HTTP/1.1
Host: yian123.com
Referer: http://www.google.com/search?q=yian123.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: yian123.com
Referer: http://www.google.com/search?q=yian123.com
Result:
The result is similar to the first query. There are no suspicious redirects found.