Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=ysbbcrypsc.com
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://www.ysbbcrypsc.com/ | 200 OK Content-Length: 48177 Content-Type: text/html | suspicious |
Page code contains blacklisted domain: www.cq6688.com ...[3315 bytes skipped]... </TBODY></TABLE></TD></TR></TBODY></TABLE></div> </TD></TR></TABLE> <TABLE border=0 cellSpacing=0 cellPadding=0 width=980 align=center > <TBODY> <TR> <TD style="LINE-HEIGHT: 24px; FONT-FAMILY: Arial, Helvetica, sans-serif; COLOR: #ccc; FONT-SIZE: 12px" align=middle><P><A href="http://www.cq6688.com/gfdl/" target=_blank><IMG style="WIDTH: 978px; HEIGHT: 84px" src="img/gg-yinjin.gif" width=900 height=80></A></P> <P><IMG title=01 border=0 src="img/20120913172934049.jpg" width=981><BR>ҹɫ±¦±´³ÉÈËÓÃÆ·ÉÌ³Ç ¹«Ë¾µØÖ·£ºÉîÛÚÊи£ÌïÇø<FONT face=Verdana>¸£Ìï´óÏÃ</FONT>¡¡¡¡ÉîÛÚ·Ö²¿µØÖ·£º<FONT face=Verdana>ÉîÛÚÁú¸ÚÇø²¼¼ªÂ·ÌìÀÖ´óÏÃ</FONT><BR>µç¡¡»°£º13602516263 ÊÖ¡¡»ú£º13602516263&nbs ...[800 bytes skipped]... | ||
http://count26.51yes.com/click.aspx?id=267471813&logo=12 | 200 OK Content-Length: 1694 Content-Type: text/html | clean |
http://count26.51yes.com/test404page.js | 404 Not Found Content-Length: 1308 Content-Type: text/html | clean |
http://www.ysbbcrypsc.com/001.js | 200 OK Content-Length: 307 Content-Type: application/x-javascript | malicious |
Malicious code found. Script contains blacklisted domain: www.cq6688.com document.writeln("<div style=\"position: fixed; right:0%; bottom: 0px\" ;=\"\" id=\"rightdiv1\">");
document.writeln("<a target=\"_blank\" href=\"http://www.cq6688.com/zxt\"><img border=\"0\" src=\"img/ww11.gif\" width=\"300\" height=\"250\"></a>"); document.writeln("<br>"); document.writeln("</div>"); Decoded script: <div style="position: fixed; right:0%; bottom: 0px" ;="" id="rightdiv1"> <a target="_blank" href="http://www.cq6688.com/zxt"><img border="0" src="img/ww11.gif" width="300" height="250"></a> <br> </div> | ||
http://www.ysbbcrypsc.com/ad-01.js | 200 OK Content-Length: 1448 Content-Type: application/x-javascript | malicious |
Malicious code found. Script contains blacklisted domain: www.cq6688.com ...[774 bytes skipped]... 0;var diff = (document.body.scrollTop + y - document.all.AdLayer2.style.posTop)*.40; var y = document.body.scrollTop + y - diff; eval("document.all." + layerName + ".style.posTop = y"); eval("document.all." + layerName + ".style.posRight = x"); setTimeout("MoveRightLayer('AdLayer2');", 20); } document.write("<div id=AdLayer1 style='position: absolute;visibility:hidden;z-index:1'><a href='http://www.cq6688.com/gfdl/' target='_blank'><img src=img/d22.gif border='0'></a></div>" +"<div id=AdLayer2 style='position: absolute;visibility:hidden;z-index:1'><a href='http://www.cq6688.com/gfdl/' target='_blank'><img src=img/d11.gif border='0'></a></div>"); initEcAd() Decoded script: <div id=AdLayer1 style='position: absolute;visibility:hidden;z-index:1'><a href='http://www.cq6688.com/gfdl/' target='_blank'><img src=img/d22.gif border='0'></a></div><div id=AdLayer2 style='position: absolute;visibility:hidden;z-index:1'><a href='http://www.cq6688.com/gfdl/' target='_blank'><img src=img/d11.gif border='0'></a></div> |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: ysbbcrypsc.com
Result:
GET / HTTP/1.1
Host: ysbbcrypsc.com
Result:
Second query (visit from search engine):
GET / HTTP/1.1
Host: ysbbcrypsc.com
Referer: http://www.google.com/search?q=ysbbcrypsc.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: ysbbcrypsc.com
Referer: http://www.google.com/search?q=ysbbcrypsc.com
Result:
The result is similar to the first query. There are no suspicious redirects found.