Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=zbwed.com
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://zbwed.com/ | HTTP/1.1 301 Moved Permanently Cache-Control: private, no-store Date: Sat, 28 Feb 2015 00:32:16 GMT Location: http://www.1797.cc Server: Microsoft-IIS/6.0 Content-Length: 0 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET | clean |
http://www.1797.cc/ | 200 OK Content-Length: 98252 Content-Type: text/html | clean |
http://cpro.baidustatic.com/cpro/ui/c.js | 200 OK Content-Length: 83863 Content-Type: application/x-javascript | clean |
http://zbwed.com/ad/2011g.js0 | HTTP/1.1 301 Moved Permanently Cache-Control: private, no-store Date: Sat, 28 Feb 2015 00:32:24 GMT Location: http://www.1797.cc Server: Microsoft-IIS/6.0 Content-Length: 0 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET | clean |
http://www.1797.cc/test404page.js | HTTP/1.1 200 OK Date: Sat, 28 Feb 2015 00:31:07 GMT Accept-Ranges: bytes ETag: "7897461fa27d01:d1223a" Server: Microsoft-IIS/6.0 Content-Length: 1280 Content-Location: http://www.1797.cc/404.html?404;http://www.1797.cc:80/test404page.js Content-Type: text/html Last-Modified: Mon, 24 Nov 2014 04:50:08 GMT Set-Cookie: safedog-flow-item=CC21B678B2CBBF81090C73E513D52C62; expires=Tue, 6-Arp-2151 03:42:23 GMT; domain=1797.cc; path=/ X-Powered-By: ASP.NET | clean |
http://www.1797.cc/404.html?404;http://www.1797.cc:80/test404page.js | HTTP/1.1 200 OK Date: Sat, 28 Feb 2015 00:31:08 GMT Accept-Ranges: bytes ETag: "7897461fa27d01:d1223a" Server: Microsoft-IIS/6.0 Content-Length: 1280 Content-Location: http://www.1797.cc/404.html?404;http://www.1797.cc:80/test404page.js Content-Type: text/html Last-Modified: Mon, 24 Nov 2014 04:50:08 GMT Set-Cookie: safedog-flow-item=CC21B678B2CBBF81090C73E513D52C62; expires=Tue, 6-Arp-2151 03:42:24 GMT; domain=1797.cc; path=/ X-Powered-By: ASP.NET | clean |
http://zbwed.com/ad/duijiao_ad.js0 | HTTP/1.1 301 Moved Permanently Cache-Control: private, no-store Date: Sat, 28 Feb 2015 00:32:28 GMT Location: http://www.1797.cc Server: Microsoft-IIS/6.0 Content-Length: 0 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET | clean |
http://zbwed.com/ad/addl.js0 | HTTP/1.1 301 Moved Permanently Cache-Control: private, no-store Date: Sat, 28 Feb 2015 00:32:29 GMT Location: http://www.1797.cc Server: Microsoft-IIS/6.0 Content-Length: 0 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET | clean |
http://cpro.baidu.com/cpro/ui/c.js | 200 OK Content-Length: 83863 Content-Type: application/x-javascript | suspicious |
Hidden iFrame found. size: 0x0 src: http://cpro.baidustatic.com/cpro/ui/html/appdetect.html <iframe src="http://cpro.baidustatic.com/cpro/ui/html/appdetect.html" width="0" height="0"align="center,center" marginwidth="0" marginheight="0" scrolling="no" frameborder="0" allowtransparency="true" style="margin-left:{iframmarginleft}px" > | ||
http://s41.cnzz.com/stat.php?id=1736457&web_id=1736457 | 200 OK Content-Length: 10071 Content-Type: application/javascript | clean |
http://cpro.baidustatic.com/cpro/ui/f.js | 200 OK Content-Length: 83863 Content-Type: application/x-javascript | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: zbwed.com
Result:
HTTP/1.1 301 Moved Permanently
Cache-Control: private, no-store
Date: Sat, 28 Feb 2015 00:32:16 GMT
Location: http://www.1797.cc
Server: Microsoft-IIS/6.0
Content-Length: 0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
...0 bytes of data.
GET / HTTP/1.1
Host: zbwed.com
Result:
HTTP/1.1 301 Moved Permanently
Cache-Control: private, no-store
Date: Sat, 28 Feb 2015 00:32:16 GMT
Location: http://www.1797.cc
Server: Microsoft-IIS/6.0
Content-Length: 0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
...0 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: zbwed.com
Referer: http://www.google.com/search?q=zbwed.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: zbwed.com
Referer: http://www.google.com/search?q=zbwed.com
Result:
The result is similar to the first query. There are no suspicious redirects found.