Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=zz.zhixinn.com
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://zz.zhixinn.com/ | HTTP/1.1 302 Moved Temporarily Connection: close Date: Thu, 15 Jan 2015 11:47:06 GMT Location: http://www.zhixinn.com/f/allcity.php Server: Microsoft-IIS/6.0 Content-Type: text/html Set-Cookie: USR=0mthcdkx%090%091421322426%09http%3A%2F%2Fzz.zhixinn.com%2Findex.php Set-Cookie: From_City=0; expires=Wed, 15-Jan-2014 11:47:06 GMT; path=/; domain=zhixinn.com X-Powered-By: ASP.NET X-Powered-By: PHP/5.2.8 | clean |
http://www.zhixinn.com/f/allcity.php | 200 OK Content-Length: 81498 Content-Type: text/html | suspicious |
Page code contains blacklisted domain: chengde.zhixinn.com <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <!-- --> <head><title>ÖªÐÅÍø - ´òÔìÖйú×îºÃµÄ·ÖÀàÐÅÏ¢ÍøÕ¾ Ãâ·Ñä¯ÀÀ Ãâ·Ñ·¢²¼ÐÅÏ¢ÍøÕ¾ </title> <link rel="stylesheet" type="text/css" href="http://www.zhixinn.com/f/images/default/default.css"> ...[4416 bytes skipped]... | ||
http://pt.rbc.cn/AShow.aspx?AID=11790 | 500 timeout Content-Length: 30 Content-Type: text/plain | clean |
http://pt.rbc.cn/test404page.js | 404 Not Found Content-Length: 1163 Content-Type: text/html | clean |
http://www.zhixinn.com/images/default/inc.js | 200 OK Content-Length: 3119 Content-Type: application/x-javascript | clean |
http://www.zhixinn.com/images/default/default.js | 200 OK Content-Length: 6108 Content-Type: application/x-javascript | clean |
http://www.zhixinn.com/images/default/swfobject.js | 200 OK Content-Length: 6880 Content-Type: application/x-javascript | clean |
http://www.zhixinn.com/f/images/newstyle/chang.js | 200 OK Content-Length: 1588 Content-Type: application/x-javascript | clean |
http://xslt.alexa.com/site_stats/js/s/c?url=www.zhixinn.com | 200 OK Content-Length: 3153 Content-Type: application/x-javascript | clean |
http://www.zhixinn.com/hack/count.php?fid=1 | 404 Not Found Content-Length: 83 Content-Type: text/html | clean |
http://pw.cnzz.com/c.php?id=80441594 | 200 OK Content-Length: 10073 Content-Type: application/javascript | clean |
http://s11.cnzz.com/stat.php?id=2932154&web_id=2932154&show=pic | 200 OK Content-Length: 10075 Content-Type: application/javascript | clean |
http://v1.jiathis.com/code/jiathis_r.js?move=0&btn=r1.gif&uid=909553 | 200 OK Content-Length: 19638 Content-Type: application/x-javascript | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: zz.zhixinn.com
Result:
HTTP/1.1 302 Moved Temporarily
Connection: close
Date: Thu, 15 Jan 2015 11:47:06 GMT
Location: http://www.zhixinn.com/f/allcity.php
Server: Microsoft-IIS/6.0
Content-Type: text/html
Set-Cookie: USR=0mthcdkx%090%091421322426%09http%3A%2F%2Fzz.zhixinn.com%2Findex.php
Set-Cookie: From_City=0; expires=Wed, 15-Jan-2014 11:47:06 GMT; path=/; domain=zhixinn.com
X-Powered-By: ASP.NET
X-Powered-By: PHP/5.2.8
GET / HTTP/1.1
Host: zz.zhixinn.com
Result:
HTTP/1.1 302 Moved Temporarily
Connection: close
Date: Thu, 15 Jan 2015 11:47:06 GMT
Location: http://www.zhixinn.com/f/allcity.php
Server: Microsoft-IIS/6.0
Content-Type: text/html
Set-Cookie: USR=0mthcdkx%090%091421322426%09http%3A%2F%2Fzz.zhixinn.com%2Findex.php
Set-Cookie: From_City=0; expires=Wed, 15-Jan-2014 11:47:06 GMT; path=/; domain=zhixinn.com
X-Powered-By: ASP.NET
X-Powered-By: PHP/5.2.8
Second query (visit from search engine):
GET / HTTP/1.1
Host: zz.zhixinn.com
Referer: http://www.google.com/search?q=zz.zhixinn.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: zz.zhixinn.com
Referer: http://www.google.com/search?q=zz.zhixinn.com
Result:
The result is similar to the first query. There are no suspicious redirects found.