Scanned pages/files
| Request | Server response | Status |
http://1209158.jjwxc.net/content/ | HTTP/1.1 302 Moved Temporarily Connection: close Date: Fri, 30 May 2014 20:47:39 GMT Location: http://www.jjwxc.net/oneauthor.php?authorid=1209158 Content-Length: 160 Content-Type: text/html | clean |
http://www.jjwxc.net/oneauthor.php?authorid=1209158 | 200 OK Content-Length: 13477 Content-Type: text/html | clean |
http://w.cnzz.com/c.php?id=30075907 | 200 OK Content-Length: 9622 Content-Type: application/javascript | clean |
http://static.jjwxc.net/scripts/jquery.blockUI.pack.js | 200 OK Content-Length: 4854 Content-Type: application/x-javascript | clean |
http://static.jjwxc.net/scripts/jjlogin.js?ver=20140415 | 200 OK Content-Length: 10135 Content-Type: application/x-javascript | clean |
http://static.jjwxc.net/scripts/main.120724.js?ver=20140523 | 200 OK Content-Length: 13161 Content-Type: application/x-javascript | clean |
http://js.adm.cnzz.net/js/abase.js | 200 OK Content-Length: 21394 Content-Type: application/x-javascript | malicious |
Malicious code - confirmed by antiviruses (see below) function FixedRealShow(){return document.body?(this.init.apply(this,arguments),void 0):!1}(function(window){function FnRegister(e,t){return w[e]||(w[e]=t)}function parseParams(e){var t=map[e];return t?{id:e||e,af:t.af||!1,did:t.aid||0,slotType:t.stype,isbefore:t.pop||0,htmlcode:t._html||0,width:t._w||0,height:t._h||0,stime:1e3*t.time||5e3,ptime:1e3*t.parktime||0,loadtime:1e3*t.loadtime||0,closePosition:t.cb||0,scroll:t.sc||0,position:t.pos||0,mleft:t._m_left||0,mtop:t._m_top||0,ip:t.ip||"",isifr Antivirus reports:
| ||
http://1209158.jjwxc.net/test404page.js | HTTP/1.1 302 Moved Temporarily Connection: close Date: Fri, 30 May 2014 20:47:52 GMT Location: http://www.jjwxc.net/oneauthor.php?authorid=1209158 Content-Length: 160 Content-Type: text/html | clean |
http://www.jjwxc.net/test404page.js | HTTP/1.1 302 Moved Temporarily Cache-Control: max-age=604800 Connection: close Date: Thu, 29 May 2014 06:15:19 GMT Via: 1.1 st114.powercdn.com (PowerCDN/2.4) Warning: 113 st114.powercdn.com (PowerCDN/2.4) This cache hit is still fresh and more than 1 day old Age: 138755 Location: http://www.jjwxc.net/error404.php Content-Length: 160 Content-Type: text/html Expires: Thu, 05 Jun 2014 06:15:19 GMT PowerCDN: HIT from st114.powercdn.com X-Cache: MISS from CTC-0-162-ZZ-JJCDN X-Cache-Lookup: MISS from CTC-0-162-ZZ-JJCDN:80 | clean |
http://www.jjwxc.net/error404.php | 200 OK Content-Length: 2064 Content-Type: text/html | clean |
Malicious/Suspicious Redirects
| Request | Server response | Status |
URL: http://1209158.jjwxc.net/ (imitation of visitor from search engine) GET / HTTP/1.1 Host: 1209158.jjwxc.net Referer: http://www.google.com/search?q=redirect+check1 | HTTP/1.1 302 Moved Temporarily Connection: close Date: Fri, 30 May 2014 20:47:39 GMT Location: http://www.jjwxc.net/oneauthor.php?authorid=1209158 Content-Length: 160 Content-Type: text/html | suspicious |
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=1209158.jjwxc.net
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://1209158.jjwxc.net/
Result: 1209158.jjwxc.net is not infected or malware details are not published yet.
Result: 1209158.jjwxc.net is not infected or malware details are not published yet.