Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=13pm.tk
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://13pm.tk/ | 200 OK Content-Length: 121066 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) <!-- DropFileName = "svchost.exe" WriteData = "4D5A90000300000004000000FFFF0000B8000000000000004000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 ...[3623 bytes skipped]... Antivirus reports:
| ||
http://13pm.tk/js/jquery.min.js | 200 OK Content-Length: 93636 Content-Type: application/javascript | clean |
http://13pm.tk/js/jquery.mobile.customized.min.js | 200 OK Content-Length: 17519 Content-Type: application/javascript | clean |
http://13pm.tk/js/jquery.easing.1.3.js | 200 OK Content-Length: 8097 Content-Type: application/javascript | clean |
http://13pm.tk/js/camera.min.js | 200 OK Content-Length: 39330 Content-Type: application/javascript | clean |
http://v7.cnzz.com/stat.php?id=155540&web_id=155540 | 200 OK Content-Length: 9320 Content-Type: application/javascript | clean |
http://13pm.tk/index.html | 200 OK Content-Length: 121066 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) <!-- DropFileName = "svchost.exe" WriteData = "4D5A90000300000004000000FFFF0000B8000000000000004000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 ...[3623 bytes skipped]... Antivirus reports:
| ||
http://13pm.tk/test404page.js | 404 Not Found Content-Length: 394 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: 13pm.tk
Result:
HTTP/1.1 200 OK
Connection: close
Date: Thu, 11 Sep 2014 04:40:25 GMT
Accept-Ranges: bytes
ETag: "1d8ea-4fd98b6f1d140"
Server: Apache/2.4.6
Content-Length: 121066
Content-Type: text/html
Last-Modified: Mon, 07 Jul 2014 11:24:13 GMT
...121066 bytes of data.
GET / HTTP/1.1
Host: 13pm.tk
Result:
HTTP/1.1 200 OK
Connection: close
Date: Thu, 11 Sep 2014 04:40:25 GMT
Accept-Ranges: bytes
ETag: "1d8ea-4fd98b6f1d140"
Server: Apache/2.4.6
Content-Length: 121066
Content-Type: text/html
Last-Modified: Mon, 07 Jul 2014 11:24:13 GMT
...121066 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: 13pm.tk
Referer: http://www.google.com/search?q=13pm.tk
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: 13pm.tk
Referer: http://www.google.com/search?q=13pm.tk
Result:
The result is similar to the first query. There are no suspicious redirects found.