Malicious/Suspicious Redirects
Request | Server response | Status |
URL: http://www.jshbbs.com/ (imitation of visitor from search engine) GET / HTTP/1.1 Host: www.jshbbs.com Referer: http://www.google.com/search?q=redirect+check1 | HTTP/1.1 302 Found Cache-Control: no-cache, no-store, must-revalidate, max-age=0 Connection: close Date: Sun, 13 Dec 2015 17:57:29 GMT Accept-Ranges: bytes Location: http://www.ertyuiop.itsaol.com/ Server: LiteSpeed Content-Type: text/html; charset=gbk Set-Cookie: aOdH_2132_saltkey=11njO115; expires=Tue, 12-Jan-2016 17:57:29 GMT; path=/; httponly Set-Cookie: aOdH_2132_lastvisit=1450025849; expires=Tue, 12-Jan-2016 17:57:29 GMT; path=/ Set-Cookie: aOdH_2132_sid=kn2f2Y; expires=Mon, 14-Dec-2015 17:57:29 GMT; path=/ Set-Cookie: aOdH_2132_lastact=1450029449%09index.php%09; expires=Mon, 14-Dec-2015 17:57:29 GMT; path=/ Set-Cookie: aOdH_2132_onlineusernum=129; expires=Sun, 13-Dec-2015 18:02:29 GMT; path=/ Set-Cookie: aOdH_2132_sid=kn2f2Y; expires=Mon, 14-Dec-2015 17:57:29 GMT; path=/ X-Powered-By: PHP/5.3.29 | malicious |
Scanned pages/files
Request | Server response | Status |
http://www.jshbbs.com/ | 200 OK Content-Length: 52896 Content-Type: text/html | suspicious |
Page code contains blacklisted domain: www.hustwb.net <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=gbk" /> <title>Î人¹¤³Ì´óѧÂÛ̳ Î人¹¤³Ì´óѧBBS|¹¤³Ì´óÂÛ̳|Î人¹¤³Ì´óѧ|¾²Ë¼ºþÅÏ - </title> <meta name="keywords" content="Î人¹¤³Ì´óѧ,¹¤³Ì´óÂÛ̳,¹¤³Ì´óbbs,Î人¹¤³ ...[4325 bytes skipped]... | ||
http://www.jshbbs.com/static/js/common.js?i9Z | 200 OK Content-Length: 61875 Content-Type: application/javascript | clean |
http://www.jshbbs.com/static/js/forum.js?i9Z | 200 OK Content-Length: 14869 Content-Type: application/javascript | clean |
http://www.jshbbs.com/static/js/logging.js?i9Z | 200 OK Content-Length: 579 Content-Type: application/javascript | clean |
http://js.touclick.com/js.touclick?b=3f564a4d-78a5-4d3e-a566-61ab26567dc4&v=v2-2&pf=discuz | HTTP/1.1 302 Found Connection: close Date: Sun, 13 Dec 2015 17:57:37 GMT Location: http://cdnjs.touclick.com/3f564a4d-78a5-4d3e-a566-61ab26567dc4.js Server: nginx/1.0.15 Content-Length: 0 Content-Type: text/javascript;charset=UTF-8 | clean |
http://cdnjs.touclick.com/3f564a4d-78a5-4d3e-a566-61ab26567dc4.js | 200 OK Content-Length: 21508 Content-Type: application/javascript | clean |
http://www.jshbbs.com/home.php?mod=misc&ac=sendmail&rand=1450029449 | 200 OK Content-Length: 0 Content-Type: text/html | clean |
http://www.jshbbs.com/test404page.js | 404 Not Found Content-Length: 1148 Content-Type: text/html | clean |
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=jshbbs.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://jshbbs.com/
Result: jshbbs.com is not infected or malware details are not published yet.
Result: jshbbs.com is not infected or malware details are not published yet.