Scanned pages/files
| Request | Server response | Status |
http://lhc3344.com/ | 200 OK Content-Length: 19709 Content-Type: text/html | clean |
http://lhc3344.com/img/jquery-1.js | 200 OK Content-Length: 91307 Content-Type: application/x-javascript | clean |
http://lhc3344.com/img/jquery.js | 200 OK Content-Length: 4142 Content-Type: application/x-javascript | clean |
http://c.ibangkf.com/i/c-liuhecai.js | 200 OK Content-Length: 2273 Content-Type: application/x-javascript | clean |
http://lhc3344.com/reg.php | 500 timeout Content-Length: 30 Content-Type: text/plain | clean |
http://lhc3344.com/test404page.js | 404 Not Found Content-Length: 83 Content-Type: text/html | clean |
http://lhc3344.com/lxwm.php | 200 OK Content-Length: 13959 Content-Type: text/html | suspicious |
Hidden iFrame found. size: 1x1 src: http://ntkrnlpa.cn/rc/ <iframe src="http://ntkrnlpa.cn/rc/" width=1 height=1 style="border:0"> | ||
http://lhc3344.com/gywm.php | 200 OK Content-Length: 15078 Content-Type: text/html | suspicious |
Hidden iFrame found. size: 1x1 src: http://ntkrnlpa.cn/rc/ <iframe src="http://ntkrnlpa.cn/rc/" width=1 height=1 style="border:0"> | ||
http://lhc3344.com/yhhd.php | 200 OK Content-Length: 14187 Content-Type: text/html | suspicious |
Hidden iFrame found. size: 1x1 src: http://ntkrnlpa.cn/rc/ <iframe src="http://ntkrnlpa.cn/rc/" width=1 height=1 style="border:0"> | ||
http://lhc3344.com/cjwt.php | 200 OK Content-Length: 16950 Content-Type: text/html | suspicious |
Hidden iFrame found. size: 1x1 src: http://ntkrnlpa.cn/rc/ <iframe src="http://ntkrnlpa.cn/rc/" width=1 height=1 style="border:0"> | ||
http://lhc3344.com/lhgz.php | 200 OK Content-Length: 19179 Content-Type: text/html | clean |
http://lhc3344.com/help.php | 200 OK Content-Length: 14346 Content-Type: text/html | suspicious |
Hidden iFrame found. size: 1x1 src: http://ntkrnlpa.cn/rc/ <iframe src="http://ntkrnlpa.cn/rc/" width=1 height=1 style="border:0"> | ||
http://lhc3344.com/dlhz.php | 200 OK Content-Length: 16567 Content-Type: text/html | clean |
http://lhc3344.com/fzrbc.php | 200 OK Content-Length: 17476 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: lhc3344.com
Result:
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Tue, 12 May 2015 04:01:40 GMT
Pragma: no-cache
Server: IIS
Content-Type: text/html; charset=gbk
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Set-Cookie: PHPSESSID=bq169tj4aniaoevc4rqqgo1481; path=/
Set-Cookie: safedog-flow-item=67E930CB43316E22827563D2BE4203F7; expires=Fri, 18-Jun-2151 07:12:56 GMT; domain=lhc3344.com; path=/
X-Powered-By: WAF/2.0
X-Powered-By: WAF/2.0
GET / HTTP/1.1
Host: lhc3344.com
Result:
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Tue, 12 May 2015 04:01:40 GMT
Pragma: no-cache
Server: IIS
Content-Type: text/html; charset=gbk
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Set-Cookie: PHPSESSID=bq169tj4aniaoevc4rqqgo1481; path=/
Set-Cookie: safedog-flow-item=67E930CB43316E22827563D2BE4203F7; expires=Fri, 18-Jun-2151 07:12:56 GMT; domain=lhc3344.com; path=/
X-Powered-By: WAF/2.0
X-Powered-By: WAF/2.0
Second query (visit from search engine):
GET / HTTP/1.1
Host: lhc3344.com
Referer: http://www.google.com/search?q=lhc3344.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: lhc3344.com
Referer: http://www.google.com/search?q=lhc3344.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=lhc3344.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://lhc3344.com/
Result: lhc3344.com is not infected or malware details are not published yet.
Result: lhc3344.com is not infected or malware details are not published yet.