Scanned pages/files
| Request | Server response | Status |
http://myjianzhu.com/ | 200 OK Content-Length: 67882 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) window._bd_share_config={"common":{"bdSnsKey":{},"bdText":"","bdMini":"2","bdMiniList":false,"bdPic":"","bdStyle":"0","bdSize":"16"},"slide":{"type":"slide","bdImg":"0","bdPos":"left","bdTop":"62.5"}};with(document)0[(getElementsByTagName('head')[0]||body).appendChild(createElement('script')).src='http://bdimg.share.baidu.com/static/api/js/share.js?v=86835285.js?cdnversion='+~(-new Date()/36e5)]; Antivirus reports:
| ||
http://www.myjianzhu.com/lang/zh-cn/lang.js | 200 OK Content-Length: 3620 Content-Type: application/x-javascript | clean |
http://www.myjianzhu.com/file/script/config.js | 200 OK Content-Length: 246 Content-Type: application/x-javascript | clean |
http://www.myjianzhu.com/file/script/jquery.js | 200 OK Content-Length: 85755 Content-Type: application/x-javascript | clean |
http://www.myjianzhu.com/file/script/common.js | 200 OK Content-Length: 7182 Content-Type: application/x-javascript | clean |
http://www.myjianzhu.com/file/script/page.js | 200 OK Content-Length: 6647 Content-Type: application/x-javascript | clean |
http://www.myjianzhu.com/file/script/jquery.lazyload.js | 200 OK Content-Length: 5781 Content-Type: application/x-javascript | clean |
http://cpro.baidustatic.com/cpro/ui/c.js | 500 timeout Content-Length: 30 Content-Type: text/plain | clean |
http://cpro.baidustatic.com/test404page.js | 500 Can't connect to cpro.baidustatic.com:80 (Bad hostname) Content-Length: 172 Content-Type: text/plain | clean |
http://www.myjianzhu.com/file/script/slide.js | 200 OK Content-Length: 2724 Content-Type: application/x-javascript | clean |
http://www.myjianzhu.com/file/script/index.js | 200 OK Content-Length: 1216 Content-Type: application/x-javascript | clean |
http://www.myjianzhu.com/file/script/marquee.js | 200 OK Content-Length: 1239 Content-Type: application/x-javascript | clean |
http://cpro.baidustatic.com/cpro/ui/f.js | 500 timeout Content-Length: 30 Content-Type: text/plain | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: myjianzhu.com
Result:
HTTP/1.1 200 OK
Date: Thu, 08 May 2014 13:37:41 GMT
Server: Microsoft-IIS/6.0
Content-Length: 67882
Content-Type: text/html;charset=gbk
X-Powered-By: ASP.NET
X-Powered-By: PHP/5.3.21
...67882 bytes of data.
GET / HTTP/1.1
Host: myjianzhu.com
Result:
HTTP/1.1 200 OK
Date: Thu, 08 May 2014 13:37:41 GMT
Server: Microsoft-IIS/6.0
Content-Length: 67882
Content-Type: text/html;charset=gbk
X-Powered-By: ASP.NET
X-Powered-By: PHP/5.3.21
...67882 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: myjianzhu.com
Referer: http://www.google.com/search?q=myjianzhu.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: myjianzhu.com
Referer: http://www.google.com/search?q=myjianzhu.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=myjianzhu.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://myjianzhu.com/
Result: myjianzhu.com is not infected or malware details are not published yet.
Result: myjianzhu.com is not infected or malware details are not published yet.