Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=pgfm.yzi.me
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://pgfm.yzi.me/
Result: The website is marked by Yandex as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Yandex as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
| Request | Server response | Status |
http://pgfm.yzi.me/ | HTTP/1.1 301 Moved Permanently Connection: close Date: Tue, 24 Feb 2015 18:56:15 GMT Location: forum.php Server: Content-Length: 5 Content-Type: text/html X-Powered-By: PHP/5.2.17 | clean |
http://pgfm.yzi.me/forum.php | 200 OK Content-Length: 9160 Content-Type: text/html | suspicious |
Page code contains blacklisted domain: fmsq.yzi.me ...[2408 bytes skipped]... edlocation" class="alert_btnleft"></p> <p class="alert_btnleft"><a id="succeedmessage_href">Èç¹ûÄúµÄä¯ÀÀÆ÷ûÓÐ×Ô¶¯Ìøת£¬Çëµã»÷´ËÁ´½Ó</a></p> </div> </div> </div> <div class="nfl" id="main_message"> <div class="f_c altw"> <div id="messagetext" class="alert_info"> <p>ÓÉÓÚ×ʽðµÄ²»×ãºÍ¼¼ÊõÉϵĴíÎó£¬ÂÛ̳ÓÀ¾Ã¹Ø±Õ£¬Çë·ÃÎÊÐÂÂÛ̳http://fmsq.yzi.me/forum.php »òÂÛ̳Ψһ¹Ù·½²©¿Í http://blog.yzi.me/</p> </div> <div id="messagelogin"></div> <script type="text/javascript">ajaxget('member.php?mod=logging&action=login&infloat=yes&frommessage', 'messagelogin');</script> </div> </div> </div> </div> <div id="ft" class="wp cl"> <div id="flk" class="y"> <p> <a href="archiver/" >Archiver ...[1631 bytes skipped]... | ||
http://pgfm.yzi.me/static/js/common.js?HTU | 200 OK Content-Length: 68911 Content-Type: application/javascript | clean |
http://pgfm.yzi.me/static/js/forum.js?HTU | 200 OK Content-Length: 21982 Content-Type: application/javascript | clean |
http://pgfm.yzi.me/static/js/logging.js?HTU | 200 OK Content-Length: 603 Content-Type: application/javascript | clean |
http://discuz.gtimg.cn/cloud/scripts/discuz_tips.js?v=1 | 200 OK Content-Length: 6173 Content-Type: application/x-javascript | clean |
http://pgfm.yzi.me/member.php?mod=register | 200 OK Content-Length: 8869 Content-Type: text/html | clean |
http://pgfm.yzi.me/./ | HTTP/1.1 301 Moved Permanently Connection: close Date: Tue, 24 Feb 2015 18:56:21 GMT Location: forum.php Server: Content-Length: 5 Content-Type: text/html X-Powered-By: PHP/5.2.17 | clean |
http://pgfm.yzi.me/./forum.php | 200 OK Content-Length: 9160 Content-Type: text/html | suspicious |
Page code contains blacklisted domain: fmsq.yzi.me ...[2408 bytes skipped]... edlocation" class="alert_btnleft"></p> <p class="alert_btnleft"><a id="succeedmessage_href">Èç¹ûÄúµÄä¯ÀÀÆ÷ûÓÐ×Ô¶¯Ìøת£¬Çëµã»÷´ËÁ´½Ó</a></p> </div> </div> </div> <div class="nfl" id="main_message"> <div class="f_c altw"> <div id="messagetext" class="alert_info"> <p>ÓÉÓÚ×ʽðµÄ²»×ãºÍ¼¼ÊõÉϵĴíÎó£¬ÂÛ̳ÓÀ¾Ã¹Ø±Õ£¬Çë·ÃÎÊÐÂÂÛ̳http://fmsq.yzi.me/forum.php »òÂÛ̳Ψһ¹Ù·½²©¿Í http://blog.yzi.me/</p> </div> <div id="messagelogin"></div> <script type="text/javascript">ajaxget('member.php?mod=logging&action=login&infloat=yes&frommessage', 'messagelogin');</script> </div> </div> </div> </div> <div id="ft" class="wp cl"> <div id="flk" class="y"> <p> <a href="archiver/" >Archiver ...[1631 bytes skipped]... | ||
http://pgfm.yzi.me/./static/js/common.js?HTU | 200 OK Content-Length: 68911 Content-Type: application/javascript | clean |
http://pgfm.yzi.me/./static/js/forum.js?HTU | 200 OK Content-Length: 21982 Content-Type: application/javascript | clean |
http://pgfm.yzi.me/./static/js/logging.js?HTU | 200 OK Content-Length: 603 Content-Type: application/javascript | clean |
http://pgfm.yzi.me/./member.php?mod=register | 200 OK Content-Length: 8873 Content-Type: text/html | clean |
http://pgfm.yzi.me/././ | HTTP/1.1 301 Moved Permanently Connection: close Date: Tue, 24 Feb 2015 18:56:25 GMT Location: forum.php Server: Content-Length: 5 Content-Type: text/html X-Powered-By: PHP/5.2.17 | clean |
http://pgfm.yzi.me/././forum.php | 200 OK Content-Length: 9160 Content-Type: text/html | suspicious |
Page code contains blacklisted domain: fmsq.yzi.me ...[2408 bytes skipped]... edlocation" class="alert_btnleft"></p> <p class="alert_btnleft"><a id="succeedmessage_href">Èç¹ûÄúµÄä¯ÀÀÆ÷ûÓÐ×Ô¶¯Ìøת£¬Çëµã»÷´ËÁ´½Ó</a></p> </div> </div> </div> <div class="nfl" id="main_message"> <div class="f_c altw"> <div id="messagetext" class="alert_info"> <p>ÓÉÓÚ×ʽðµÄ²»×ãºÍ¼¼ÊõÉϵĴíÎó£¬ÂÛ̳ÓÀ¾Ã¹Ø±Õ£¬Çë·ÃÎÊÐÂÂÛ̳http://fmsq.yzi.me/forum.php »òÂÛ̳Ψһ¹Ù·½²©¿Í http://blog.yzi.me/</p> </div> <div id="messagelogin"></div> <script type="text/javascript">ajaxget('member.php?mod=logging&action=login&infloat=yes&frommessage', 'messagelogin');</script> </div> </div> </div> </div> <div id="ft" class="wp cl"> <div id="flk" class="y"> <p> <a href="archiver/" >Archiver ...[1631 bytes skipped]... | ||
http://pgfm.yzi.me/././static/js/common.js?HTU | 200 OK Content-Length: 68911 Content-Type: application/javascript | clean |
http://pgfm.yzi.me/././static/js/forum.js?HTU | 200 OK Content-Length: 21982 Content-Type: application/javascript | clean |
http://pgfm.yzi.me/././static/js/logging.js?HTU | 200 OK Content-Length: 603 Content-Type: application/javascript | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: pgfm.yzi.me
Result:
HTTP/1.1 301 Moved Permanently
Connection: close
Date: Tue, 24 Feb 2015 18:56:15 GMT
Location: forum.php
Server:
Content-Length: 5
Content-Type: text/html
X-Powered-By: PHP/5.2.17
...5 bytes of data.
GET / HTTP/1.1
Host: pgfm.yzi.me
Result:
HTTP/1.1 301 Moved Permanently
Connection: close
Date: Tue, 24 Feb 2015 18:56:15 GMT
Location: forum.php
Server:
Content-Length: 5
Content-Type: text/html
X-Powered-By: PHP/5.2.17
...5 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: pgfm.yzi.me
Referer: http://www.google.com/search?q=pgfm.yzi.me
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: pgfm.yzi.me
Referer: http://www.google.com/search?q=pgfm.yzi.me
Result:
The result is similar to the first query. There are no suspicious redirects found.