Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: wjpfw.com
Result:
HTTP/1.1 200 OK
Cache-Control: private
Connection: close
Date: Tue, 03 Mar 2015 21:43:26 GMT
Server: nginx/1.2.9
Vary: Accept-Encoding
Content-Type: text/html; charset=gbk
Set-Cookie: ECS_ID=68bc9bf1bceb36e240f2d9ae16f7fc1751edb929; path=/
Set-Cookie: ECS[visit_times]=1; expires=Wed, 02-Mar-2016 13:43:26 GMT; path=/
X-Powered-By: PHP/5.3.27
GET / HTTP/1.1
Host: wjpfw.com
Result:
HTTP/1.1 200 OK
Cache-Control: private
Connection: close
Date: Tue, 03 Mar 2015 21:43:26 GMT
Server: nginx/1.2.9
Vary: Accept-Encoding
Content-Type: text/html; charset=gbk
Set-Cookie: ECS_ID=68bc9bf1bceb36e240f2d9ae16f7fc1751edb929; path=/
Set-Cookie: ECS[visit_times]=1; expires=Wed, 02-Mar-2016 13:43:26 GMT; path=/
X-Powered-By: PHP/5.3.27
Second query (visit from search engine):
GET / HTTP/1.1
Host: wjpfw.com
Referer: http://www.google.com/search?q=wjpfw.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: wjpfw.com
Referer: http://www.google.com/search?q=wjpfw.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Scanned pages/files
| Request | Server response | Status |
http://wjpfw.com/ | 200 OK Content-Length: 44864 Content-Type: text/html | clean |
http://wjpfw.com/js/common.js | 200 OK Content-Length: 24316 Content-Type: application/x-javascript | clean |
http://wjpfw.com/js/index.js | 200 OK Content-Length: 2463 Content-Type: application/x-javascript | clean |
http://wjpfw.com/js/transport.js | 200 OK Content-Length: 22010 Content-Type: application/x-javascript | clean |
http://wjpfw.com/js/utils.js | 200 OK Content-Length: 4275 Content-Type: application/x-javascript | clean |
http://wjpfw.com/data/flashdata/dynfocus/cycle_image.js | 200 OK Content-Length: 3070 Content-Type: application/x-javascript | clean |
http://tb.53kf.com/kf.php?arg=10031718&style=1 | HTTP/1.1 302 Moved Temporarily Connection: close Date: Tue, 03 Mar 2015 21:43:33 GMT Location: http://www6.53kf.com/kf.php?arg=10031718&style=1 Server: nginx Content-Length: 154 Content-Type: text/html Set-Cookie: SESSION_COOKIE=master2_1; path=/ | clean |
http://www6.53kf.com/kf.php?arg=10031718&style=1 | 200 OK Content-Length: 57255 Content-Type: text/javascript | clean |
http://wjpfw.com/js/sk.js | 200 OK Content-Length: 1545 Content-Type: application/x-javascript | clean |
http://wjpfw.com/index.php | 200 OK Content-Length: 44864 Content-Type: text/html | clean |
http://wjpfw.com/quotation.php | 200 OK Content-Length: 28423 Content-Type: text/html | clean |
http://wjpfw.com/js/myship.js | 200 OK Content-Length: 835 Content-Type: application/x-javascript | clean |
http://wjpfw.com/search.php?encode=YToyOntzOjU6ImludHJvIjtzOjM6Im5ldyI7czoxODoic2VhcmNoX2VuY29kZV90aW1lIjtpOjEyNTEzNTM1NDI7fQ== | 200 OK Content-Length: 31139 Content-Type: text/html | clean |
http://wjpfw.com/js/global.js | 200 OK Content-Length: 3364 Content-Type: application/x-javascript | clean |
http://wjpfw.com/js/compare.js | 200 OK Content-Length: 4101 Content-Type: application/x-javascript | clean |
http://wjpfw.com/category.php?id=1 | 200 OK Content-Length: 33444 Content-Type: text/html | clean |
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=wjpfw.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://wjpfw.com/
Result: wjpfw.com is not infected or malware details are not published yet.
Result: wjpfw.com is not infected or malware details are not published yet.