See: https://www.virustotal.com/nl/url/a949286b2e160b7c00749fa370dba87bc75b4457cdc76aa1b09c961f24a476f0/analysis/1449150929/
See: Malicious files: 1
/js/ads/head.js
Severity: Malicious
Reason: Detected reference to blacklisted domain
Details: Detected reference to malicious blacklisted domain -j.humanding.com
Two actually: Scanner output:
Scanning -http://114shj.com …
Script loaded: -http://114shj.com/js/ads/head.js
Script loaded: -http://114shj.com/js/ads/foot.js
Dangerous to visit this site: https://www.google.com/transparencyreport/safebrowsing/diagnostic/index.html#url=114shj.com
Two warnings: https://asafaweb.com/Scan?Url=114shj.com
See: http://webscan.360.cn/index/checkwebsite/url/www.114shj.com
In Chines it says Security Level: High Risk!
网站漏洞 存在高危漏洞 Site has a security leak!
Scan site with warnings itself: https://asafaweb.com/Scan?Url=webscan.360.cn%2Findex%2Fcheckwebsite%2Furl%2Fwww.114shj.com
Threat confirmed: http://www.domxssscanner.com/scan?url=http%3A%2F%2F114shj.com%2Fjs%2Fads%2Fhead.js
→ https://www.virustotal.com/nl/url/e4e7866c6cb68fc3157b5cd07e11bcde917ceab1ed30c7a697d77dae12e6f413/analysis/
polonus