See: https://www.virustotal.com/nl/url/cd6563a8b7769dfc0f5662d36c0651a24a44be98c7837e28c04b4cb7afc9dea8/analysis/1412096884/
ASP site with issues (extensive header info proliferation and a click-jacking warning:
https://asafaweb.com/Scan?Url=cnpengyouhui.com%2F34wsh%2Findex.html
See: http://fetch.scritch.org/%2Bfetch/?url=http://cnpengyouhui.com/34wsh/
Scripts list: htxp://cnpengyouhui.com/common.js →
http://jsunpack.jeek.org/?report=01c0b39816ed4110a2115c26bb2406a106c05a38
htxp://cnpengyouhui.com/tj.js → http://jsunpack.jeek.org/?report=35984668cb22082baf17bda339e56004e847fa1c (going to blocked (script) js.users.51 dot la/17107698.js)
Site being blacklisted: http://safebrowsing.clients.google.com/safebrowsing/diagnostic?site=cnpengyouhui.com
51 malicious files with detected reference to malicious blacklisted domain etcuk dot com, lijiangyilian dot com, alquimic dot .com, bjdsyl dot ne. metalboxer dot com, lijiangyilian dot com, bjdsyl dot net. latikaze dot com, beunlbd dot com, js.users.51 dot la/
Submission 2 minutes ago. Do we have it?
pol