Scanned pages/files
| Request | Server response | Status |
http://17xunfang.com/ | HTTP/1.1 301 Moved Permanently Connection: close Location: http://www.17xunfang.com/ Content-Length: 0 | clean |
http://www.17xunfang.com/ | 200 OK Content-Length: 24636 Content-Type: text/html | suspicious |
Hidden iFrame found. size: 0x0 src: http://www.baidu.com/baidu?word=寻è³å½%20æµå&ie=utf-8 <iframe src="http://www.baidu.com/baidu?word=寻è³å½%20æµå&ie=utf-8" border="0" width="0" height="0" /> Hidden iFrame found. size: 0x0 src: http://www.baidu.com/baidu?word=å±±ä¸å¯»è³å½&ie=utf-8 <iframe src="http://www.baidu.com/baidu?word=å±±ä¸å¯»è³å½&ie=utf-8" border="0" width="0" height="0" /> Hidden iFrame found. size: 0x0 src: http://www.baidu.com/baidu?word=寻è³å½%20å±±ä¸&ie=utf-8 <iframe src="http://www.baidu.com/baidu?word=寻è³å½%20å±±ä¸&ie=utf-8" border="0" width="0" height="0" /> Hidden iFrame found. size: 0x0 src: http://www.baidu.com/baidu?word=寻è³å½%20éå²&ie=utf-8 <iframe src="http://www.baidu.com/baidu?word=寻è³å½%20éå²&ie=utf-8" border="0" width="0" height="0" /> | ||
http://www.17xunfang.com/Public/js/noerr.js | 200 OK Content-Length: 96 Content-Type: application/javascript | clean |
http://www.17xunfang.com/Public/js/global.js | 200 OK Content-Length: 60 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) function $obj(id) {
return document.getElementById(id); } Antivirus reports:
| ||
http://www.17xunfang.com/Public/js/jquery.min.js | 200 OK Content-Length: 30775 Content-Type: application/javascript | clean |
http://www.17xunfang.com/Public/js/ppRoll.js | 200 OK Content-Length: 3448 Content-Type: application/javascript | clean |
http://17xunfang.com/user-login.shtml | HTTP/1.1 301 Moved Permanently Connection: close Date: Thu, 03 Apr 2014 05:41:01 GMT Location: http://www.17xunfang.com/user-login.shtml Server: cloudflare-nginx Content-Type: text/html CF-RAY: 1152ef4a574d0328-MIA Set-Cookie: __cfduid=d5dfdab57f5437ca88e1c75e7f28ce4871396503661176; expires=Mon, 23-Dec-2019 23:50:00 GMT; path=/; domain=.17xunfang.com; HttpOnly | clean |
http://www.17xunfang.com/user-login.shtml | 200 OK Content-Length: 4737 Content-Type: text/html | clean |
http://www.17xunfang.com/Public/js/login.js | 200 OK Content-Length: 311 Content-Type: application/javascript | clean |
http://17xunfang.com/user-reg.shtml | HTTP/1.1 301 Moved Permanently Connection: close Date: Thu, 03 Apr 2014 05:41:03 GMT Location: http://www.17xunfang.com/user-reg.shtml Server: cloudflare-nginx Content-Type: text/html CF-RAY: 1152ef59ab030328-MIA Set-Cookie: __cfduid=d757af3eea5bd09ed0c3099384cd7dbb21396503663629; expires=Mon, 23-Dec-2019 23:50:00 GMT; path=/; domain=.17xunfang.com; HttpOnly | clean |
http://www.17xunfang.com/user-reg.shtml | 200 OK Content-Length: 5934 Content-Type: text/html | clean |
http://www.17xunfang.com/Public/js/validator.common.js | 200 OK Content-Length: 5692 Content-Type: application/javascript | clean |
http://www.17xunfang.com/Public/js/validator.js | 200 OK Content-Length: 10806 Content-Type: application/javascript | clean |
http://www.17xunfang.com/Public/js/validator2.js | 200 OK Content-Length: 900 Content-Type: application/javascript | clean |
http://17xunfang.com/user-getpwd.shtml | HTTP/1.1 301 Moved Permanently Connection: close Date: Thu, 03 Apr 2014 05:41:07 GMT Location: http://www.17xunfang.com/user-getpwd.shtml Server: cloudflare-nginx Content-Type: text/html CF-RAY: 1152ef7277500328-MIA Set-Cookie: __cfduid=d456fadd1e25eb60b90264faeb41290311396503667592; expires=Mon, 23-Dec-2019 23:50:00 GMT; path=/; domain=.17xunfang.com; HttpOnly | clean |
http://www.17xunfang.com/user-getpwd.shtml | 200 OK Content-Length: 4485 Content-Type: text/html | clean |
http://www.17xunfang.com/test404page.js | 200 OK Content-Length: 1988 Content-Type: text/html | clean |
http://17xunfang.com/index-post.shtml | HTTP/1.1 301 Moved Permanently Connection: close Date: Thu, 03 Apr 2014 05:41:09 GMT Location: http://www.17xunfang.com/index-post.shtml Server: cloudflare-nginx Content-Type: text/html CF-RAY: 1152ef7fa91c0328-MIA Set-Cookie: __cfduid=d1427836a0cd7d5bbed546551a7545d9c1396503669706; expires=Mon, 23-Dec-2019 23:50:00 GMT; path=/; domain=.17xunfang.com; HttpOnly | clean |
http://www.17xunfang.com/index-post.shtml | 200 OK Content-Length: 4248 Content-Type: text/html | clean |
http://17xunfang.com/index-index.shtml | HTTP/1.1 301 Moved Permanently Connection: close Date: Thu, 03 Apr 2014 05:41:11 GMT Location: http://www.17xunfang.com/index-index.shtml Server: cloudflare-nginx Content-Type: text/html CF-RAY: 1152ef879a1a0328-MIA Set-Cookie: __cfduid=d1b3b22509ad13e3b8a040ea6933ae6c91396503670979; expires=Mon, 23-Dec-2019 23:50:00 GMT; path=/; domain=.17xunfang.com; HttpOnly | clean |
http://www.17xunfang.com/index-index.shtml | 200 OK Content-Length: 24637 Content-Type: text/html | suspicious |
Hidden iFrame found. size: 0x0 src: http://www.baidu.com/baidu?word=寻è³å½%20æµå&ie=utf-8 <iframe src="http://www.baidu.com/baidu?word=寻è³å½%20æµå&ie=utf-8" border="0" width="0" height="0" /> Hidden iFrame found. size: 0x0 src: http://www.baidu.com/baidu?word=å±±ä¸å¯»è³å½&ie=utf-8 <iframe src="http://www.baidu.com/baidu?word=å±±ä¸å¯»è³å½&ie=utf-8" border="0" width="0" height="0" /> Hidden iFrame found. size: 0x0 src: http://www.baidu.com/baidu?word=寻è³å½%20å±±ä¸&ie=utf-8 <iframe src="http://www.baidu.com/baidu?word=寻è³å½%20å±±ä¸&ie=utf-8" border="0" width="0" height="0" /> Hidden iFrame found. size: 0x0 src: http://www.baidu.com/baidu?word=寻è³å½%20éå²&ie=utf-8 <iframe src="http://www.baidu.com/baidu?word=寻è³å½%20éå²&ie=utf-8" border="0" width="0" height="0" /> | ||
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: 17xunfang.com
Result:
HTTP/1.1 301 Moved Permanently
Connection: close
Location: http://www.17xunfang.com/
Content-Length: 0
...0 bytes of data.
GET / HTTP/1.1
Host: 17xunfang.com
Result:
HTTP/1.1 301 Moved Permanently
Connection: close
Location: http://www.17xunfang.com/
Content-Length: 0
...0 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: 17xunfang.com
Referer: http://www.google.com/search?q=17xunfang.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: 17xunfang.com
Referer: http://www.google.com/search?q=17xunfang.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=17xunfang.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://17xunfang.com/
Result: 17xunfang.com is not infected or malware details are not published yet.
Result: 17xunfang.com is not infected or malware details are not published yet.