Scanned pages/files
Request | Server response | Status |
http://97665.com/ | HTTP/1.1 301 Moved Permanently Date: Thu, 09 Oct 2014 13:52:52 GMT Location: http://www.97665.com/ Server: IIS Content-Length: 144 Content-Type: text/html X-Powered-By: WAF/2.0 | clean |
http://www.97665.com/ | 200 OK Content-Length: 57069 Content-Type: text/html | clean |
http://www.97665.com/news/djbd/4542.html | 200 OK Content-Length: 41219 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) window._bd_share_config = { "common": { "bdSnsKey": {}, "bdText": "", "bdMini": "2", "bdMiniList": false, "bdPic": "", "bdStyle": "0", "bdSize": "24" }, "share": {} }; with (document) 0[(getElementsByTagName('head')[0] || body).appendChild(createElement('script')).src = 'http://bdimg.share.baidu.com/static/api/js/share.js?v=89860593.js?cdnversion=' + ~(-new Date() / 36e5)]; Antivirus reports:
| ||
http://www.97665.com/Templates/DefaultSkin/js/jquery-1.7.2.min.js | HTTP/1.1 200 OK Date: Thu, 09 Oct 2014 13:53:02 GMT Accept-Ranges: bytes ETag: "e4f9882c57a5cf1:157c" Server: IIS Content-Length: 94840 Content-Location: http://www.97665.com/Templates/DefaultSkin/js/jquery-1.7.2.min.js Content-Type: application/x-javascript Last-Modified: Tue, 22 Jul 2014 02:46:44 GMT X-Powered-By: WAF/2.0 | clean |
http://www.97665.com/templates/defaultskin/js/jquery-1.7.2.min.js | HTTP/1.1 200 OK Date: Thu, 09 Oct 2014 13:53:06 GMT Accept-Ranges: bytes ETag: "e4f9882c57a5cf1:157c" Server: IIS Content-Length: 94840 Content-Location: http://www.97665.com/templates/defaultskin/js/jquery-1.7.2.min.js Content-Type: application/x-javascript Last-Modified: Tue, 22 Jul 2014 02:46:44 GMT X-Powered-By: WAF/2.0 | clean |
http://www.97665.com/test404page.js | 404 Not Found Content-Length: 112492 Content-Type: text/html | clean |
http://www.97665.com/sw/ | 200 OK Content-Length: 64071 Content-Type: text/html | clean |
http://www.97665.com/JS/ligerBuild.min.js | HTTP/1.1 200 OK Date: Thu, 09 Oct 2014 13:53:19 GMT Accept-Ranges: bytes ETag: "9a8412b57a5cf1:157c" Server: IIS Content-Length: 74989 Content-Location: http://www.97665.com/JS/ligerBuild.min.js Content-Type: application/x-javascript Last-Modified: Tue, 22 Jul 2014 02:46:42 GMT X-Powered-By: WAF/2.0 | clean |
http://www.97665.com/js/ligerbuild.min.js | HTTP/1.1 200 OK Date: Thu, 09 Oct 2014 13:53:23 GMT Accept-Ranges: bytes ETag: "9a8412b57a5cf1:157c" Server: IIS Content-Length: 74989 Content-Location: http://www.97665.com/js/ligerbuild.min.js Content-Type: application/x-javascript Last-Modified: Tue, 22 Jul 2014 02:46:42 GMT X-Powered-By: WAF/2.0 | clean |
http://www.97665.com/JS/digg_ajax.js | HTTP/1.1 200 OK Date: Thu, 09 Oct 2014 13:53:26 GMT Accept-Ranges: bytes ETag: "87b2c9793bcecf1:157c" Server: IIS Content-Length: 3577 Content-Location: http://www.97665.com/JS/digg_ajax.js Content-Type: application/x-javascript Last-Modified: Fri, 12 Sep 2014 03:41:45 GMT X-Powered-By: WAF/2.0 | clean |
http://www.97665.com/js/digg_ajax.js | HTTP/1.1 200 OK Date: Thu, 09 Oct 2014 13:53:27 GMT Accept-Ranges: bytes ETag: "87b2c9793bcecf1:157c" Server: IIS Content-Length: 3577 Content-Location: http://www.97665.com/js/digg_ajax.js Content-Type: application/x-javascript Last-Modified: Fri, 12 Sep 2014 03:41:45 GMT X-Powered-By: WAF/2.0 | clean |
http://www.97665.com/JS/base.js | HTTP/1.1 200 OK Date: Thu, 09 Oct 2014 13:53:28 GMT Accept-Ranges: bytes ETag: "294a6b63a3e2cf1:157c" Server: IIS Content-Length: 10402 Content-Location: http://www.97665.com/JS/base.js Content-Type: application/x-javascript Last-Modified: Wed, 08 Oct 2014 02:55:59 GMT X-Powered-By: WAF/2.0 | clean |
http://www.97665.com/js/base.js | HTTP/1.1 200 OK Date: Thu, 09 Oct 2014 13:53:30 GMT Accept-Ranges: bytes ETag: "294a6b63a3e2cf1:157c" Server: IIS Content-Length: 10402 Content-Location: http://www.97665.com/js/base.js Content-Type: application/x-javascript Last-Modified: Wed, 08 Oct 2014 02:55:59 GMT X-Powered-By: WAF/2.0 | clean |
http://www.97665.com/Templates/DefaultSkin/js/df.js | HTTP/1.1 200 OK Date: Thu, 09 Oct 2014 13:53:31 GMT Accept-Ranges: bytes ETag: "5e6832c57a5cf1:157c" Server: IIS Content-Length: 1015 Content-Location: http://www.97665.com/Templates/DefaultSkin/js/df.js Content-Type: application/x-javascript Last-Modified: Tue, 22 Jul 2014 02:46:44 GMT X-Powered-By: WAF/2.0 | clean |
http://www.97665.com/templates/defaultskin/js/df.js | HTTP/1.1 200 OK Date: Thu, 09 Oct 2014 13:53:32 GMT Accept-Ranges: bytes ETag: "5e6832c57a5cf1:157c" Server: IIS Content-Length: 1015 Content-Location: http://www.97665.com/templates/defaultskin/js/df.js Content-Type: application/x-javascript Last-Modified: Tue, 22 Jul 2014 02:46:44 GMT X-Powered-By: WAF/2.0 | clean |
http://www.97665.com/JS/jquery.form.js | HTTP/1.1 200 OK Date: Thu, 09 Oct 2014 13:53:32 GMT Accept-Ranges: bytes ETag: "42d33f2b57a5cf1:157c" Server: IIS Content-Length: 21072 Content-Location: http://www.97665.com/JS/jquery.form.js Content-Type: application/x-javascript Last-Modified: Tue, 22 Jul 2014 02:46:42 GMT X-Powered-By: WAF/2.0 | clean |
http://www.97665.com/js/jquery.form.js | HTTP/1.1 200 OK Date: Thu, 09 Oct 2014 13:53:34 GMT Accept-Ranges: bytes ETag: "42d33f2b57a5cf1:157c" Server: IIS Content-Length: 21072 Content-Location: http://www.97665.com/js/jquery.form.js Content-Type: application/x-javascript Last-Modified: Tue, 22 Jul 2014 02:46:42 GMT X-Powered-By: WAF/2.0 | clean |
http://www.97665.com/JS/jquery.validate.min.js | HTTP/1.1 200 OK Date: Thu, 09 Oct 2014 13:53:36 GMT Accept-Ranges: bytes ETag: "a6bd402b57a5cf1:157c" Server: IIS Content-Length: 25217 Content-Location: http://www.97665.com/JS/jquery.validate.min.js Content-Type: application/x-javascript Last-Modified: Tue, 22 Jul 2014 02:46:42 GMT X-Powered-By: WAF/2.0 | clean |
http://www.97665.com/js/jquery.validate.min.js | HTTP/1.1 200 OK Date: Thu, 09 Oct 2014 13:53:38 GMT Accept-Ranges: bytes ETag: "a6bd402b57a5cf1:157c" Server: IIS Content-Length: 25217 Content-Location: http://www.97665.com/js/jquery.validate.min.js Content-Type: application/x-javascript Last-Modified: Tue, 22 Jul 2014 02:46:42 GMT X-Powered-By: WAF/2.0 | clean |
http://www.97665.com/JS/messages_cn.js | HTTP/1.1 200 OK Date: Thu, 09 Oct 2014 13:53:40 GMT Accept-Ranges: bytes ETag: "4b44422b57a5cf1:157c" Server: IIS Content-Length: 3500 Content-Location: http://www.97665.com/JS/messages_cn.js Content-Type: application/x-javascript Last-Modified: Tue, 22 Jul 2014 02:46:42 GMT X-Powered-By: WAF/2.0 | clean |
http://www.97665.com/js/messages_cn.js | HTTP/1.1 200 OK Date: Thu, 09 Oct 2014 13:53:41 GMT Accept-Ranges: bytes ETag: "4b44422b57a5cf1:157c" Server: IIS Content-Length: 3500 Content-Location: http://www.97665.com/js/messages_cn.js Content-Type: application/x-javascript Last-Modified: Tue, 22 Jul 2014 02:46:42 GMT X-Powered-By: WAF/2.0 | clean |
http://www.97665.com/JS/jquery.pagination.js | HTTP/1.1 200 OK Date: Thu, 09 Oct 2014 13:53:42 GMT Accept-Ranges: bytes ETag: "856f402b57a5cf1:157c" Server: IIS Content-Length: 6491 Content-Location: http://www.97665.com/JS/jquery.pagination.js Content-Type: application/x-javascript Last-Modified: Tue, 22 Jul 2014 02:46:42 GMT X-Powered-By: WAF/2.0 | clean |
http://www.97665.com/js/jquery.pagination.js | HTTP/1.1 200 OK Date: Thu, 09 Oct 2014 13:53:43 GMT Accept-Ranges: bytes ETag: "856f402b57a5cf1:157c" Server: IIS Content-Length: 6491 Content-Location: http://www.97665.com/js/jquery.pagination.js Content-Type: application/x-javascript Last-Modified: Tue, 22 Jul 2014 02:46:42 GMT X-Powered-By: WAF/2.0 | clean |
http://www.97665.com/Templates/DefaultSkin/js/layout.js | HTTP/1.1 200 OK Date: Thu, 09 Oct 2014 13:53:44 GMT Accept-Ranges: bytes ETag: "40ed22a3c5d0cf1:157c" Server: IIS Content-Length: 3432 Content-Location: http://www.97665.com/Templates/DefaultSkin/js/layout.js Content-Type: application/x-javascript Last-Modified: Mon, 15 Sep 2014 09:15:48 GMT X-Powered-By: WAF/2.0 | clean |
http://www.97665.com/templates/defaultskin/js/layout.js | HTTP/1.1 200 OK Date: Thu, 09 Oct 2014 13:53:45 GMT Accept-Ranges: bytes ETag: "40ed22a3c5d0cf1:157c" Server: IIS Content-Length: 3432 Content-Location: http://www.97665.com/templates/defaultskin/js/layout.js Content-Type: application/x-javascript Last-Modified: Mon, 15 Sep 2014 09:15:48 GMT X-Powered-By: WAF/2.0 | clean |
http://97665.com/news/djbd/5048.html | HTTP/1.1 301 Moved Permanently Date: Thu, 09 Oct 2014 13:53:46 GMT Location: http://www.97665.com/news/djbd/5048.html Server: IIS Content-Length: 163 Content-Type: text/html X-Powered-By: WAF/2.0 | clean |
http://www.97665.com/news/djbd/5048.html | 200 OK Content-Length: 40755 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) window._bd_share_config = { "common": { "bdSnsKey": {}, "bdText": "", "bdMini": "2", "bdMiniList": false, "bdPic": "", "bdStyle": "0", "bdSize": "24" }, "share": {} }; with (document) 0[(getElementsByTagName('head')[0] || body).appendChild(createElement('script')).src = 'http://bdimg.share.baidu.com/static/api/js/share.js?v=89860593.js?cdnversion=' + ~(-new Date() / 36e5)]; Antivirus reports:
| ||
http://www.97665.com/news/ | 200 OK Content-Length: 14062 Content-Type: text/html | clean |
http://www.97665.com/JS/jquery-1.4.2.min.js | HTTP/1.1 200 OK Date: Thu, 09 Oct 2014 13:53:54 GMT Accept-Ranges: bytes ETag: "f980412b57a5cf1:157c" Server: IIS Content-Length: 73799 Content-Location: http://www.97665.com/JS/jquery-1.4.2.min.js Content-Type: application/x-javascript Last-Modified: Tue, 22 Jul 2014 02:46:42 GMT X-Powered-By: WAF/2.0 | clean |
http://www.97665.com/js/jquery-1.4.2.min.js | HTTP/1.1 200 OK Date: Thu, 09 Oct 2014 13:53:58 GMT Accept-Ranges: bytes ETag: "f980412b57a5cf1:157c" Server: IIS Content-Length: 73799 Content-Location: http://www.97665.com/js/jquery-1.4.2.min.js Content-Type: application/x-javascript Last-Modified: Tue, 22 Jul 2014 02:46:42 GMT X-Powered-By: WAF/2.0 | clean |
http://97665.com/news/djqpyx/ | HTTP/1.1 301 Moved Permanently Date: Thu, 09 Oct 2014 13:54:01 GMT Location: http://www.97665.com/news/djqpyx/ Server: IIS Content-Length: 156 Content-Type: text/html X-Powered-By: WAF/2.0 | clean |
http://www.97665.com/news/djqpyx/ | 200 OK Content-Length: 68545 Content-Type: text/html | clean |
http://97665.com/news/qpyxgl/ | HTTP/1.1 301 Moved Permanently Date: Thu, 09 Oct 2014 13:54:06 GMT Location: http://www.97665.com/news/qpyxgl/ Server: IIS Content-Length: 156 Content-Type: text/html X-Powered-By: WAF/2.0 | clean |
http://www.97665.com/news/qpyxgl/ | 200 OK Content-Length: 66496 Content-Type: text/html | clean |
http://97665.com/news/qpyxdq/ | HTTP/1.1 301 Moved Permanently Date: Thu, 09 Oct 2014 13:54:10 GMT Location: http://www.97665.com/news/qpyxdq/ Server: IIS Content-Length: 156 Content-Type: text/html X-Powered-By: WAF/2.0 | clean |
http://www.97665.com/news/qpyxdq/ | 200 OK Content-Length: 67423 Content-Type: text/html | clean |
http://97665.com/news/qpyxpt/ | HTTP/1.1 301 Moved Permanently Date: Thu, 09 Oct 2014 13:54:15 GMT Location: http://www.97665.com/news/qpyxpt/ Server: IIS Content-Length: 156 Content-Type: text/html X-Powered-By: WAF/2.0 | clean |
http://www.97665.com/news/qpyxpt/ | 200 OK Content-Length: 65283 Content-Type: text/html | clean |
http://97665.com/news/yxpc/ | HTTP/1.1 301 Moved Permanently Date: Thu, 09 Oct 2014 13:54:19 GMT Location: http://www.97665.com/news/yxpc/ Server: IIS Content-Length: 154 Content-Type: text/html X-Powered-By: WAF/2.0 | clean |
http://www.97665.com/news/yxpc/ | 200 OK Content-Length: 63690 Content-Type: text/html | clean |
http://97665.com/news/yxzb/ | HTTP/1.1 301 Moved Permanently Date: Thu, 09 Oct 2014 13:54:24 GMT Location: http://www.97665.com/news/yxzb/ Server: IIS Content-Length: 154 Content-Type: text/html X-Powered-By: WAF/2.0 | clean |
http://www.97665.com/news/yxzb/ | 200 OK Content-Length: 59049 Content-Type: text/html | clean |
http://97665.com/news/yxkx/ | HTTP/1.1 301 Moved Permanently Date: Thu, 09 Oct 2014 13:54:27 GMT Location: http://www.97665.com/news/yxkx/ Server: IIS Content-Length: 154 Content-Type: text/html X-Powered-By: WAF/2.0 | clean |
http://www.97665.com/news/yxkx/ | 200 OK Content-Length: 58011 Content-Type: text/html | clean |
http://97665.com/news/djbd/ | HTTP/1.1 301 Moved Permanently Date: Thu, 09 Oct 2014 13:54:32 GMT Location: http://www.97665.com/news/djbd/ Server: IIS Content-Length: 154 Content-Type: text/html X-Powered-By: WAF/2.0 | clean |
http://www.97665.com/news/djbd/ | 200 OK Content-Length: 58879 Content-Type: text/html | clean |
http://97665.com/news/jjyx/ | HTTP/1.1 301 Moved Permanently Date: Thu, 09 Oct 2014 13:54:36 GMT Location: http://www.97665.com/news/jjyx/ Server: IIS Content-Length: 154 Content-Type: text/html X-Powered-By: WAF/2.0 | clean |
http://www.97665.com/news/jjyx/ | 200 OK Content-Length: 58895 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: 97665.com
Result:
HTTP/1.1 301 Moved Permanently
Date: Thu, 09 Oct 2014 13:52:52 GMT
Location: http://www.97665.com/
Server: IIS
Content-Length: 144
Content-Type: text/html
X-Powered-By: WAF/2.0
...144 bytes of data.
GET / HTTP/1.1
Host: 97665.com
Result:
HTTP/1.1 301 Moved Permanently
Date: Thu, 09 Oct 2014 13:52:52 GMT
Location: http://www.97665.com/
Server: IIS
Content-Length: 144
Content-Type: text/html
X-Powered-By: WAF/2.0
...144 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: 97665.com
Referer: http://www.google.com/search?q=97665.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: 97665.com
Referer: http://www.google.com/search?q=97665.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=97665.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://97665.com/
Result: 97665.com is not infected or malware details are not published yet.
Result: 97665.com is not infected or malware details are not published yet.