Scanned pages/files
Request | Server response | Status |
http://www.g311.com/content/ | 404 Not Found Content-Length: 4603 Content-Type: text/html | clean |
http://www.g311.com/adfile/ad1.js | 200 OK Content-Length: 146 Content-Type: application/x-javascript | clean |
http://www.g311.com/sitemap.html | 200 OK Content-Length: 14455 Content-Type: text/html | clean |
http://www.g311.com/ | 200 OK Content-Length: 8518 Content-Type: text/html | clean |
http://www.g311.com/js/wudlink.js | 200 OK Content-Length: 1302 Content-Type: application/x-javascript | malicious |
Malicious code - confirmed by antiviruses (see below) document.write("<tr align=\"center\" class=\"q1\"><td height=\"25\"><a href=\"http://www.SF171.com/\" target=\"_blank\">¨£±Ø¼£·£¶ÀÏËæ·ç¨</a></td><td class=\"red\">ÐÂÇø½±Àø5000RMB</td><td><img src=\"../images/jrgd.gif\" width=\"150\" height=\"24\" /></td><td class=\"blue\">Ë«Ï߶à»ú¸ºÔØ</td><td>1.76ÀÏËæ·ç-Éý¼¶´ò±¦²»ÀÛ-Æ·ÅÆÖµµÃÐÅÄΨU</td><td>ȺºÅ:88082099</td><td><a href=\"http://www.SF171.com Antivirus reports:
| ||
http://www.g311.com/adfile/ad4.js | 200 OK Content-Length: 143 Content-Type: application/x-javascript | clean |
http://www.g311.com/js/info.js | 200 OK Content-Length: 201 Content-Type: application/x-javascript | clean |
http://count8.51yes.com/click.aspx?id=87036441&logo=1 | 200 OK Content-Length: 1773 Content-Type: text/html | clean |
http://count8.51yes.com/test404page.js | 404 Not Found Content-Length: 1308 Content-Type: text/html | clean |
http://www.g311.com/Sfadd.html | 200 OK Content-Length: 5741 Content-Type: text/html | clean |
http://www.g311.com/News/Index10.html | 200 OK Content-Length: 25812 Content-Type: text/html | clean |
http://www.g311.com/js/showpage.js | 200 OK Content-Length: 6588 Content-Type: application/x-javascript | clean |
http://www.g311.com/News/index9.html | 200 OK Content-Length: 32292 Content-Type: text/html | clean |
http://www.g311.com/Temp/downindex.asp | 200 OK Content-Length: 2586 Content-Type: text/html | clean |
http://www.g311.com/weburl/indss.asp | 200 OK Content-Length: 11270 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: g311.com
Result:
GET / HTTP/1.1
Host: g311.com
Result:
Second query (visit from search engine):
GET / HTTP/1.1
Host: g311.com
Referer: http://www.google.com/search?q=g311.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: g311.com
Referer: http://www.google.com/search?q=g311.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=g311.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://g311.com/
Result: g311.com is not infected or malware details are not published yet.
Result: g311.com is not infected or malware details are not published yet.