Scanned pages/files
| Request | Server response | Status |
http://www.mz17.cn/content/ | 200 OK Content-Length: 280 Content-Type: text/html | clean |
http://www.mz17.cn/ | HTTP/1.1 200 OK Date: Thu, 12 Jun 2014 03:58:57 GMT Accept-Ranges: bytes ETag: "1038b6433585cf1:28ad2" Server: Microsoft-IIS/6.0 Content-Length: 27546 Content-Location: http://www.mz17.cn/index.html Content-Type: text/html Last-Modified: Wed, 11 Jun 2014 05:23:23 GMT X-Powered-By: ASP.NET | clean |
http://www.mz17.cn/index.html | 200 OK Content-Length: 27546 Content-Type: text/html | clean |
http://www.mz17.cn/Templates/ÉÌҵģ°æ3-Ìì¿ÕÀ¶¿ÉÓÃ/html/style/jquery.js | 200 OK Content-Length: 31033 Content-Type: application/x-javascript | clean |
http://www.mz17.cn/Templates/ÉÌҵģ°æ3-Ìì¿ÕÀ¶¿ÉÓÃ/html/style/wpyou.js | 200 OK Content-Length: 2410 Content-Type: application/x-javascript | malicious |
Malicious code - confirmed by antiviruses (see below) $(function() {
$(".navi li").hover(function(){ $(this).find('ul:first').show("fast").css({visibility: "visible",display: "block"}); },function(){ $(this).find('ul:first').hide("fast").css({visibility: "hidden"}); }); }); $(function(){ var $title = $(".news h2 span"); var $content = $(".news ul"); $title.mousemove(function(){ var index = $title.index($(this)); $(this).addClass("mon").siblings().removeClass("m }); var MyTime = setInterval(function(){ showImg(index) index++; if(index==5){index=0;} } , 6000); }) function showImg(i){ $("#showimg img") .eq(i).stop(true,true).fadeIn(1000) .parent().siblings().find("img").hide(); $("#msg li") .eq(i).stop(true,true).fadeIn(1000) .siblings().hide(); $("#operate span") .eq(i).addClass("hov") .siblings().removeClass("hov"); } Antivirus reports:
| ||
http://www.mz17.cn/Templates/ÉÌҵģ°æ3-Ìì¿ÕÀ¶¿ÉÓÃ/html/style/l10n.js | 500 timeout Content-Length: 30 Content-Type: text/plain | clean |
http://www.mz17.cn/test404page.js | 404 Not Found Content-Length: 1308 Content-Type: text/html | clean |
http://www.mz17.cn/Templates/ÉÌҵģ°æ3-Ìì¿ÕÀ¶¿ÉÓÃ/html/style/jquery(1).js | 200 OK Content-Length: 23836 Content-Type: application/x-javascript | clean |
http://www.mz17.cn/js/comm.js | 200 OK Content-Length: 4377 Content-Type: application/x-javascript | clean |
http://links.webscan.360.cn/ | 200 OK Content-Length: 0 Content-Type: text/html | clean |
http://www.mz17.cn/inc/AspCms_Statistics.asp | 200 OK Content-Length: 0 Content-Type: text/html | clean |
http://www.mz17.cn/inc/AspCms_aStatistics.asp?act=t | 200 OK Content-Length: 18 Content-Type: text/html | clean |
http://www.mz17.cn/inc/AspCms_aStatistics.asp?act=y | 200 OK Content-Length: 18 Content-Type: text/html | clean |
http://www.mz17.cn/inc/AspCms_aStatistics.asp?act=m | 200 OK Content-Length: 19 Content-Type: text/html | clean |
http://www.mz17.cn/inc/AspCms_aStatistics.asp?act=a | 200 OK Content-Length: 19 Content-Type: text/html | clean |
http://www.mz17.cn/Templates/ÉÌҵģ°æ3-Ìì¿ÕÀ¶¿ÉÓÃ/html/wp-content/plugins/contact-form-7/jquery.form.js@ver=2.47 | 404 Not Found Content-Length: 1308 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: mz17.cn
Result:
GET / HTTP/1.1
Host: mz17.cn
Result:
Second query (visit from search engine):
GET / HTTP/1.1
Host: mz17.cn
Referer: http://www.google.com/search?q=mz17.cn
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: mz17.cn
Referer: http://www.google.com/search?q=mz17.cn
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=mz17.cn
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://mz17.cn/
Result: mz17.cn is not infected or malware details are not published yet.
Result: mz17.cn is not infected or malware details are not published yet.