Cloudflare abuse - website has -web.51.la:82 code to be blocked!

Five times flagged and blacklisted here: https://www.virustotal.com/en/url/b85cae402675d326c248dbbadf36e99da5d86be95e36cdd3024d851a3fa54b38/analysis/1455225657/
Website x-powered-by: ASP.NET, PHP/5.2.17: running on yunjiasu-nginx
1 fail and 2 errors here: https://asafaweb.com/Scan?Url=powerhn.com%2Fnews%2Fshuang%2F1
Adblockers and MBAQM will block this malicious script site: -http://js.users.51.la/16695072.js
External scripts running from see: https://sritest.io/#report/7c4f8053-d71f-43b1-89b1-891e7b61a01b
Has jQuery library to retire: -http://www.anquan.org/seccenter/search/www.powerhn.com
Detected libraries:
jquery - 1.7.2 : (active1) -http://static.anquan.org/static/js/jquery.1.7.2-underscore.1.3.1-bootstrap.min.js?v=1361094500
Info: Severity: medium
http://bugs.jquery.com/ticket/11290
http://research.insecurelabs.org/jquery/test/
(active) - the library was also found to be active by running code
1 vulnerable library detected
And has the following insecurity:- 连云港华能电力_信誉评估报告_www.powerhn.com「安全联盟」 padlock icon
wXw.anquan.org
Alerts (1)
Insecure login (1)
Password will be transmited in clear to =http://www.anquan.org/login/?type=email
Infos (1)
Encryption (HTTPS) (1)
Communication is NOT encrypted

DrWeb missed detection. Reported for PHISHtank by Hayashi:
https://www.phishtank.com/user.php?username=Hayashi
Offline. 3349543. -http://www.powerhn.com/news/shuang/1/index.php… added on Jul 26th 2015 4:34 AM. by cleanmx. INVALID.

polonus (volunteer website security analyst and website error-hunter)

CloudFlare is way too easy to be abused and gone around :slight_smile:

Hi Steven Winderlich,

You are right, it is a kind of “half-baked” security, and that does not “taste” right.
It gives you two things you do not want - either security issues or performance issues. ;D

For the site I mentioned earlier in this thread another 25 potentially suspicious files were flagged by Quttera’s → http://quttera.com/detailed_report/powerhn.com Severity: Potentially Suspicious
Reason: Detected hidden potentially suspicious instructions
Details: Detected hidden CSS declaration

Could be abused as an attack code

[[<style type=text/css> .bsous{position:absolute; left:-2600px; top:-2200px;} </style>]]

→ htXp://powerhn.com/base/js/common.js vulnerable considering: http://www.domxssscanner.com/scan?url=http%3A%2F%2Fpowerhn.com%2Fproduct%2Fclass%2F14.html
JQuery Form Plugin - Results from scanning URL: -http://powerhn.com/base/js/common.js
Number of sources found: 13
Number of sinks found: 6

Damian