Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=stw.cc
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://www.stw.cc/ | HTTP/1.1 200 OK Date: Sun, 05 Oct 2014 16:43:15 GMT Accept-Ranges: bytes ETag: "7468ee68f1c3ce1:7cd" Server: Microsoft-IIS/6.0 Content-Length: 81491 Content-Location: http://www.stw.cc/index.html Content-Type: text/html Last-Modified: Tue, 08 Oct 2013 06:41:25 GMT X-Powered-By: ASP.NET | clean |
http://www.stw.cc/index.html | 200 OK Content-Length: 81491 Content-Type: text/html | suspicious |
Page code contains blacklisted domain: goodlian.stw.cc <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<!--#include file="conn/conn.asp"--> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=gb2312" /> <title>ÈýͨÍøÊ×Ò³--ÈýͨÍøÊÇ̨ÍåÓë´ó½×îȨÍþ×îרҵµÄB2Bµç×ÓÉÌÎñóÒײɹºÉÌƽ̨</title> <meta content=" ...[4393 bytes skipped]... | ||
http://www.stw.cc/js/state.js | 200 OK Content-Length: 1384 Content-Type: application/x-javascript | clean |
http://www.stw.cc/js/hcuntil.js | 200 OK Content-Length: 17603 Content-Type: application/x-javascript | clean |
http://www.stw.cc/Blue/index_top.js | 200 OK Content-Length: 15538 Content-Type: application/x-javascript | malicious |
Malicious code found. Script contains blacklisted domain: en.stw.cc ...[529 bytes skipped]... t\" type=\"text\/javascript\">"); document.writeln("function bookmarkit(){window.external.addFavorite(\'http:\/\/www.stw.cc\',\'ÈýͨÍø\')}"); document.writeln("if (document.all)document.write(\'<a href=\"#\" onClick=\"bookmarkit()\">Ìí¼Óµ½ÊղؼÐ<\/a>\')"); document.writeln("<\/script>"); document.writeln(" <\/li>"); document.writeln(" <li class=\"right\"><a href=\"http://en.stw.cc/\" target=\"_blank\">Ó¢ ÎÄ °æ<\/a><\/li>"); document.writeln(" <li class=\"right\"><a name=\"translateLink\">·±ÌåÖÐÎÄ<\/a><\/li>"); document.writeln(" <li class=\"right\"><a href=\"/help/bin\" target=\"_blank\">°ïÖú<\/a><\/li>"); document.writeln(" <li class=\"right\"><a href=\"/member/index.asp\" target=\"_blank\">ÎÒµÄÉÌÎñÖÐÐÄ<\/a><\/li>"); document.writeln(" ...[3260 bytes skipped]... Decoded script: ...[172 bytes skipped]... or:hand" onclick="this.style.behavior='url(#default#homepage)';this.setHomePage('http://www.stw.cc')">ÉèΪÊ×Ò³</a></li> <li class="left"> function bookmarkit(){window.external.addFavorite('http://www.stw.cc','ÈýͨÍø')} if (document.all)document.write('<a href="#" onClick="bookmarkit()">Ìí¼Óµ½ÊղؼÐ</a>') </li> <li class="right"><a href="http://en.stw.cc/" target="_blank">Ó¢ ÎÄ °æ</a></li> <li class="right"><a name="translateLink">·±ÌåÖÐÎÄ</a></li> <li class="right"><a href="/help/bin" target="_blank">°ïÖú</a></li> <li class="right"><a href="/member/index.asp" target="_blank">ÎÒµÄÉÌÎñÖÐÐÄ</a></li> </ul> </div> </div> | ||
http://www.stw.cc/ajaxsearch.js | 200 OK Content-Length: 2486 Content-Type: application/x-javascript | clean |
http://www.stw.cc/urls/gg_show.asp?where=ÍøÕ¾Ê×Ò³&URLF=2 | 404 Not Found Content-Length: 1308 Content-Type: text/html | clean |
http://www.stw.cc/test404page.js | 404 Not Found Content-Length: 1308 Content-Type: text/html | clean |
http://www.stw.cc/urls/gg_show.asp?where=ÍøÕ¾Ê×Ò³&URLF=1 | 404 Not Found Content-Length: 1308 Content-Type: text/html | clean |
http://www.stw.cc/autokind/autokind.js | 200 OK Content-Length: 780 Content-Type: application/x-javascript | clean |
http://www.stw.cc/autokind/autokind_index.js | 200 OK Content-Length: 798 Content-Type: application/x-javascript | clean |
http://www.stw.cc/js/hdp.js | 200 OK Content-Length: 1426 Content-Type: application/x-javascript | clean |
http://s88.cnzz.com/stat.php?id=1667299&web_id=1667299&show=pic | 200 OK Content-Length: 9324 Content-Type: application/javascript | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: stw.cc
Result:
GET / HTTP/1.1
Host: stw.cc
Result:
Second query (visit from search engine):
GET / HTTP/1.1
Host: stw.cc
Referer: http://www.google.com/search?q=stw.cc
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: stw.cc
Referer: http://www.google.com/search?q=stw.cc
Result:
The result is similar to the first query. There are no suspicious redirects found.