Malicious/Suspicious Redirects
Request | Server response | Status |
URL: http://www.tanshangji.net/ (imitation of visitor from search engine) GET / HTTP/1.1 Host: www.tanshangji.net Referer: http://www.google.com/search?q=redirect+check1 | HTTP/1.1 302 Moved Temporarily Connection: close Date: Wed, 07 May 2014 08:31:51 GMT Location: http://www.80667.net/ Server: Microsoft-IIS/6.0 Content-Type: text/html X-Powered-By: ASP.NET X-Powered-By: PHP/5.2.17 | malicious |
Scanned pages/files
Request | Server response | Status |
http://www.tanshangji.net/ | 200 OK Content-Length: 17227 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) var speed=30; var marquee_product2QsjA4g = document.getElementById("marquee_product2QsjA4g"); var marquee_product1QsjA4g = document.getElementById("marquee_product1QsjA4g"); var marquee_demoQsjA4g = document.getElementById("marquee_demoQsjA4g"); marquee_product2QsjA4g.innerHTML=marquee_product1QsjA4g.innerHTML; function MarqueeQsjA4g(){ if(marquee_demoQsjA4g.scrollLeft>=marquee_product1QsjA4g.scrollWidth){ marquee_demoQsjA4g.scrollLeft=0; } else{ marquee_demoQsjA4g.scrollLeft++; } } var MyMarQsjA4g=setInterval(MarqueeQsjA4g,speed); marquee_demoQsjA4g.onmouseover=function(){clearInterval(MyMarQsjA4g);} marquee_demoQsjA4g.onmouseout=function(){MyMarQsjA4g=setInterval(MarqueeQsjA4g,speed);} Antivirus reports:
| ||
http://www.tanshangji.net/tpl/jiaoyu/img/jquery-1.4.3.min.js | HTTP/1.1 200 OK Date: Wed, 07 May 2014 08:31:53 GMT Accept-Ranges: bytes ETag: "24782c99b870cd1:1087b" Server: Microsoft-IIS/6.0 Content-Length: 77910 Content-Location: http://www.tanshangji.net/tpl/jiaoyu/img/jquery-1.4.3.min.js Content-Type: application/x-javascript Last-Modified: Thu, 02 Aug 2012 14:10:40 GMT X-Powered-By: ASP.NET | clean |
http://www.tanshangji.net/test404page.js | 404 Not Found Content-Length: 1308 Content-Type: text/html | clean |
http://www.tanshangji.net/tpl/jiaoyu/img/droppy.js | HTTP/1.1 200 OK Date: Wed, 07 May 2014 08:31:56 GMT Accept-Ranges: bytes ETag: "24782c99b870cd1:1087b" Server: Microsoft-IIS/6.0 Content-Length: 1051 Content-Location: http://www.tanshangji.net/tpl/jiaoyu/img/droppy.js Content-Type: application/x-javascript Last-Modified: Thu, 02 Aug 2012 14:10:40 GMT X-Powered-By: ASP.NET | clean |
http://www.tanshangji.net/tpl/jiaoyu/img/thickbox.js | HTTP/1.1 200 OK Date: Wed, 07 May 2014 08:31:56 GMT Accept-Ranges: bytes ETag: "24782c99b870cd1:1087b" Server: Microsoft-IIS/6.0 Content-Length: 8901 Content-Location: http://www.tanshangji.net/tpl/jiaoyu/img/thickbox.js Content-Type: application/x-javascript Last-Modified: Thu, 02 Aug 2012 14:10:40 GMT X-Powered-By: ASP.NET | clean |
http://www.tanshangji.net/tpl/jiaoyu/img/helper.js | HTTP/1.1 200 OK Date: Wed, 07 May 2014 08:31:57 GMT Accept-Ranges: bytes ETag: "24782c99b870cd1:1087b" Server: Microsoft-IIS/6.0 Content-Length: 18647 Content-Location: http://www.tanshangji.net/tpl/jiaoyu/img/helper.js Content-Type: application/x-javascript Last-Modified: Thu, 02 Aug 2012 14:10:40 GMT X-Powered-By: ASP.NET | clean |
http://www.tanshangji.net/tpl/jiaoyu/img/png.js | HTTP/1.1 200 OK Date: Wed, 07 May 2014 08:31:58 GMT Accept-Ranges: bytes ETag: "24782c99b870cd1:1087b" Server: Microsoft-IIS/6.0 Content-Length: 2070 Content-Location: http://www.tanshangji.net/tpl/jiaoyu/img/png.js Content-Type: application/x-javascript Last-Modified: Thu, 02 Aug 2012 14:10:40 GMT X-Powered-By: ASP.NET | clean |
http://www.tanshangji.net/tpl/jiaoyu/img/picAutoZoom.js | HTTP/1.1 200 OK Date: Wed, 07 May 2014 08:31:59 GMT Accept-Ranges: bytes ETag: "24782c99b870cd1:1087b" Server: Microsoft-IIS/6.0 Content-Length: 7787 Content-Location: http://www.tanshangji.net/tpl/jiaoyu/img/picAutoZoom.js Content-Type: application/x-javascript Last-Modified: Thu, 02 Aug 2012 14:10:40 GMT X-Powered-By: ASP.NET | clean |
http://www.tanshangji.net/tpl/jiaoyu/img/picautozoom.js | HTTP/1.1 200 OK Date: Wed, 07 May 2014 08:32:00 GMT Accept-Ranges: bytes ETag: "24782c99b870cd1:1087b" Server: Microsoft-IIS/6.0 Content-Length: 7787 Content-Location: http://www.tanshangji.net/tpl/jiaoyu/img/picautozoom.js Content-Type: application/x-javascript Last-Modified: Thu, 02 Aug 2012 14:10:40 GMT X-Powered-By: ASP.NET | clean |
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=tanshangji.net
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://tanshangji.net/
Result: tanshangji.net is not infected or malware details are not published yet.
Result: tanshangji.net is not infected or malware details are not published yet.