Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=vs520.com
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://www.vs520.com/ | HTTP/1.1 200 OK Date: Thu, 14 Aug 2014 16:52:23 GMT Accept-Ranges: bytes ETag: "ee853ec455b7cf1:d9e" Server: Microsoft-IIS/6.0 Content-Length: 43341 Content-Location: http://www.vs520.com/index.html Content-Type: text/html Last-Modified: Thu, 14 Aug 2014 00:22:00 GMT X-Powered-By: ASP.NET | clean |
http://www.vs520.com/index.html | 200 OK Content-Length: 43341 Content-Type: text/html | clean |
http://www.vs520.com/js/common.js | 200 OK Content-Length: 8205 Content-Type: application/x-javascript | clean |
http://www.vs520.com/js/function.js | 200 OK Content-Length: 14363 Content-Type: application/x-javascript | clean |
http://www.vs520.com/template/vs520cc/images/jianfan.js | 200 OK Content-Length: 18875 Content-Type: application/x-javascript | clean |
http://www.vs520.com/js/ads/quanzhan.js | 200 OK Content-Length: 142 Content-Type: application/x-javascript | clean |
http://www.vs520.com/js/ads/µã»÷×îÏÂÃæ.js | 200 OK Content-Length: 112 Content-Type: application/x-javascript | clean |
http://www.vs520.com/js/ads/shouyouxia.js | 200 OK Content-Length: 102 Content-Type: application/x-javascript | clean |
http://s6.cnzz.com/stat.php?id=5290331&web_id=5290331 | 200 OK Content-Length: 9321 Content-Type: application/javascript | clean |
http://www.vs520.com/list/index10.html | 200 OK Content-Length: 16200 Content-Type: text/html | clean |
http://js.adm.cnzz.net/js/abase.js | 200 OK Content-Length: 21394 Content-Type: application/x-javascript | malicious |
Malicious code - confirmed by antiviruses (see below) function FixedRealShow(){return document.body?(this.init.apply(this,arguments),void 0):!1}(function(window){function FnRegister(e,t){return w[e]||(w[e]=t)}function parseParams(e){var t=map[e];return t?{id:e||e,af:t.af||!1,did:t.aid||0,slotType:t.stype,isbefore:t.pop||0,htmlcode:t._html||0,width:t._w||0,height:t._h||0,stime:1e3*t.time||5e3,ptime:1e3*t.parktime||0,loadtime:1e3*t.loadtime||0,closePosition:t.cb||0,scroll:t.sc||0,position:t.pos||0,mleft:t._m_left||0,mtop:t._m_top||0,ip:t.ip||"",isifr Antivirus reports:
| ||
http://www.vs520.com/js/ads/250x200.js | 200 OK Content-Length: 114 Content-Type: application/x-javascript | clean |
http://www.vs520.com/js/ads/lanmuye.js | 200 OK Content-Length: 102 Content-Type: application/x-javascript | clean |
http://www.vs520.com/list/index11.html | 200 OK Content-Length: 15942 Content-Type: text/html | clean |
http://www.vs520.com/list/index12.html | 200 OK Content-Length: 15924 Content-Type: text/html | clean |
http://www.vs520.com/list/index13.html | 200 OK Content-Length: 15988 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: vs520.com
Result:
GET / HTTP/1.1
Host: vs520.com
Result:
Second query (visit from search engine):
GET / HTTP/1.1
Host: vs520.com
Referer: http://www.google.com/search?q=vs520.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: vs520.com
Referer: http://www.google.com/search?q=vs520.com
Result:
The result is similar to the first query. There are no suspicious redirects found.