Scanned pages/files
Request | Server response | Status |
http://kugou.com/ | HTTP/1.1 301 Moved Permanently Connection: close Date: Wed, 20 Aug 2014 11:54:46 GMT Location: http://www.kugou.com Content-Length: 286 Content-Type: text/html | clean |
http://www.kugou.com/ | 200 OK Content-Length: 216951 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) window._bd_share_config={ "common":{ "bdSnsKey":{}, "bdText":"é ·çé³ä¹å®æ¹ç½ç«ï¼ä¸å½æ£çé³ä¹ç½ç«ï¼æä¾æä¾ææ°æå¿«æå ¨ææ¹ä¾¿å¿«æ·çé³ä¹èµæºå¨çº¿æ¶å¬ãä¸è½½æå¡", "bdMini":"2", "bdMiniList":false, "bdPic":"", "bdStyle":"0", "bdSize":"16" }, "slide":{"type":"slide","bdImg":"2","bdPos":"right","bdTop":"250"}}; with(document)0[(getElementsByTagName('head')[0]||body).appendChild(createElement('script')).src='http://bdimg.share.baidu.com/static/api/js/share.js?v=89860593.js?cdnversion='+~(-new Date()/36e5)]; Antivirus reports:
| ||
http://www.kugou.com/common/js/kugouStat.js | 200 OK Content-Length: 1508 Content-Type: application/x-javascript | clean |
http://www.kugou.com/yy/static/js/Tab-min.js?201407081540 | 200 OK Content-Length: 2377 Content-Type: application/x-javascript | clean |
http://www.kugou.com/yy/static/js/lazyload-min.js?201407081540 | 200 OK Content-Length: 1334 Content-Type: application/x-javascript | clean |
http://s15.cnzz.com/stat.php?id=3668490&web_id=3668490 | 200 OK Content-Length: 9322 Content-Type: application/javascript | clean |
http://js.tongji.linezing.com/1068373/tongji.js | 200 OK Content-Length: 12835 Content-Type: application/x-javascript | clean |
http://kugou.com/test404page.js | HTTP/1.1 301 Moved Permanently Connection: close Date: Wed, 20 Aug 2014 11:54:56 GMT Location: http://www.kugou.com Content-Length: 286 Content-Type: text/html | clean |
http://www.kugou.com/test404page.js | 404 Not Found Content-Length: 9503 Content-Type: text/html | clean |
http://www.kugou.com/job/hr/html/index.html | 200 OK Content-Length: 8016 Content-Type: text/html | clean |
http://static.kugoo.com/common/js-lib/min/base-min.js | 200 OK Content-Length: 16296 Content-Type: application/x-javascript | clean |
http://static.kugoo.com/common/js-lib/min/Focus-min.js | 200 OK Content-Length: 3194 Content-Type: application/x-javascript | clean |
http://tjs.sjs.sinajs.cn/open/api/js/wb.js | 200 OK Content-Length: 34223 Content-Type: application/x-javascript | clean |
http://www.kugou.com/company/partners.html | 200 OK Content-Length: 8834 Content-Type: text/html | clean |
http://www.kugou.com/imusic/ | 200 OK Content-Length: 70404 Content-Type: text/html | clean |
http://www.kugou.com/imusic/static/js/jquery.min.1.4.2.js?201404171443 | 200 OK Content-Length: 70995 Content-Type: application/x-javascript | clean |
http://www.kugou.com/imusic/static/js/ting.js?201404171443 | 200 OK Content-Length: 5811 Content-Type: application/x-javascript | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: kugou.com
Result:
HTTP/1.1 301 Moved Permanently
Connection: close
Date: Wed, 20 Aug 2014 11:54:46 GMT
Location: http://www.kugou.com
Content-Length: 286
Content-Type: text/html
...286 bytes of data.
GET / HTTP/1.1
Host: kugou.com
Result:
HTTP/1.1 301 Moved Permanently
Connection: close
Date: Wed, 20 Aug 2014 11:54:46 GMT
Location: http://www.kugou.com
Content-Length: 286
Content-Type: text/html
...286 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: kugou.com
Referer: http://www.google.com/search?q=kugou.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: kugou.com
Referer: http://www.google.com/search?q=kugou.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=kugou.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://kugou.com/
Result: kugou.com is not infected or malware details are not published yet.
Result: kugou.com is not infected or malware details are not published yet.