New scan:

Malware Scanner report for mmbaby.net

Malicious/Suspicious/Total urls checked
1/0/17
1 page has malicious code. See details below
Blacklists
OK
Malicious Redirects
OK
Malicious/Hidden/Total iFrames
0/0/0
Deface / Content modification
OK

Free periodic scanning and alerting: setup
(requires eVuln badge or a link to eVuln.com)

Malware & Hack Repair

  • Malware Removal
  • Blacklists Removal
  • Reason Eliminating
  • 1 Month Hack Insurance

More details

Website Hack Insurance

  • Files & DB Monitoring
  • Daily Backups
  • Malware & Hack Detection
  • Unlimited Hack Repairs

More details

Scanned pages/files

RequestServer responseStatus
http://www.mmbaby.net/content/
404 Not Found
Content-Length: 2340
Content-Type: text/html
clean
http://www.mmbaby.net/
HTTP/1.1 301 Moved Permanently
Connection: close
Date: Fri, 04 Apr 2014 05:01:47 GMT
Location: portal.php
Server: Apache
Vary: Accept-Encoding,User-Agent
Content-Length: 0
Content-Type: text/html
X-Powered-By: PHP/5.2.17p1
clean
http://www.mmbaby.net/portal.php
200 OK
Content-Length: 144448
Content-Type: text/html
clean
http://www.mmbaby.net/data/cache/common.js?PXZ
200 OK
Content-Length: 60574
Content-Type: text/javascript
clean
http://www.mmbaby.net/data/cache/portal.js?PXZ
200 OK
Content-Length: 9945
Content-Type: text/javascript
clean
http://tcss.qq.com/ping.js?v=1PXZ
200 OK
Content-Length: 8909
Content-Type: application/x-javascript
clean
http://tajs.qq.com/stats?sId=26308567
200 OK
Content-Length: 6219
Content-Type: text/javascript
clean
http://www.mmbaby.net/home.php?mod=misc&ac=sendmail&rand=1396587707
200 OK
Content-Length: 0
Content-Type: text/javascript
clean
http://discuz.gtimg.cn/cloud/scripts/discuz_tips.js?v=1
200 OK
Content-Length: 6173
Content-Type: application/x-javascript
clean
http://www.mmbaby.net/member.php?mod=logging&action=login&referer=
200 OK
Content-Length: 23013
Content-Type: text/html
clean
http://www.mmbaby.net/home.php?mod=misc&ac=sendmail&rand=1396587721
200 OK
Content-Length: 0
Content-Type: text/javascript
clean
http://www.mmbaby.net/member.php?mod=register
200 OK
Content-Length: 27458
Content-Type: text/html
clean
http://www.mmbaby.net/data/cache/register.js?PXZ
200 OK
Content-Length: 9111
Content-Type: text/javascript
clean
http://www.mmbaby.net/home.php?mod=misc&ac=sendmail&rand=1396587723
200 OK
Content-Length: 0
Content-Type: text/javascript
clean
http://www.mmbaby.net/connect.php?mod=login&op=init&referer=http%3A%2F%2Fwww.mmbaby.net%2F.%2F&statfrom=login_simple
HTTP/1.1 302 Found
Connection: close
Date: Fri, 04 Apr 2014 05:02:06 GMT
Location: http://openapi.qzone.qq.com/oauth/qzoneoauth_authorize?oauth_consumer_key=310516837&oauth_token=9768145786500891197
Server: Apache
Vary: Accept-Encoding,User-Agent
Content-Length: 0
Content-Type: text/html; charset=gbk
Set-Cookie: UmnE_2132_saltkey=d6gYz8NY; expires=Sun, 04-May-2014 05:02:06 GMT; path=/; httponly
Set-Cookie: UmnE_2132_lastvisit=1396584126; expires=Sun, 04-May-2014 05:02:06 GMT; path=/
Set-Cookie: UmnE_2132_sid=tFfkAv; expires=Sat, 05-Apr-2014 05:02:06 GMT; path=/
Set-Cookie: UmnE_2132_lastact=1396587726%09connect.php%09login; expires=Sat, 05-Apr-2014 05:02:06 GMT; path=/
Set-Cookie: UmnE_2132_stats_qc_reg=deleted; expires=Thu, 04-Apr-2013 05:02:05 GMT; path=/
Set-Cookie: UmnE_2132_cloudstatpost=deleted; expires=Thu, 04-Apr-2013 05:02:05 GMT; path=/
Set-Cookie: UmnE_2132_con_request_token=deleted; expires=Thu, 04-Apr-2013 05:02:05 GMT; path=/
Set-Cookie: UmnE_2132_con_request_token_secret=deleted; expires=Thu, 04-Apr-2013 05:02:05 GMT; path=/
Set-Cookie: UmnE_2132_con_request_token=9768145786500891197; path=/
Set-Cookie: UmnE_2132_con_request_token_secret=pAc9sH29uWhWeP5x; path=/
X-Powered-By: PHP/5.2.17p1
clean
http://openapi.qzone.qq.com/oauth/qzoneoauth_authorize?oauth_consumer_key=310516837&oauth_token=9768145786500891197
200 OK
Content-Length: 9826
Content-Type: text/html
malicious
Malicious code - confirmed by antiviruses (see below)


document.write('<script src="http://qzonestyle.gtimg.cn/c/=/ac/qzfl/release/qzfl_for_qzone.js,/ac/qzfl/stat.js"><\/script>');
document.write('<script src="http://qzonestyle.gtimg.cn/qzone/openapi/oauth/common.js"><\/script>');
document.write('<script src="http://tajs.qq.com/stats?sId=16291955" charset="UTF-8"><\/script>');

Antivirus reports:

Kaspersky
HEUR:Trojan.Script.Generic
Microsoft
Trojan:JS/IframeRef.J

http://openapi.qzone.qq.com/test404page.js
200 OK
Content-Length: 58
Content-Type: text/html
clean

Malicious Redirects

First query (normal visit):
GET / HTTP/1.1
Host: mmbaby.net

Result:
Second query (visit from search engine):
GET / HTTP/1.1
Host: mmbaby.net
Referer: http://www.google.com/search?q=mmbaby.net

Result:
The result is similar to the first query. There are no suspicious redirects found.

Safe Browsing / Blacklists

Query: http://www.google.com/safebrowsing/diagnostic?site=mmbaby.net

Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://mmbaby.net/

Result: mmbaby.net is not infected or malware details are not published yet.