Scanned pages/files
Request | Server response | Status |
http://q-elevator.com/ | 200 OK Content-Length: 41844 Content-Type: text/html | suspicious |
Deface/Content modification. The following signature was found: Hacked By Ashiyane Digital Security Team ...[35165 bytes skipped]... /> <a href="http://q-elevator.com/2010/10/03/hacked-by-iranian/#comments" class="ds-thread-count" data-thread-key="492" title="ãæ¿èä¼æ人æ°éç±ãä¸çè¯è®º">6 æ¡åå¤</a> </div><!-- .comments-link --> </header><!-- .entry-header --> <div class="entry-content"> <p><img style="display: inline; border: 0px;" title="Hacked By Ashiyane Digital Security Team" src="http://q-elevator.com/wp-content/uploads/2010/10/HackedByAshiyaneDigitalSecurityTeam.png" border="0" alt="Hacked By Ashiyane Digital Security Team" width="613" height="314" /></p> <p>è®¸ä¹ æ²¡ç®¡è¿éäºãå½åºèç¬èªå® å¨å®¿èï¼æ³æ³è¯¥åç¹å¥ï¼äºæ¯æ¥å°è¿éï¼å´åç°äºå¦ä¸å¾çç»é¢ï½ï½</p> <p>è¿è¯´æï¼æ被é»äºï¼è¢«ä¼æ人æ°ã</p> <p>çå°è¿ä¸ªç»é¢æä¸ç¦æäºç ...[11515 bytes skipped]... | ||
http://static.duoshuo.com/embed.js | 200 OK Content-Length: 55743 Content-Type: application/x-javascript | clean |
http://q-elevator.com/wp-content/themes/twentytwelve/js/navigation.js?ver=1.0 | 200 OK Content-Length: 863 Content-Type: application/javascript | clean |
http://q-elevator.com/archives/ | 200 OK Content-Length: 5850 Content-Type: text/html | clean |
http://www.bshare.cn/button.js | HTTP/1.1 301 Moved Permanently Connection: close Date: Sat, 06 Dec 2014 18:00:26 GMT Location: http://static.bshare.cn/b/button.js Server: nginx Content-Length: 178 Content-Type: text/html SID: web2 | clean |
http://static.bshare.cn/b/button.js | 200 OK Content-Length: 21552 Content-Type: application/x-javascript | clean |
http://q-elevator.com/guest-book/ | 200 OK Content-Length: 6261 Content-Type: text/html | clean |
http://q-elevator.com/wp-includes/js/comment-reply.min.js?ver=3.5.1 | 200 OK Content-Length: 786 Content-Type: application/javascript | clean |
http://q-elevator.com/test404page.js | 404 Not Found Content-Length: 5475 Content-Type: text/html | clean |
http://q-elevator.com/2012/06/07/gaokao-2012/ | 200 OK Content-Length: 16163 Content-Type: text/html | clean |
http://q-elevator.com/category/%e8%83%a1%e8%af%b4%e5%85%ab%e9%81%93/ | 200 OK Content-Length: 40757 Content-Type: text/html | clean |
http://q-elevator.com/author/admin/ | 200 OK Content-Length: 42619 Content-Type: text/html | clean |
http://q-elevator.com/author/admin/page/2/ | 200 OK Content-Length: 39984 Content-Type: text/html | clean |
http://q-elevator.com/author/admin/page/3/ | 200 OK Content-Length: 34729 Content-Type: text/html | clean |
http://q-elevator.com/author/admin/page/4/ | 200 OK Content-Length: 32117 Content-Type: text/html | clean |
http://q-elevator.com/author/admin/page/5/ | 200 OK Content-Length: 34895 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: q-elevator.com
Result:
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Sat, 06 Dec 2014 18:00:12 GMT
Pragma: no-cache
Server: Apache
Content-Type: text/html; charset=UTF-8
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Set-Cookie: PHPSESSID=c9b218d7d36d550f07347afc3acb041c; path=/
X-Pingback: http://q-elevator.com/xmlrpc.php
X-Powered-By: PHP/5.3.28
GET / HTTP/1.1
Host: q-elevator.com
Result:
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Sat, 06 Dec 2014 18:00:12 GMT
Pragma: no-cache
Server: Apache
Content-Type: text/html; charset=UTF-8
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Set-Cookie: PHPSESSID=c9b218d7d36d550f07347afc3acb041c; path=/
X-Pingback: http://q-elevator.com/xmlrpc.php
X-Powered-By: PHP/5.3.28
Second query (visit from search engine):
GET / HTTP/1.1
Host: q-elevator.com
Referer: http://www.google.com/search?q=q-elevator.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: q-elevator.com
Referer: http://www.google.com/search?q=q-elevator.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=q-elevator.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://q-elevator.com/
Result: q-elevator.com is not infected or malware details are not published yet.
Result: q-elevator.com is not infected or malware details are not published yet.