Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: q8sites.com
Result:
HTTP/1.1 200 OK
Cache-Control: private
Date: Fri, 16 May 2014 18:05:18 GMT
Server: Microsoft-IIS/7.5
Vary: Accept-Encoding
Content-Length: 70077
Content-Type: text/html; charset=utf-8
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
X-Powered-By-Plesk: PleskWin
...70077 bytes of data.
GET / HTTP/1.1
Host: q8sites.com
Result:
HTTP/1.1 200 OK
Cache-Control: private
Date: Fri, 16 May 2014 18:05:18 GMT
Server: Microsoft-IIS/7.5
Vary: Accept-Encoding
Content-Length: 70077
Content-Type: text/html; charset=utf-8
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
X-Powered-By-Plesk: PleskWin
...70077 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: q8sites.com
Referer: http://www.google.com/search?q=q8sites.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: q8sites.com
Referer: http://www.google.com/search?q=q8sites.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Scanned pages/files
| Request | Server response | Status |
http://q8sites.com/ | 200 OK Content-Length: 70077 Content-Type: text/html | clean |
http://q8sites.com/WebResource.axd?d=uFAizBL_2VoDxtJb6jJ4-w11CuZBrIscEVPTMssMrR0n2dSB3sINlRruLZAJzzcS9ub104MUIjXAZ21qBLjEl7HsqkwNDo_8FRzB0WZyCac1&t=635195661120000000 | 200 OK Content-Length: 22346 Content-Type: application/x-javascript | clean |
http://q8sites.com/ScriptResource.axd?d=u0-zrGUy6bBqV9UEc0PJy42oaqBfv0JNpsEcWTwiENfe85VA_-k-VV0EVsi_ajRX9o-vBOhTBaX2cEzszATfWaWUKpnrOK4RUuBfd5wmpZBkxQK7yQo_18SahuDE8S3d0&t=3a1336b1 | 200 OK Content-Length: 87844 Content-Type: application/x-javascript | clean |
http://q8sites.com/ScriptResource.axd?d=4Kj2c71mLleRAbFYH7VYxB4FnXYm4WrpnLd6yX0evwdvPC3LBDWoXYoU_ikZW3XlyTDFT17a0RxCXntWL3keXKSZjIAznRydXoh_HA6UMBJ_CRL_UK6D3Z92eg6ynXIBE1QkJ5RRh78hUjXAPUxS4g2&t=3a1336b1 | 200 OK Content-Length: 37189 Content-Type: application/x-javascript | clean |
http://www.statcounter.com/counter/counter.js | 200 OK Content-Length: 9028 Content-Type: application/x-javascript | clean |
http://q8sites.com/sid86.aspx | 200 OK Content-Length: 65979 Content-Type: text/html | clean |
http://q8sites.com/sid44.aspx | 200 OK Content-Length: 63724 Content-Type: text/html | clean |
http://q8sites.com/sid101.aspx | 200 OK Content-Length: 61330 Content-Type: text/html | clean |
http://q8sites.com/sid56.aspx | 200 OK Content-Length: 63477 Content-Type: text/html | clean |
http://q8sites.com/sid34.aspx | 200 OK Content-Length: 66704 Content-Type: text/html | clean |
http://q8sites.com/sid22.aspx | 200 OK Content-Length: 64374 Content-Type: text/html | clean |
http://q8sites.com/sid8.aspx | 200 OK Content-Length: 65738 Content-Type: text/html | clean |
http://q8sites.com/sid70.aspx | 200 OK Content-Length: 58343 Content-Type: text/html | clean |
http://q8sites.com/sid55.aspx | 200 OK Content-Length: 70081 Content-Type: text/html | clean |
http://q8sites.com/sid40.aspx | 200 OK Content-Length: 66471 Content-Type: text/html | clean |
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=q8sites.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://q8sites.com/
Result: q8sites.com is not infected or malware details are not published yet.
Result: q8sites.com is not infected or malware details are not published yet.