Scanned pages/files
| Request | Server response | Status |
http://www.qimayukansha.com/content/ | 404 Not Found Content-Length: 532 Content-Type: text/html | clean |
http://www.qimayukansha.com/ | 200 OK Content-Length: 73448 Content-Type: text/html | clean |
http://www.qimayukansha.com/static/js/common.js?ZPy | 200 OK Content-Length: 64933 Content-Type: application/x-javascript | clean |
http://www.qimayukansha.com/static/js/portal.js?ZPy | 200 OK Content-Length: 11314 Content-Type: application/x-javascript | clean |
http://www.qimayukansha.com/static/js/logging.js?ZPy | 200 OK Content-Length: 603 Content-Type: application/x-javascript | clean |
http://www.qimayukansha.com/static/js/md5.js?ZPy | 200 OK Content-Length: 5734 Content-Type: application/x-javascript | clean |
http://www.qimayukansha.com/source/plugin/fx_checkin/calendar.js | 200 OK Content-Length: 3530 Content-Type: application/x-javascript | clean |
http://www.qimayukansha.com/home.php?mod=misc&ac=sendmail&rand=1399219749 | 200 OK Content-Length: 0 Content-Type: text/javascript | clean |
http://discuz.gtimg.cn/cloud/scripts/discuz_tips.js?v=1 | 200 OK Content-Length: 6173 Content-Type: application/x-javascript | clean |
http://www.qimayukansha.com/shortcut.php | 200 OK Content-Length: 198 Content-Type: application/octet-stream | clean |
http://www.qimayukansha.com/test404page.js | 404 Not Found Content-Length: 532 Content-Type: text/html | clean |
http://www.qimayukansha.com/member.php?mod=register | 200 OK Content-Length: 19629 Content-Type: text/html | clean |
http://www.qimayukansha.com/static/js/register.js?ZPy | 200 OK Content-Length: 10519 Content-Type: application/x-javascript | clean |
http://www.qimayukansha.com/home.php?mod=misc&ac=sendmail&rand=1399219760 | 200 OK Content-Length: 0 Content-Type: text/javascript | clean |
http://www.qimayukansha.com/connect.php?mod=login&op=init&referer=http%3A%2F%2Fwww.qimayukansha.com%2F.%2F&statfrom=login_simple | HTTP/1.1 302 Moved Temporarily Connection: close Date: Sun, 04 May 2014 16:09:23 GMT Location: http://openapi.qzone.qq.com/oauth/qzoneoauth_authorize?oauth_consumer_key=310616200&oauth_token=12676450310685249970 Server: nginx/1.0.15 Content-Type: text/html; charset=gbk Set-Cookie: 8sYK_2132_saltkey=lv19CisF; expires=Tue, 03-Jun-2014 16:09:23 GMT; path=/; httponly Set-Cookie: 8sYK_2132_lastvisit=1399216163; expires=Tue, 03-Jun-2014 16:09:23 GMT; path=/ Set-Cookie: 8sYK_2132_sid=H494Qq; expires=Mon, 05-May-2014 16:09:23 GMT; path=/ Set-Cookie: 8sYK_2132_lastact=1399219763%09connect.php%09login; expires=Mon, 05-May-2014 16:09:23 GMT; path=/ Set-Cookie: 8sYK_2132_con_request_token=deleted; expires=Sat, 04-May-2013 16:09:22 GMT; path=/ Set-Cookie: 8sYK_2132_con_request_token_secret=deleted; expires=Sat, 04-May-2013 16:09:22 GMT; path=/ Set-Cookie: 8sYK_2132_con_request_token=12676450310685249970; path=/ Set-Cookie: 8sYK_2132_con_request_token_secret=bPsJBZC9WAInI4iy; path=/ Thanks: Welcome to our website! X-Powered-By: PHP/5.2.17p1 | clean |
http://openapi.qzone.qq.com/oauth/qzoneoauth_authorize?oauth_consumer_key=310616200&oauth_token=12676450310685249970 | 200 OK Content-Length: 9832 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) document.write('<script src="http://qzonestyle.gtimg.cn/c/=/ac/qzfl/release/qzfl_for_qzone.js,/ac/qzfl/stat.js"><\/script>'); document.write('<script src="http://qzonestyle.gtimg.cn/qzone/openapi/oauth/common.js"><\/script>'); document.write('<script src="http://tajs.qq.com/stats?sId=16291955" charset="UTF-8"><\/script>'); Antivirus reports:
| ||
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: qimayukansha.com
Result:
GET / HTTP/1.1
Host: qimayukansha.com
Result:
Second query (visit from search engine):
GET / HTTP/1.1
Host: qimayukansha.com
Referer: http://www.google.com/search?q=qimayukansha.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: qimayukansha.com
Referer: http://www.google.com/search?q=qimayukansha.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=qimayukansha.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://qimayukansha.com/
Result: qimayukansha.com is not infected or malware details are not published yet.
Result: qimayukansha.com is not infected or malware details are not published yet.