Scanned pages/files
| Request | Server response | Status |
http://www.qmed.com/supplier-directory | 200 OK Content-Length: 53205 Content-Type: text/html | clean |
http://www.qmed.com/sites/default/files/js/js_c82255d14727886d1cde63f9f71553f0.js | 200 OK Content-Length: 112793 Content-Type: text/javascript | clean |
http://www.qmed.com/qmed_s_code.js | 200 OK Content-Length: 24695 Content-Type: text/javascript | clean |
http://www.qmed.com/ | 200 OK Content-Length: 46063 Content-Type: text/html | clean |
http://www.qmed.com/sites/default/files/js/js_7a3abc15067347007817dd9bef7d87bf.js | 200 OK Content-Length: 112793 Content-Type: text/javascript | clean |
http://www.qmed.com/user/login?destination=front | 200 OK Content-Length: 28720 Content-Type: text/html | clean |
http://www.qmed.com/sites/default/files/js/js_d77b7545f3364b0ca552433785f87c10.js | 200 OK Content-Length: 112332 Content-Type: text/javascript | clean |
http://www.qmed.com/user/ | HTTP/1.1 301 Moved Permanently Cache-Control: store, no-cache, must-revalidate, post-check=0, pre-check=0 Connection: close Date: Fri, 10 Jul 2015 19:45:49 GMT Via: 1.1 varnish Accept-Ranges: bytes Age: 0 Location: http://www.qmed.com/user Server: Apache/2.2.15 (Red Hat) Content-Length: 0 Content-Type: text/html; charset=utf-8 Expires: Sun, 19 Nov 1978 05:00:00 GMT Last-Modified: Fri, 10 Jul 2015 19:45:49 GMT Set-Cookie: SESSd84e5d3d475d6f3689d71f7a4a031f0d=rl3mmi6o79mc1oapqkkbe894u1; expires=Sun, 02-Aug-2015 23:19:09 GMT; path=/; domain=.qmed.com X-Cache: MISS X-Powered-By: PHP/5.2.17 X-Varnish: 1818625064 | clean |
http://www.qmed.com/user | 200 OK Content-Length: 28325 Content-Type: text/html | clean |
http://www.qmed.com/supplier-alpha | 200 OK Content-Length: 30377 Content-Type: text/html | clean |
http://www.qmed.com/sites/default/files/js/js_adfdc67262faefe3634468620febec19.js | 200 OK Content-Length: 122953 Content-Type: text/javascript | clean |
http://www.qmed.com/user/login?destination=supplier-alpha | 200 OK Content-Length: 28286 Content-Type: text/html | clean |
http://www.qmed.com/news | 200 OK Content-Length: 50451 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) <!--var speed_delay = 4000;var slide_speed = 500;var fpssLoaderDelay = 500;var CTRrotateAction = 'click'; Antivirus reports:
| ||
http://www.qmed.com/sites/default/files/js/js_42fc894a837de905c24c8877ae3618d9.js | 200 OK Content-Length: 123079 Content-Type: text/javascript | clean |
http://s7.addthis.com/js/250/addthis_widget.js | 200 OK Content-Length: 260831 Content-Type: text/javascript | clean |
http://www.qmed.com/sites/default/files/js/js_de97c6d37e5d600538b2fbd184caa16d.js | 200 OK Content-Length: 32714 Content-Type: text/javascript | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: qmed.com
Result:
GET / HTTP/1.1
Host: qmed.com
Result:
Second query (visit from search engine):
GET / HTTP/1.1
Host: qmed.com
Referer: http://www.google.com/search?q=qmed.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: qmed.com
Referer: http://www.google.com/search?q=qmed.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=qmed.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://qmed.com/
Result: qmed.com is not infected or malware details are not published yet.
Result: qmed.com is not infected or malware details are not published yet.