Scanned pages/files
Request | Server response | Status |
http://www.webeasy.cc/ | 200 OK Content-Length: 31496 Content-Type: text/html | clean |
http://tajs.qq.com/stats?sId=8946633 | 200 OK Content-Length: 6254 Content-Type: text/javascript | clean |
http://www.webeasy.cc/service/contact/ | 200 OK Content-Length: 11971 Content-Type: text/html | clean |
http://www.webeasy.cc/service/contact/../qqLogin/redirect_to_login.php | 404 Not Found Content-Length: 1054 Content-Type: text/html | clean |
http://www.webeasy.cc/test404page.js | 404 Not Found Content-Length: 1054 Content-Type: text/html | clean |
http://www.webeasy.cc/about/ | 200 OK Content-Length: 13867 Content-Type: text/html | clean |
http://www.webeasy.cc/about/../qqLogin/redirect_to_login.php | HTTP/1.1 302 Found Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Connection: close Date: Mon, 16 Jun 2014 03:01:18 GMT Pragma: no-cache Location: http://openapi.qzone.qq.com/oauth/qzoneoauth_authorize?oauth_consumer_key=100304646&oauth_token=7895361921846264308&oauth_callback=http%3A%2F%2Fwww.webeasy.cc%2FqqLogin%2Fget_access_token.php Server: Apache/2.4.4 (Win32) OpenSSL/0.9.8y PHP/5.4.16 Content-Length: 0 Content-Type: text/html Expires: Thu, 19 Nov 1981 08:52:00 GMT Set-Cookie: PHPSESSID=6p5nmrb5f56sbah4sd049spra6; path=/ X-Powered-By: PHP/5.4.16 | clean |
http://openapi.qzone.qq.com/oauth/qzoneoauth_authorize?oauth_consumer_key=100304646&oauth_token=7895361921846264308&oauth_callback=http%3a%2f%2fwww.webeasy.cc%2fqqlogin%2fget_access_token.php | 200 OK Content-Length: 9850 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) document.write('<script src="http://qzonestyle.gtimg.cn/c/=/ac/qzfl/release/qzfl_for_qzone.js,/ac/qzfl/stat.js"><\/script>'); document.write('<script src="http://qzonestyle.gtimg.cn/qzone/openapi/oauth/common.js"><\/script>'); document.write('<script src="http://tajs.qq.com/stats?sId=16291955" charset="UTF-8"><\/script>'); Antivirus reports:
| ||
http://www.webeasy.cc/news/ | 200 OK Content-Length: 16747 Content-Type: text/html | clean |
http://www.webeasy.cc/news/../qqLogin/redirect_to_login.php | HTTP/1.1 302 Found Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Connection: close Date: Mon, 16 Jun 2014 03:01:22 GMT Pragma: no-cache Location: http://openapi.qzone.qq.com/oauth/qzoneoauth_authorize?oauth_consumer_key=100304646&oauth_token=9622392167320717012&oauth_callback=http%3A%2F%2Fwww.webeasy.cc%2FqqLogin%2Fget_access_token.php Server: Apache/2.4.4 (Win32) OpenSSL/0.9.8y PHP/5.4.16 Content-Length: 0 Content-Type: text/html Expires: Thu, 19 Nov 1981 08:52:00 GMT Set-Cookie: PHPSESSID=ckkvre1lflmrbuo87q6oarjae6; path=/ X-Powered-By: PHP/5.4.16 | clean |
http://openapi.qzone.qq.com/oauth/qzoneoauth_authorize?oauth_consumer_key=100304646&oauth_token=9622392167320717012&oauth_callback=http%3a%2f%2fwww.webeasy.cc%2fqqlogin%2fget_access_token.php | 200 OK Content-Length: 9850 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) document.write('<script src="http://qzonestyle.gtimg.cn/c/=/ac/qzfl/release/qzfl_for_qzone.js,/ac/qzfl/stat.js"><\/script>'); document.write('<script src="http://qzonestyle.gtimg.cn/qzone/openapi/oauth/common.js"><\/script>'); document.write('<script src="http://tajs.qq.com/stats?sId=16291955" charset="UTF-8"><\/script>'); Antivirus reports:
| ||
http://www.webeasy.cc/product/ | 200 OK Content-Length: 12400 Content-Type: text/html | clean |
http://www.webeasy.cc/product/../qqLogin/redirect_to_login.php | HTTP/1.1 302 Found Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Connection: close Date: Mon, 16 Jun 2014 03:01:26 GMT Pragma: no-cache Location: http://openapi.qzone.qq.com/oauth/qzoneoauth_authorize?oauth_consumer_key=100304646&oauth_token=15187988331474152585&oauth_callback=http%3A%2F%2Fwww.webeasy.cc%2FqqLogin%2Fget_access_token.php Server: Apache/2.4.4 (Win32) OpenSSL/0.9.8y PHP/5.4.16 Content-Length: 0 Content-Type: text/html Expires: Thu, 19 Nov 1981 08:52:00 GMT Set-Cookie: PHPSESSID=ddb4k0qa7fk8hk4dh9lj1rc5f5; path=/ X-Powered-By: PHP/5.4.16 | clean |
http://openapi.qzone.qq.com/oauth/qzoneoauth_authorize?oauth_consumer_key=100304646&oauth_token=15187988331474152585&oauth_callback=http%3a%2f%2fwww.webeasy.cc%2fqqlogin%2fget_access_token.php | 200 OK Content-Length: 9850 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) document.write('<script src="http://qzonestyle.gtimg.cn/c/=/ac/qzfl/release/qzfl_for_qzone.js,/ac/qzfl/stat.js"><\/script>'); document.write('<script src="http://qzonestyle.gtimg.cn/qzone/openapi/oauth/common.js"><\/script>'); document.write('<script src="http://tajs.qq.com/stats?sId=16291955" charset="UTF-8"><\/script>'); Antivirus reports:
| ||
http://www.webeasy.cc/case/ | 200 OK Content-Length: 4069 Content-Type: text/html | clean |
http://www.webeasy.cc/case/../qqLogin/redirect_to_login.php | HTTP/1.1 302 Found Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Connection: close Date: Mon, 16 Jun 2014 03:01:33 GMT Pragma: no-cache Location: http://openapi.qzone.qq.com/oauth/qzoneoauth_authorize?oauth_consumer_key=100304646&oauth_token=17001465365883711810&oauth_callback=http%3A%2F%2Fwww.webeasy.cc%2FqqLogin%2Fget_access_token.php Server: Apache/2.4.4 (Win32) OpenSSL/0.9.8y PHP/5.4.16 Content-Length: 0 Content-Type: text/html Expires: Thu, 19 Nov 1981 08:52:00 GMT Set-Cookie: PHPSESSID=k2ku1vbvds1og3nutgns95mgv1; path=/ X-Powered-By: PHP/5.4.16 | clean |
http://openapi.qzone.qq.com/oauth/qzoneoauth_authorize?oauth_consumer_key=100304646&oauth_token=17001465365883711810&oauth_callback=http%3a%2f%2fwww.webeasy.cc%2fqqlogin%2fget_access_token.php | 200 OK Content-Length: 9850 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) document.write('<script src="http://qzonestyle.gtimg.cn/c/=/ac/qzfl/release/qzfl_for_qzone.js,/ac/qzfl/stat.js"><\/script>'); document.write('<script src="http://qzonestyle.gtimg.cn/qzone/openapi/oauth/common.js"><\/script>'); document.write('<script src="http://tajs.qq.com/stats?sId=16291955" charset="UTF-8"><\/script>'); Antivirus reports:
| ||
http://www.webeasy.cc/service/ | 200 OK Content-Length: 11702 Content-Type: text/html | clean |
http://www.webeasy.cc/service/../qqLogin/redirect_to_login.php | HTTP/1.1 302 Found Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Connection: close Date: Mon, 16 Jun 2014 03:01:37 GMT Pragma: no-cache Location: http://openapi.qzone.qq.com/oauth/qzoneoauth_authorize?oauth_consumer_key=100304646&oauth_token=6047326961399919201&oauth_callback=http%3A%2F%2Fwww.webeasy.cc%2FqqLogin%2Fget_access_token.php Server: Apache/2.4.4 (Win32) OpenSSL/0.9.8y PHP/5.4.16 Content-Length: 0 Content-Type: text/html Expires: Thu, 19 Nov 1981 08:52:00 GMT Set-Cookie: PHPSESSID=epta3u6c92uflhalv47gubtfh6; path=/ X-Powered-By: PHP/5.4.16 | clean |
http://openapi.qzone.qq.com/oauth/qzoneoauth_authorize?oauth_consumer_key=100304646&oauth_token=6047326961399919201&oauth_callback=http%3a%2f%2fwww.webeasy.cc%2fqqlogin%2fget_access_token.php | 200 OK Content-Length: 9850 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) document.write('<script src="http://qzonestyle.gtimg.cn/c/=/ac/qzfl/release/qzfl_for_qzone.js,/ac/qzfl/stat.js"><\/script>'); document.write('<script src="http://qzonestyle.gtimg.cn/qzone/openapi/oauth/common.js"><\/script>'); document.write('<script src="http://tajs.qq.com/stats?sId=16291955" charset="UTF-8"><\/script>'); Antivirus reports:
|
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: webeasy.cc
Result:
GET / HTTP/1.1
Host: webeasy.cc
Result:
Second query (visit from search engine):
GET / HTTP/1.1
Host: webeasy.cc
Referer: http://www.google.com/search?q=webeasy.cc
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: webeasy.cc
Referer: http://www.google.com/search?q=webeasy.cc
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=webeasy.cc
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://webeasy.cc/
Result: webeasy.cc is not infected or malware details are not published yet.
Result: webeasy.cc is not infected or malware details are not published yet.