Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=xqqr.com
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://xqqr.com/ | HTTP/1.1 301 Moved Permanently Connection: close Date: Tue, 27 Jan 2015 01:03:40 GMT Location: http://www.xqqr.com Server: nginx/1.3.11 Content-Type: text/html; charset=UTF-8 X-Powered-By: PHP/5.4.28 X-Powered-By: ASP.NET | clean |
http://www.xqqr.com/ | 200 OK Content-Length: 29411 Content-Type: text/html | clean |
http://www.xqqr.com/static/js/common.js?cQA | 200 OK Content-Length: 63289 Content-Type: application/x-javascript | clean |
http://xqqr.com/static/js/forum.js?cQA | 200 OK Content-Length: 22720 Content-Type: application/x-javascript | clean |
http://xqqr.com/static/js/logging.js?cQA | 200 OK Content-Length: 603 Content-Type: application/x-javascript | clean |
http://tcss.qq.com/ping.js?v=1cQA | 200 OK Content-Length: 8909 Content-Type: application/x-javascript | clean |
http://js.users.51.la/17604686.js | 200 OK Content-Length: 1931 Content-Type: application/x-javascript | clean |
http://xqqr.com/home.php?mod=misc&ac=sendmail&rand=1422320616 | 200 OK Content-Length: 0 Content-Type: text/javascript | clean |
http://discuz.gtimg.cn/cloud/scripts/discuz_tips.js?v=1 | 200 OK Content-Length: 6173 Content-Type: application/x-javascript | clean |
http://xqqr.com/member.php?mod=register | 200 OK Content-Length: 17276 Content-Type: text/html | clean |
http://xqqr.com/static/js/common.js?cQA | 200 OK Content-Length: 63289 Content-Type: application/x-javascript | clean |
http://xqqr.com/static/js/register.js?cQA | 200 OK Content-Length: 10775 Content-Type: application/x-javascript | clean |
http://xqqr.com/home.php?mod=misc&ac=sendmail&rand=1422320629 | 200 OK Content-Length: 0 Content-Type: text/javascript | clean |
http://xqqr.com/connect.php?mod=login&op=init&referer=http%3A%2F%2Fxqqr.com%2F.%2F&statfrom=login_simple | HTTP/1.1 302 Moved Temporarily Connection: close Date: Tue, 27 Jan 2015 01:04:07 GMT Location: https://graph.qq.com/oauth2.0/authorize?response_type=code&client_id=310703791&redirect_uri=http%3A%2F%2Fxqqr.com%2Fconnect.php%3Fmod%3Dlogin%26op%3Dcallback%26referer%3Dhttp%253A%252F%252Fxqqr.com%252F.%252F&state=49ca2d5a043c289b66c1e35a90dc6910&scope=get_user_info%2Cadd_share%2Cadd_t%2Cadd_pic_t%2Cget_repost_list Server: nginx/1.3.11 Content-Type: text/html; charset=UTF-8 Set-Cookie: qHSS_2132_saltkey=JXZ3948z; expires=Thu, 26-Feb-2015 01:04:00 GMT; path=/; httponly Set-Cookie: qHSS_2132_lastvisit=1422317040; expires=Thu, 26-Feb-2015 01:04:00 GMT; path=/ Set-Cookie: qHSS_2132_sid=OIM3sd; expires=Wed, 28-Jan-2015 01:04:00 GMT; path=/ Set-Cookie: qHSS_2132_lastact=1422320640%09connect.php%09login; expires=Wed, 28-Jan-2015 01:04:00 GMT; path=/ Set-Cookie: qHSS_2132_stats_qc_reg=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/ Set-Cookie: qHSS_2132_cloudstatpost=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/ Set-Cookie: qHSS_2132_con_request_uri=http%3A%2F%2Fxqqr.com%2Fconnect.php%3Fmod%3Dlogin%26op%3Dcallback%26referer%3Dhttp%253A%252F%252Fxqqr.com%252F.%252F; path=/ X-Powered-By: PHP/5.4.28 X-Powered-By: ASP.NET | clean |
https://graph.qq.com/oauth2.0/authorize?response_type=code&client_id=310703791&redirect_uri=http%3a%2f%2fxqqr.com%2fconnect.php%3fmod%3dlogin%26op%3dcallback%26referer%3dhttp%253a%252f%252fxqqr.com%252f.%252f&state=49ca2d5a043c289b66c1e35a90dc6910&scope=get_user_info%2cadd_share%2cadd_t%2cadd_pic_t%2cget_repost_list | HTTP/1.1 302 Moved Temporarily Connection: close Date: Tue, 27 Jan 2015 01:04:02 GMT Location: http://openapi.qzone.qq.com/oauth/show?which=Login&display=pc&response_type=code&client_id=310703791&redirect_uri=http%3a%2f%2fxqqr.com%2fconnect.php%3fmod%3dlogin%26op%3dcallback%26referer%3dhttp%253a%252f%252fxqqr.com%252f.%252f&state=49ca2d5a043c289b66c1e35a90dc6910&scope=get_user_info%2cadd_share%2cadd_t%2cadd_pic_t%2cget_repost_list Server: tws Content-Length: 0 Content-Type: text/html | clean |
http://openapi.qzone.qq.com/oauth/show?which=login&display=pc&response_type=code&client_id=310703791&redirect_uri=http%3a%2f%2fxqqr.com%2fconnect.php%3fmod%3dlogin%26op%3dcallback%26referer%3dhttp%253a%252f%252fxqqr.com%252f.%252f&state=49ca2d5a043c289b66c1e35a90dc6910&scope=get_user_info%2cadd_share%2cadd_t%2cadd_pic_t%2cget_repost_list | 200 OK Content-Length: 7469 Content-Type: text/html | suspicious |
Page code contains blacklisted domain: bbs.xqqr.com ...[1851 bytes skipped]... r.userAgent].join("|_|")); var src = 'http://badjs.qq.com/cgi-bin/js_report?'+ [bid,mid,msg].join("&"); errorTransport = new Image; errorTransport.onerror = errorTransport.onload = function(){ errorTransport = errorTransport.onerror = errorTransport.onload = null ; }; errorTransport.src = src; false; Q.crtDomain = 'http://bbs.xqqr.com/'; Q.agree = function(){ window.isAgreed = true; }; Q.logout = function(){ window.isLogouted = true; }; Q.isNeedLogin = true; Q.getParameter = function getParameter(name) { var r = new RegExp("(\\?|#|&)" + name + "=([^&#]*)(&|#|$)"), m = location.href.match(r); return decodeURIComponent(!m ? "" : m[2]); }; Q.ptlogin2 = function(){ ...[1779 bytes skipped]... | ||
http://qzonestyle.gtimg.cn/c/=/open/connect/widget/pc/login/pt_adapt.js,qlogin_v2.js?v=20140527 | 200 OK Content-Length: 24403 Content-Type: application/x-javascript | clean |
http://xqqr.com/test404page.js | 404 Not Found Content-Length: 1163 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: xqqr.com
Result:
HTTP/1.1 301 Moved Permanently
Connection: close
Date: Tue, 27 Jan 2015 01:03:40 GMT
Location: http://www.xqqr.com
Server: nginx/1.3.11
Content-Type: text/html; charset=UTF-8
X-Powered-By: PHP/5.4.28
X-Powered-By: ASP.NET
GET / HTTP/1.1
Host: xqqr.com
Result:
HTTP/1.1 301 Moved Permanently
Connection: close
Date: Tue, 27 Jan 2015 01:03:40 GMT
Location: http://www.xqqr.com
Server: nginx/1.3.11
Content-Type: text/html; charset=UTF-8
X-Powered-By: PHP/5.4.28
X-Powered-By: ASP.NET
Second query (visit from search engine):
GET / HTTP/1.1
Host: xqqr.com
Referer: http://www.google.com/search?q=xqqr.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: xqqr.com
Referer: http://www.google.com/search?q=xqqr.com
Result:
The result is similar to the first query. There are no suspicious redirects found.