See: https://www.virustotal.com/nl/url/91d86eb14b8047918e70ac1f5533e7b33535f29144964e6d76f919bbd4d9a42d/analysis/1443458104/
List of referenced blacklisted domains/hosts: 1
-dl.nx5.com
List of blacklisted external links: 1
-http://dl.nx5.com/apk/20140707/appsearch_androidphone_1009215v_5.5.1.apk
List of scripts included
…/Script/zepto.min.js
-http://static.bshare.cn/b/bshareC0.js
-http://count9.51yes.com/click.aspx?id=90706224&logo=12 given as malicious by WOT →
https://www.virustotal.com/nl/url/536c96b9af4f96924c0b3ba5ca6f45dc6d797729a7419a9769fe205d1a120100/analysis/

See: http://www.domxssscanner.com/scan?url=http%3A%2F%2F2018qq.cn

polonus

Bug found in backend code -http://static.bshare.cn/b/bshareC0.js

newhtml = newhtml.replace(“http://static.bshare.cn/b/button.js?t=”+str(time), “http://static.bshare.cn/b/button.js”)
newhtml = newhtml.replace(“http://static.bshare.cn/b/bshareC0.js?t=”+str(time), “http://static.bshare.cn/b/bshareC0.js”) info credits: zjhsdtc
See: http://www.domxssscanner.com/scan?url=http%3A%2F%2Fstatic.bshare.cn%2Fb%2FbshareC0.js
Also the normal URL shortener issues reported.

polonus

Dear forum friends,

As reported to me by our good forum friend, Pondus, VT does no longer have this detection (I gave a 1,5 year old result),
but looking at WOT rep one will see two reds there, and it also comes blocked here for me by: uBlock₀ has prevented this page from loading:
-http://count9.51yes.com/click.aspx?id=97535135&logo=1
Because of the following filter
||51yes.com^
–count9.51yes.com is listed in OpenDNS’s Block Tool http://forums.opendns.com & Listed in the mvps.org host file
Why VT no longer flags it or DrWeb’s no longer has it in it’s malicious websitelist is beyond me.
On the other hand urlquery dot net scan does no longer flag: https://urlquery.net/report.php?id=1443460176307

polonus