Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: aoejj.com
Result:
HTTP/1.1 200 OK
Cache-Control: private
Date: Sun, 22 Jun 2014 02:55:22 GMT
Server: Microsoft-IIS/6.0
Content-Length: 113527
Content-Type: text/html
Set-Cookie: ASPSESSIONIDACSBSDCC=DBHPNJBDLPGCCGBLPBDDBMCF; path=/
X-Died: timeout at scan.pm line 1538.
X-Powered-By: ASP.NET
...113527 bytes of data.
GET / HTTP/1.1
Host: aoejj.com
Result:
HTTP/1.1 200 OK
Cache-Control: private
Date: Sun, 22 Jun 2014 02:55:22 GMT
Server: Microsoft-IIS/6.0
Content-Length: 113527
Content-Type: text/html
Set-Cookie: ASPSESSIONIDACSBSDCC=DBHPNJBDLPGCCGBLPBDDBMCF; path=/
X-Died: timeout at scan.pm line 1538.
X-Powered-By: ASP.NET
...113527 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: aoejj.com
Referer: http://www.google.com/search?q=aoejj.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: aoejj.com
Referer: http://www.google.com/search?q=aoejj.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Scanned pages/files
| Request | Server response | Status |
http://aoejj.com/ | 200 OK Content-Length: 71434 Content-Type: text/html | clean |
http://aoejj.com/changimages.js | HTTP/1.1 301 Moved Permanently Connection: keep-alive Location: http://42965d04686b4ac5.qusu.org/changimages.js?web_real_domain=aoejj.com&qsv=1&NoRedirect=1 Content-Length: 119 Content-Type: text/html; charset=gb2312 | clean |
http://42965d04686b4ac5.qusu.org/changimages.js?web_real_domain=aoejj.com&qsv=1&noredirect=1 | 200 OK Content-Length: 9714 Content-Type: application/x-javascript | clean |
http://aoejj.com/login.asp | 200 OK Content-Length: 7803 Content-Type: text/html | clean |
http://aoejj.com/dingdan.asp | 200 OK Content-Length: 55492 Content-Type: text/html | clean |
http://aoejj.com/images/reg.js | HTTP/1.1 301 Moved Permanently Connection: keep-alive Location: http://42965d04686b4ac5.qusu.org/images/reg.js?web_real_domain=aoejj.com&qsv=1&NoRedirect=1 Content-Length: 118 Content-Type: text/html; charset=gb2312 | clean |
http://42965d04686b4ac5.qusu.org/images/reg.js?web_real_domain=aoejj.com&qsv=1&noredirect=1 | 200 OK Content-Length: 3844 Content-Type: application/x-javascript | clean |
http://aoejj.com/teacher_serch.asp | 200 OK Content-Length: 65291 Content-Type: text/html | clean |
http://aoejj.com/teacher.asp?d=zhuanye | 200 OK Content-Length: 77432 Content-Type: text/html | clean |
http://aoejj.com/teacher.asp?d=daxue | 200 OK Content-Length: 78427 Content-Type: text/html | clean |
http://aoejj.com/teacher.asp?d=yinyue | 200 OK Content-Length: 57066 Content-Type: text/html | clean |
http://aoejj.com/teacher.asp?d=yingyu | 500 timeout Content-Length: 30 Content-Type: text/plain | clean |
http://aoejj.com/test404page.js | HTTP/1.1 301 Moved Permanently Connection: keep-alive Location: http://42965d04686b4ac5.qusu.org/test404page.js?web_real_domain=aoejj.com&qsv=1&NoRedirect=1 Content-Length: 119 Content-Type: text/html; charset=gb2312 | clean |
http://42965d04686b4ac5.qusu.org/test404page.js?web_real_domain=aoejj.com&qsv=1&noredirect=1 | 404 Not Found Content-Length: 1308 Content-Type: text/html | clean |
http://42965d04686b4ac5.qusu.org/test404page.js | 406 Not Acceptable Content-Length: 574 Content-Type: text/html | clean |
http://aoejj.com/teacher.asp?d=haigui | 200 OK Content-Length: 49931 Content-Type: text/html | clean |
http://aoejj.com/teacher.asp?quyu=ÈÝÏØ | 200 OK Content-Length: 51490 Content-Type: text/html | clean |
http://aoejj.com/teacher.asp?quyu=±±Á÷ | 200 OK Content-Length: 54532 Content-Type: text/html | clean |
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=aoejj.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://aoejj.com/
Result: aoejj.com is not infected or malware details are not published yet.
Result: aoejj.com is not infected or malware details are not published yet.