Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: baoruan.com
Result:
HTTP/1.1 301 Moved Permanently
Connection: close
Date: Tue, 17 Jun 2014 07:26:12 GMT
Location: http://www.baoruan.com/
Server: nginx
Content-Type: text/html
CMNET-Gate-Route: 172.16.193.136
Set-Cookie: snum=%23DqjTmT; expires=Fri, 07-Aug-2015 23:26:09 GMT; path=/
Set-Cookie: vt=2; expires=Fri, 07-Aug-2015 23:26:09 GMT; path=/
X-Powered-By: PHP/5.2.14
X-Wap-Proxy-Cookie: none
GET / HTTP/1.1
Host: baoruan.com
Result:
HTTP/1.1 301 Moved Permanently
Connection: close
Date: Tue, 17 Jun 2014 07:26:12 GMT
Location: http://www.baoruan.com/
Server: nginx
Content-Type: text/html
CMNET-Gate-Route: 172.16.193.136
Set-Cookie: snum=%23DqjTmT; expires=Fri, 07-Aug-2015 23:26:09 GMT; path=/
Set-Cookie: vt=2; expires=Fri, 07-Aug-2015 23:26:09 GMT; path=/
X-Powered-By: PHP/5.2.14
X-Wap-Proxy-Cookie: none
Second query (visit from search engine):
GET / HTTP/1.1
Host: baoruan.com
Referer: http://www.google.com/search?q=baoruan.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: baoruan.com
Referer: http://www.google.com/search?q=baoruan.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Scanned pages/files
Request | Server response | Status |
http://baoruan.com/ | HTTP/1.1 301 Moved Permanently Connection: close Date: Tue, 17 Jun 2014 07:26:12 GMT Location: http://www.baoruan.com/ Server: nginx Content-Type: text/html CMNET-Gate-Route: 172.16.193.136 Set-Cookie: snum=%23DqjTmT; expires=Fri, 07-Aug-2015 23:26:09 GMT; path=/ Set-Cookie: vt=2; expires=Fri, 07-Aug-2015 23:26:09 GMT; path=/ X-Powered-By: PHP/5.2.14 X-Wap-Proxy-Cookie: none | clean |
http://www.baoruan.com/ | 200 OK Content-Length: 71477 Content-Type: text/html | clean |
http://static.17xgame.com/v154/js/jquery.min.js | 200 OK Content-Length: 93903 Content-Type: application/x-javascript | clean |
http://static.17xgame.com/v154/js/base.js | 200 OK Content-Length: 25127 Content-Type: application/x-javascript | clean |
http://static.17xgame.com/v154/js/jquery.lazyload.min.js | 200 OK Content-Length: 5116 Content-Type: application/x-javascript | clean |
http://static.17xgame.com/v154/js/EvPng.js | 200 OK Content-Length: 12394 Content-Type: application/x-javascript | clean |
https://dunsregistered.dnb.com/ | 200 OK Content-Length: 530 Content-Type: application/x-javascript | clean |
http://s15.cnzz.com/stat.php?id=2293241&web_id=2293241 | 200 OK Content-Length: 9322 Content-Type: application/javascript | clean |
http://baoruan.com/user/account/login | HTTP/1.1 302 Moved Temporarily Connection: close Date: Tue, 17 Jun 2014 07:26:26 GMT Location: /zone/mobile/mobileselect/ou//rurl/L3VzZXIvYWNjb3VudC9sb2dpbg== Server: nginx Content-Type: text/vnd.wap.wml;charset=utf-8 CMNET-Gate-Route: 172.16.193.136 Set-Cookie: snum=%23t3taH3; expires=Fri, 07-Aug-2015 23:26:23 GMT; path=/ Set-Cookie: vt=2; expires=Fri, 07-Aug-2015 23:26:23 GMT; path=/ X-Powered-By: PHP/5.2.14 X-Wap-Proxy-Cookie: none | clean |
http://baoruan.com/zone/mobile/mobileselect/ou//rurl/l3vzzxivywnjb3vudc9sb2dpbg== | 200 OK Content-Length: 7198 Content-Type: text/html | clean |
http://baoruan.com/bbs/forum/dologin/login/jumpURL/L3pvbmUvbW9iaWxlL21vYmlsZXNlbGVjdC9vdS8vcnVybC9sM3Z6enhpdnl3bmpiM3Z1ZGM5c2IyZHBiZz09/mid/0 | 200 OK Content-Length: 10381 Content-Type: text/vnd.wap.wml | clean |
http://baoruan.com/bbs/forum/dologin/register/jumpURL/L3pvbmUvbW9iaWxlL21vYmlsZXNlbGVjdC9vdS8vcnVybC9sM3Z6enhpdnl3bmpiM3Z1ZGM5c2IyZHBiZz09/mid/0 | 200 OK Content-Length: 11383 Content-Type: text/vnd.wap.wml | clean |
http://baoruan.com/bbs/forum/dologin/register/jumpURL/L3pvbmUvbW9iaWxlL21vYmlsZXNlbGVjdC9vdS8vcnVybC9sM3Z6enhpdnl3bmpiM3Z1ZGM5c2IyZHBiZz09/mid/sms:106901956100041?body=zc | 200 OK Content-Length: 11383 Content-Type: text/vnd.wap.wml | clean |
http://baoruan.com/bbs/forum/dologin/login/mid/0 | 200 OK Content-Length: 9832 Content-Type: text/vnd.wap.wml | clean |
http://baoruan.com/bbs/forum/dologin/register/mid/0 | 200 OK Content-Length: 11231 Content-Type: text/vnd.wap.wml | clean |
http://baoruan.com/bbs/forum/dologin/login/jumpURL/L2Jicy9kZWZhdWx0L2RlZmF1bHQvaW5kZXgvbWlkLzA%3D/mid/0 | 200 OK Content-Length: 10151 Content-Type: text/vnd.wap.wml | clean |
http://baoruan.com/bbs/forum/dologin/register/jumpURL/L2Jicy9kZWZhdWx0L2RlZmF1bHQvaW5kZXgvbWlkLzA%3D/mid/0 | 200 OK Content-Length: 11231 Content-Type: text/vnd.wap.wml | clean |
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=baoruan.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://baoruan.com/
Result: baoruan.com is not infected or malware details are not published yet.
Result: baoruan.com is not infected or malware details are not published yet.