Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=kf.tielingnewcity.com
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: kf.tielingnewcity.com
Result:
HTTP/1.1 200 OK
Cache-Control: private
Date: Tue, 13 Jan 2015 09:39:50 GMT
Server: Microsoft-IIS/6.0
Content-Length: 5815
Content-Type: text/html
Expires: Tue, 13 Jan 2015 09:39:50 GMT
Set-Cookie: oa=xtgl%5Fjsgl=&gyxx%5Fnbpx=&xmgl%5Fxmjk=&xmgl%5Fxmjc=&xmgl%5Fxmjh=&xzgl%5Fylgl=&rsgl%5Fpxgl=&xtgl%5Fyhgl=&xmgl%5Fcgys=&xmgl%5Fxmzb=&xzgl%5Fclyy=&xzgl%5Fclgl=&hygl%5Fyfjyyj=&hygl%5Fyfjy=&dagl%5Fwlwj=&gygl=&wlhy=&xtgl%5Frzgl=&xtgl%5Fbmgl=&gyxx%5Fggtxl=&gyxx%5Fxzfg=&xmgl%5Fxmlx=&rsgl%5Frsyd=&rsgl%5Frsda=&dagl%5Fjzgl=&rsgl%5Flwht=&rsgl%5Fkhgl=&rsgl%5Fbyrck=&hygl%5Ffsjyyj=&hygl%5Fgdjy=&hygl%5Ffsjy=&hygl%5Fhyjy=&hygl%5Fhyjh=&hygl%5Fyfhy=&dagl%5Fgdwj=&dagl%5Fajgl=&gwgl%5Fyscb=&gwgl%5Fyfcb=&xmgl%5Fbmqj=&xmgl%5Fzlgl=&xmgl%5Fjcpg=&xzgl%5Fbgwpjy=&xzgl%5Fbgwply=&rsgl%5Fxcfl=&hygl%5Ffshytz=&hygl%5Fsphy=&hygl%5Fhysp=&hygl%5Fhysgl=&hygl%5Fhyssp=&hygl%5Fhyssq=&dagl%5Fdagl=&dagl%5Fjnwj=&gwgl%5Fgwgd=&gwgl%5Fgwgl=&xtgl%5Flccs=&xtgl%5Fqxgl=&xtgl%5Fzwgl=&gyxx%5Frdlt=&gyxx%5Fdzgg=&hygl%5Fysjyyj=&hygl%5Fdsjy=&hygl%5Fysjy=&gwgl%5Fgwlc=&gwgl%5Ffwgl=&gyxx%5Fyjx=&xmgl%5Fhtgl=&xzgl%5Ftsgl=&rsgl%5Fkqgl=&hygl%5Fyshjy=&hygl%5Fyshy=&gwgl%5Fswgl=&gwgl%5Ffsgl=; path=/
Set-Cookie: cook%5Fallow%5Fcontrol%5Flevel=; path=/
Set-Cookie: cook%5Fallow%5Fcontrol%5Ffile=; path=/
Set-Cookie: cook%5Fallow%5Fcontrol%5Fnote=; path=/
Set-Cookie: cook%5Fallow%5Fsend%5Fnote=; path=/
Set-Cookie: cook%5Fallow%5Fcontrol%5Fall%5Fuser=; path=/
Set-Cookie: cook%5Fallow%5Fcontrol%5Fdept%5Fuser=; path=/
Set-Cookie: cook%5Fallow%5Fsee%5Fdept%5Fworkrep=; path=/
Set-Cookie: cook%5Fallow%5Fsee%5Fall%5Fworkrep=; path=/
Set-Cookie: cn%5Fleven=oabusyuserlevel=&oabusyuserdept=&oabusyusername=&oabusyuserid=&oabusyname=; path=/
Set-Cookie: ASPSESSIONIDAAARQCAA=JCIBKBHCCACCHGEJOEKJMEKC; path=/
X-Powered-By: ASP.NET
...5815 bytes of data.
GET / HTTP/1.1
Host: kf.tielingnewcity.com
Result:
HTTP/1.1 200 OK
Cache-Control: private
Date: Tue, 13 Jan 2015 09:39:50 GMT
Server: Microsoft-IIS/6.0
Content-Length: 5815
Content-Type: text/html
Expires: Tue, 13 Jan 2015 09:39:50 GMT
Set-Cookie: oa=xtgl%5Fjsgl=&gyxx%5Fnbpx=&xmgl%5Fxmjk=&xmgl%5Fxmjc=&xmgl%5Fxmjh=&xzgl%5Fylgl=&rsgl%5Fpxgl=&xtgl%5Fyhgl=&xmgl%5Fcgys=&xmgl%5Fxmzb=&xzgl%5Fclyy=&xzgl%5Fclgl=&hygl%5Fyfjyyj=&hygl%5Fyfjy=&dagl%5Fwlwj=&gygl=&wlhy=&xtgl%5Frzgl=&xtgl%5Fbmgl=&gyxx%5Fggtxl=&gyxx%5Fxzfg=&xmgl%5Fxmlx=&rsgl%5Frsyd=&rsgl%5Frsda=&dagl%5Fjzgl=&rsgl%5Flwht=&rsgl%5Fkhgl=&rsgl%5Fbyrck=&hygl%5Ffsjyyj=&hygl%5Fgdjy=&hygl%5Ffsjy=&hygl%5Fhyjy=&hygl%5Fhyjh=&hygl%5Fyfhy=&dagl%5Fgdwj=&dagl%5Fajgl=&gwgl%5Fyscb=&gwgl%5Fyfcb=&xmgl%5Fbmqj=&xmgl%5Fzlgl=&xmgl%5Fjcpg=&xzgl%5Fbgwpjy=&xzgl%5Fbgwply=&rsgl%5Fxcfl=&hygl%5Ffshytz=&hygl%5Fsphy=&hygl%5Fhysp=&hygl%5Fhysgl=&hygl%5Fhyssp=&hygl%5Fhyssq=&dagl%5Fdagl=&dagl%5Fjnwj=&gwgl%5Fgwgd=&gwgl%5Fgwgl=&xtgl%5Flccs=&xtgl%5Fqxgl=&xtgl%5Fzwgl=&gyxx%5Frdlt=&gyxx%5Fdzgg=&hygl%5Fysjyyj=&hygl%5Fdsjy=&hygl%5Fysjy=&gwgl%5Fgwlc=&gwgl%5Ffwgl=&gyxx%5Fyjx=&xmgl%5Fhtgl=&xzgl%5Ftsgl=&rsgl%5Fkqgl=&hygl%5Fyshjy=&hygl%5Fyshy=&gwgl%5Fswgl=&gwgl%5Ffsgl=; path=/
Set-Cookie: cook%5Fallow%5Fcontrol%5Flevel=; path=/
Set-Cookie: cook%5Fallow%5Fcontrol%5Ffile=; path=/
Set-Cookie: cook%5Fallow%5Fcontrol%5Fnote=; path=/
Set-Cookie: cook%5Fallow%5Fsend%5Fnote=; path=/
Set-Cookie: cook%5Fallow%5Fcontrol%5Fall%5Fuser=; path=/
Set-Cookie: cook%5Fallow%5Fcontrol%5Fdept%5Fuser=; path=/
Set-Cookie: cook%5Fallow%5Fsee%5Fdept%5Fworkrep=; path=/
Set-Cookie: cook%5Fallow%5Fsee%5Fall%5Fworkrep=; path=/
Set-Cookie: cn%5Fleven=oabusyuserlevel=&oabusyuserdept=&oabusyusername=&oabusyuserid=&oabusyname=; path=/
Set-Cookie: ASPSESSIONIDAAARQCAA=JCIBKBHCCACCHGEJOEKJMEKC; path=/
X-Powered-By: ASP.NET
...5815 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: kf.tielingnewcity.com
Referer: http://www.google.com/search?q=kf.tielingnewcity.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: kf.tielingnewcity.com
Referer: http://www.google.com/search?q=kf.tielingnewcity.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Scanned pages/files
Request | Server response | Status |
http://kf.tielingnewcity.com/ | 200 OK Content-Length: 5815 Content-Type: text/html | clean |
http://kf.tielingnewcity.com/count/mystat.asp | 404 Not Found Content-Length: 1308 Content-Type: text/html | clean |
http://kf.tielingnewcity.com/test404page.js | 404 Not Found Content-Length: 1308 Content-Type: text/html | clean |