Scanned pages/files
| Request | Server response | Status |
http://oe1206012.m.oeeee.com/ | HTTP/1.1 301 Moved Permanently Connection: close Date: Sun, 06 Apr 2014 13:40:50 GMT Location: space-uid-1312842.html Server: nginx Content-Type: text/html; charset=utf-8 Set-Cookie: eRYK_5cb6_saltkey=H4tt3026; expires=Tue, 06-May-2014 13:40:50 GMT; path=/; domain=.oeeee.com; httponly Set-Cookie: eRYK_5cb6_lastvisit=1396788050; expires=Tue, 06-May-2014 13:40:50 GMT; path=/; domain=.oeeee.com X-Powered-By: PHP/5.3.8 | clean |
http://oe1206012.m.oeeee.com/space-uid-1312842.html | 200 OK Content-Length: 20195 Content-Type: text/html | clean |
http://oe1206012.m.oeeee.com/data/cache/common.js?RoP | 200 OK Content-Length: 61122 Content-Type: application/x-javascript | clean |
http://oe1206012.m.oeeee.com/data/cache/home.js?RoP | 200 OK Content-Length: 29652 Content-Type: application/x-javascript | clean |
http://tcss.qq.com/ping.js?v=1VERHASH | 200 OK Content-Length: 8909 Content-Type: application/x-javascript | clean |
http://oe1206012.m.oeeee.com/home.php?mod=misc&ac=sendmail&rand=1396791651 | 200 OK Content-Length: 0 Content-Type: text/javascript | clean |
http://discuz.gtimg.cn/cloud/scripts/discuz_tips.js?v=1 | 200 OK Content-Length: 6173 Content-Type: application/x-javascript | clean |
http://oe1206012.m.oeeee.com/member.php?mod=register | HTTP/1.1 302 Moved Temporarily Connection: close Date: Sun, 06 Apr 2014 13:41:02 GMT Location: http://user.oeeee.com/passport/index.php?m=user&a=reg Server: nginx Content-Type: text/html; charset=utf-8 Set-Cookie: eRYK_5cb6_saltkey=TG8V5kK8; expires=Tue, 06-May-2014 13:41:02 GMT; path=/; domain=.oeeee.com; httponly Set-Cookie: eRYK_5cb6_lastvisit=1396788062; expires=Tue, 06-May-2014 13:41:02 GMT; path=/; domain=.oeeee.com Set-Cookie: eRYK_5cb6_sid=so1n88; expires=Mon, 07-Apr-2014 13:41:02 GMT; path=/; domain=.oeeee.com Set-Cookie: eRYK_5cb6_lastact=1396791662%09member.php%09register; expires=Mon, 07-Apr-2014 13:41:02 GMT; path=/; domain=.oeeee.com Set-Cookie: eRYK_5cb6_stats_qc_reg=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.oeeee.com Set-Cookie: eRYK_5cb6_cloudstatpost=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.oeeee.com | clean |
http://user.oeeee.com/passport/index.php?m=user&a=reg | 200 OK Content-Length: 2021 Content-Type: text/html | clean |
http://www.oeeee.com/js/tongji.js | 200 OK Content-Length: 540 Content-Type: application/x-javascript | clean |
http://oe1206012.m.oeeee.com/index.php?m=user&a=oereg | HTTP/1.1 301 Moved Permanently Connection: close Date: Sun, 06 Apr 2014 13:41:06 GMT Location: space-uid-1312842.html Server: nginx Content-Type: text/html; charset=utf-8 Set-Cookie: eRYK_5cb6_saltkey=gP5Qa95a; expires=Tue, 06-May-2014 13:41:06 GMT; path=/; domain=.oeeee.com; httponly Set-Cookie: eRYK_5cb6_lastvisit=1396788066; expires=Tue, 06-May-2014 13:41:06 GMT; path=/; domain=.oeeee.com X-Powered-By: PHP/5.3.8 | clean |
http://oe1206012.m.oeeee.com/test404page.js | 404 Not Found Content-Length: 988 Content-Type: text/html | clean |
http://oe1206012.m.oeeee.com/member.php?mod=logging&action=login | 200 OK Content-Length: 18753 Content-Type: text/html | clean |
http://oeeee.adsame.com/s?z=oeeee&c=362 | 200 OK Content-Length: 419 Content-Type: text/html | clean |
http://oeeee.adsame.com/c?z=oeeee&la=0&si=1&cg=13&c=362&ci=1&or=19&l=831&bg=831&b=966&u=http://nd.oeeee.com/special/weiguanggao/wgg22qi/default.shtml | HTTP/1.1 302 Found Connection: close Location: http://nd.oeeee.com/special/weiguanggao/wgg22qi/default.shtml Content-Length: 1 Content-Type: text/html Expires: 0 P3P: CP="CAO PSA OUR" Set-Cookie: ASID=319fbf0d34fd12;expires=Tue,05-Apr-2016 21:41:16 +0800;path=/;domain=adsame.com Set-Cookie: ADVS=319fbf0d34fd12;path=/;domain=oeeee.adsame.com Set-Cookie: ASL=16166,0000z,4e9e0be2;expires=Tue,05-Apr-2016 21:41:16 +0800;path=/;domain=adsame.com Set-Cookie: oeeeeATC=oeeee,362,831,966,1396791676796,;expires=Thu,17-Apr-2014 04:38:29 +0800;path=/;path=/;domain=oeeee.adsame.com | clean |
http://nd.oeeee.com/special/weiguanggao/wgg22qi/default.shtml | 200 OK Content-Length: 35690 Content-Type: text/html | clean |
http://smjs.allyes.com/sm.js | 200 OK Content-Length: 3869 Content-Type: application/x-javascript | clean |
http://smjs.allyes.com/oeeee++inpage++sm++show.js | 200 OK Content-Length: 2670 Content-Type: application/x-javascript | suspicious |
Hidden iFrame found. size: 0x0 src: http://smcommon.allyes.com/cm/dyx.html <iframe id="allyes_dyx_1958" name="allyes_dyx_1958" src="http://smcommon.allyes.com/cm/dyx.html" width="0" height="0" marginheight="0" marginwidth="0" frameborder="0" style="position: absolute; top: 0px; left: 0px;"> Hidden iFrame found. size: 0x0 src: http://wmcdn.allyes.com/adxcm_base_sm.htm <iframe src="http://wmcdn.allyes.com/adxcm_base_sm.htm" width="0" height="0" marginheight="0" marginwidth="0" frameborder="0" style="position: absolute; top: 0px; left: 0px;"> | ||
http://oeeee.adsame.com/c?z=oeeee&la=0&si=1&cg=13&c=362&ci=1&or=19&l=831&bg=831&b=966&u=http://nd.oeeee.com/special/weiguanggao/wgg22qi/./201110/t20111017_1214975.shtml | HTTP/1.1 302 Found Connection: close Location: http://nd.oeeee.com/special/weiguanggao/wgg22qi/default.shtml Content-Length: 1 Content-Type: text/html Expires: 0 P3P: CP="CAO PSA OUR" Set-Cookie: ASID=319fbf11bdb03e;expires=Tue,05-Apr-2016 21:41:24 +0800;path=/;domain=adsame.com Set-Cookie: ADVS=319fbf11bdb03e;path=/;domain=oeeee.adsame.com Set-Cookie: ASL=16166,0000z,4e9e0be2;expires=Tue,05-Apr-2016 21:41:24 +0800;path=/;domain=adsame.com Set-Cookie: oeeeeATC=oeeee,362,831,966,1396791684403,;expires=Thu,17-Apr-2014 04:38:37 +0800;path=/;path=/;domain=oeeee.adsame.com | clean |
http://oeeee.adsame.com/s?z=oeeee&c=1188 | 200 OK Content-Length: 13 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: oe1206012.m.oeeee.com
Result:
HTTP/1.1 301 Moved Permanently
Connection: close
Date: Sun, 06 Apr 2014 13:40:50 GMT
Location: space-uid-1312842.html
Server: nginx
Content-Type: text/html; charset=utf-8
Set-Cookie: eRYK_5cb6_saltkey=H4tt3026; expires=Tue, 06-May-2014 13:40:50 GMT; path=/; domain=.oeeee.com; httponly
Set-Cookie: eRYK_5cb6_lastvisit=1396788050; expires=Tue, 06-May-2014 13:40:50 GMT; path=/; domain=.oeeee.com
X-Powered-By: PHP/5.3.8
GET / HTTP/1.1
Host: oe1206012.m.oeeee.com
Result:
HTTP/1.1 301 Moved Permanently
Connection: close
Date: Sun, 06 Apr 2014 13:40:50 GMT
Location: space-uid-1312842.html
Server: nginx
Content-Type: text/html; charset=utf-8
Set-Cookie: eRYK_5cb6_saltkey=H4tt3026; expires=Tue, 06-May-2014 13:40:50 GMT; path=/; domain=.oeeee.com; httponly
Set-Cookie: eRYK_5cb6_lastvisit=1396788050; expires=Tue, 06-May-2014 13:40:50 GMT; path=/; domain=.oeeee.com
X-Powered-By: PHP/5.3.8
Second query (visit from search engine):
GET / HTTP/1.1
Host: oe1206012.m.oeeee.com
Referer: http://www.google.com/search?q=oe1206012.m.oeeee.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: oe1206012.m.oeeee.com
Referer: http://www.google.com/search?q=oe1206012.m.oeeee.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=oe1206012.m.oeeee.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://oe1206012.m.oeeee.com/
Result: oe1206012.m.oeeee.com is not infected or malware details are not published yet.
Result: oe1206012.m.oeeee.com is not infected or malware details are not published yet.