Malicious/Suspicious Redirects
Request | Server response | Status |
URL: http://shoubiao.tmall.com/ (imitation of visitor from search engine) GET / HTTP/1.1 Host: shoubiao.tmall.com Referer: http://www.google.com/search?q=redirect+check1 | HTTP/1.1 302 Found Connection: close Date: Fri, 13 Jun 2014 09:02:40 GMT Location: http://jump.taobao.com/jump?target=http%3a%2f%2fshoubiao.tmall.com%2f%3ftbpm%3d1 Server: Tengine Content-Length: 260 Content-Type: text/html | malicious |
URL: http://jump.taobao.com/jump?target=http%3a%2f%2fshoubiao.tmall.com%2f%3ftbpm%3d1 (imitation of visitor from search engine) GET /jump?target=http%3a%2f%2fshoubiao.tmall.com%2f%3ftbpm%3d1 HTTP/1.1 Host: jump.taobao.com Referer: http://www.google.com/search?q=redirect+check2 | HTTP/1.1 302 Found Connection: close Date: Fri, 13 Jun 2014 09:02:41 GMT Location: http://pass.tmall.com/add?_tb_token_=xF1zQlQZ2ZJS&cookie2=4d609b27b83ec004edc2fdc1b4c5bcef&t=d3ab32e525207f1c792a6b01045ca6f5&target=http%3a%2f%2fshoubiao.tmall.com%2f%3ftbpm%3d1&pacc=oPW4RCI0vH8uko7IDRiIHQ==&opi=78.158.11.226&tmsc=1402650161027001 Content-Length: 260 Content-Type: text/html P3P: CP='CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR' Set-Cookie: _tb_token_=xF1zQlQZ2ZJS;domain=.taobao.com;Path=/;HttpOnly Set-Cookie: cookie2=4d609b27b83ec004edc2fdc1b4c5bcef;domain=.taobao.com;Path=/;HttpOnly Set-Cookie: t=d3ab32e525207f1c792a6b01045ca6f5;domain=.taobao.com;Expires=Thu, 11-Sep-2014 09:02:41 GMT;Path=/ | suspicious |
URL: http://pass.tmall.com/add?_tb_token_=xF1zQlQZ2ZJS&cookie2=4d609b27b83ec004edc2fdc1b4c5bcef&t=d3ab32e525207f1c792a6b01045ca6f5&target=http%3a%2f%2fshoubiao.tmall.com%2f%3ftbpm%3d1&pacc=oPW4RCI0vH8uko7IDRiIHQ==&opi=78.158.11.226&tmsc=1402650161027001 (imitation of visitor from search engine) GET /add?_tb_token_=xF1zQlQZ2ZJS&cookie2=4d609b27b83ec004edc2fdc1b4c5bcef&t=d3ab32e525207f1c792a6b01045ca6f5&target=http%3a%2f%2fshoubiao.tmall.com%2f%3ftbpm%3d1&pacc=oPW4RCI0vH8uko7IDRiIHQ==&opi=78.158.11.226&tmsc=1402650161027001 HTTP/1.1 Host: pass.tmall.com Referer: http://www.google.com/search?q=redirect+check3 | HTTP/1.1 302 Found Connection: close Date: Fri, 13 Jun 2014 09:02:41 GMT Location: http://shoubiao.tmall.com/?tbpm=1 Content-Length: 260 Content-Type: text/html P3P: CP='CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR' Set-Cookie: _tb_token_=xF1zQlQZ2ZJS;domain=.tmall.com;Path=/ Set-Cookie: cookie2=4d609b27b83ec004edc2fdc1b4c5bcef;domain=.tmall.com;Path=/ Set-Cookie: t=d3ab32e525207f1c792a6b01045ca6f5;domain=.tmall.com;Path=/ | suspicious |
URL: http://shoubiao.tmall.com/?tbpm=1 (imitation of visitor from search engine) GET /?tbpm=1 HTTP/1.1 Host: shoubiao.tmall.com Referer: http://www.google.com/search?q=redirect+check4 | HTTP/1.1 302 Found Connection: close Date: Fri, 13 Jun 2014 09:02:43 GMT Location: http://jump.taobao.com/jump?target=http%3a%2f%2fshoubiao.tmall.com%2f%3ftbpm%3d2 Server: Tengine Content-Length: 260 Content-Type: text/html | malicious |
URL: http://jump.taobao.com/jump?target=http%3a%2f%2fshoubiao.tmall.com%2f%3ftbpm%3d2 (imitation of visitor from search engine) GET /jump?target=http%3a%2f%2fshoubiao.tmall.com%2f%3ftbpm%3d2 HTTP/1.1 Host: jump.taobao.com Referer: http://www.google.com/search?q=redirect+check5 | HTTP/1.1 302 Found Connection: close Date: Fri, 13 Jun 2014 09:02:43 GMT Location: http://pass.tmall.com/add?_tb_token_=Q6QlLA4I1a3D&cookie2=1f02cae6392399f705bdc603daea68d7&t=63d898b71ad8417adef80902ef3ca269&target=http%3a%2f%2fshoubiao.tmall.com%2f%3ftbpm%3d2&pacc=OHehZdbKlLFhsy9W4wJ43A==&opi=78.158.11.226&tmsc=1402650163790448 Content-Length: 260 Content-Type: text/html P3P: CP='CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR' Set-Cookie: _tb_token_=Q6QlLA4I1a3D;domain=.taobao.com;Path=/;HttpOnly Set-Cookie: cookie2=1f02cae6392399f705bdc603daea68d7;domain=.taobao.com;Path=/;HttpOnly Set-Cookie: t=63d898b71ad8417adef80902ef3ca269;domain=.taobao.com;Expires=Thu, 11-Sep-2014 09:02:43 GMT;Path=/ | suspicious |
URL: http://pass.tmall.com/add?_tb_token_=Q6QlLA4I1a3D&cookie2=1f02cae6392399f705bdc603daea68d7&t=63d898b71ad8417adef80902ef3ca269&target=http%3a%2f%2fshoubiao.tmall.com%2f%3ftbpm%3d2&pacc=OHehZdbKlLFhsy9W4wJ43A==&opi=78.158.11.226&tmsc=1402650163790448 (imitation of visitor from search engine) GET /add?_tb_token_=Q6QlLA4I1a3D&cookie2=1f02cae6392399f705bdc603daea68d7&t=63d898b71ad8417adef80902ef3ca269&target=http%3a%2f%2fshoubiao.tmall.com%2f%3ftbpm%3d2&pacc=OHehZdbKlLFhsy9W4wJ43A==&opi=78.158.11.226&tmsc=1402650163790448 HTTP/1.1 Host: pass.tmall.com Referer: http://www.google.com/search?q=redirect+check6 | HTTP/1.1 302 Found Connection: close Date: Fri, 13 Jun 2014 09:02:44 GMT Location: http://shoubiao.tmall.com/?tbpm=2 Content-Length: 260 Content-Type: text/html P3P: CP='CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR' Set-Cookie: _tb_token_=Q6QlLA4I1a3D;domain=.tmall.com;Path=/ Set-Cookie: cookie2=1f02cae6392399f705bdc603daea68d7;domain=.tmall.com;Path=/ Set-Cookie: t=63d898b71ad8417adef80902ef3ca269;domain=.tmall.com;Path=/ | suspicious |
Scanned pages/files
Request | Server response | Status |
http://shoubiao.tmall.com/content/ | HTTP/1.1 302 Found Connection: close Date: Fri, 13 Jun 2014 09:02:41 GMT Location: http://jump.taobao.com/jump?target=http%3a%2f%2fshoubiao.tmall.com%2fcontent%2f%3ftbpm%3d1 Server: Tengine Content-Length: 260 Content-Type: text/html | clean |
http://jump.taobao.com/jump?target=http%3a%2f%2fshoubiao.tmall.com%2fcontent%2f%3ftbpm%3d1 | HTTP/1.1 302 Found Connection: close Date: Fri, 13 Jun 2014 09:02:41 GMT Location: http://pass.tmall.com/add?_tb_token_=DLOEzoxO19hN&cookie2=e71e958eb70cafe6202293e2d650cb5b&t=143b3a54d7c3c75ed68ac5b223628e66&target=http%3a%2f%2fshoubiao.tmall.com%2fcontent%2f%3ftbpm%3d1&pacc=Z1eLtUXmYKoExxCDx1POtw==&opi=78.158.11.226&tmsc=1402650161670930 Content-Length: 260 Content-Type: text/html P3P: CP='CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR' Set-Cookie: _tb_token_=DLOEzoxO19hN;domain=.taobao.com;Path=/;HttpOnly Set-Cookie: cookie2=e71e958eb70cafe6202293e2d650cb5b;domain=.taobao.com;Path=/;HttpOnly Set-Cookie: t=143b3a54d7c3c75ed68ac5b223628e66;domain=.taobao.com;Expires=Thu, 11-Sep-2014 09:02:41 GMT;Path=/ | clean |
http://pass.tmall.com/add?_tb_token_=dloezoxo19hn&cookie2=e71e958eb70cafe6202293e2d650cb5b&t=143b3a54d7c3c75ed68ac5b223628e66&target=http%3a%2f%2fshoubiao.tmall.com%2fcontent%2f%3ftbpm%3d1&pacc=z1eltuxmykoexxcdx1potw==&opi=78.158.11.226&tmsc=1402650161670930 | HTTP/1.1 302 Found Connection: close Date: Fri, 13 Jun 2014 09:02:42 GMT Location: http://shoubiao.tmall.com/content/?tbpm=1 Content-Length: 260 Content-Type: text/html | clean |
http://shoubiao.tmall.com/content/?tbpm=1 | HTTP/1.1 302 Found Connection: close Date: Fri, 13 Jun 2014 09:02:42 GMT Location: http://jump.taobao.com/jump?target=http%3a%2f%2fshoubiao.tmall.com%2fcontent%2f%3ftbpm%3d2 Server: Tengine Content-Length: 260 Content-Type: text/html | clean |
http://jump.taobao.com/jump?target=http%3a%2f%2fshoubiao.tmall.com%2fcontent%2f%3ftbpm%3d2 | HTTP/1.1 302 Found Connection: close Date: Fri, 13 Jun 2014 09:02:43 GMT Location: http://pass.tmall.com/add?_tb_token_=pxap1IOZPXMq&cookie2=c607db090d943d486d941a7c70571b4e&t=d6c578249604622f2b7880794bfb0780&target=http%3a%2f%2fshoubiao.tmall.com%2fcontent%2f%3ftbpm%3d2&pacc=UeX03SJPZv0UX6hoFRDCCw==&opi=78.158.11.226&tmsc=1402650163327923 Content-Length: 260 Content-Type: text/html P3P: CP='CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR' Set-Cookie: _tb_token_=pxap1IOZPXMq;domain=.taobao.com;Path=/;HttpOnly Set-Cookie: cookie2=c607db090d943d486d941a7c70571b4e;domain=.taobao.com;Path=/;HttpOnly Set-Cookie: t=d6c578249604622f2b7880794bfb0780;domain=.taobao.com;Expires=Thu, 11-Sep-2014 09:02:43 GMT;Path=/ | clean |
http://pass.tmall.com/add?_tb_token_=pxap1iozpxmq&cookie2=c607db090d943d486d941a7c70571b4e&t=d6c578249604622f2b7880794bfb0780&target=http%3a%2f%2fshoubiao.tmall.com%2fcontent%2f%3ftbpm%3d2&pacc=uex03sjpzv0ux6hofrdccw==&opi=78.158.11.226&tmsc=1402650163327923 | HTTP/1.1 302 Found Connection: close Date: Fri, 13 Jun 2014 09:02:43 GMT Location: http://shoubiao.tmall.com/content/?tbpm=2 Content-Length: 260 Content-Type: text/html | clean |
http://shoubiao.tmall.com/test404page.js | HTTP/1.1 302 Found Connection: close Date: Fri, 13 Jun 2014 09:02:44 GMT Location: http://jump.taobao.com/jump?target=http%3a%2f%2fshoubiao.tmall.com%2ftest404page.js%3ftbpm%3d1 Server: Tengine Content-Length: 260 Content-Type: text/html | clean |
http://jump.taobao.com/jump?target=http%3a%2f%2fshoubiao.tmall.com%2ftest404page.js%3ftbpm%3d1 | HTTP/1.1 302 Found Connection: close Date: Fri, 13 Jun 2014 09:02:44 GMT Location: http://pass.tmall.com/add?_tb_token_=BEWc6WJ0MExm&cookie2=b80de35bee150d5f50d1339c751b3cae&t=f8de30c8c0fb30735bfbc0d85e8463a9&target=http%3a%2f%2fshoubiao.tmall.com%2ftest404page.js%3ftbpm%3d1&pacc=-FIhdsTHRsNBrF63Yx6YYQ==&opi=78.158.11.226&tmsc=1402650164795613 Content-Length: 260 Content-Type: text/html P3P: CP='CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR' Set-Cookie: _tb_token_=BEWc6WJ0MExm;domain=.taobao.com;Path=/;HttpOnly Set-Cookie: cookie2=b80de35bee150d5f50d1339c751b3cae;domain=.taobao.com;Path=/;HttpOnly Set-Cookie: t=f8de30c8c0fb30735bfbc0d85e8463a9;domain=.taobao.com;Expires=Thu, 11-Sep-2014 09:02:44 GMT;Path=/ | clean |
http://pass.tmall.com/add?_tb_token_=bewc6wj0mexm&cookie2=b80de35bee150d5f50d1339c751b3cae&t=f8de30c8c0fb30735bfbc0d85e8463a9&target=http%3a%2f%2fshoubiao.tmall.com%2ftest404page.js%3ftbpm%3d1&pacc=-fihdsthrsnbrf63yx6yyq==&opi=78.158.11.226&tmsc=1402650164795613 | HTTP/1.1 302 Found Connection: close Date: Fri, 13 Jun 2014 09:02:45 GMT Location: http://shoubiao.tmall.com/test404page.js?tbpm=1 Content-Length: 260 Content-Type: text/html | clean |
http://shoubiao.tmall.com/test404page.js?tbpm=1 | HTTP/1.1 302 Found Connection: close Date: Fri, 13 Jun 2014 09:02:45 GMT Location: http://jump.taobao.com/jump?target=http%3a%2f%2fshoubiao.tmall.com%2ftest404page.js%3ftbpm%3d2 Server: Tengine Content-Length: 260 Content-Type: text/html | clean |
http://jump.taobao.com/jump?target=http%3a%2f%2fshoubiao.tmall.com%2ftest404page.js%3ftbpm%3d2 | HTTP/1.1 302 Found Connection: close Date: Fri, 13 Jun 2014 09:02:46 GMT Location: http://pass.tmall.com/add?_tb_token_=7CWgMbGmNMpk&cookie2=65dcb4a923041bc11abb9521cec12030&t=24bd574e003cc01c1ef4abed5d333902&target=http%3a%2f%2fshoubiao.tmall.com%2ftest404page.js%3ftbpm%3d2&pacc=bMS8Rxvuyd7Dhw6wz3DcNA==&opi=78.158.11.226&tmsc=1402650166244957 Content-Length: 260 Content-Type: text/html P3P: CP='CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR' Set-Cookie: _tb_token_=7CWgMbGmNMpk;domain=.taobao.com;Path=/;HttpOnly Set-Cookie: cookie2=65dcb4a923041bc11abb9521cec12030;domain=.taobao.com;Path=/;HttpOnly Set-Cookie: t=24bd574e003cc01c1ef4abed5d333902;domain=.taobao.com;Expires=Thu, 11-Sep-2014 09:02:46 GMT;Path=/ | clean |
http://pass.tmall.com/add?_tb_token_=7cwgmbgmnmpk&cookie2=65dcb4a923041bc11abb9521cec12030&t=24bd574e003cc01c1ef4abed5d333902&target=http%3a%2f%2fshoubiao.tmall.com%2ftest404page.js%3ftbpm%3d2&pacc=bms8rxvuyd7dhw6wz3dcna==&opi=78.158.11.226&tmsc=1402650166244957 | HTTP/1.1 302 Found Connection: close Date: Fri, 13 Jun 2014 09:02:46 GMT Location: http://shoubiao.tmall.com/test404page.js?tbpm=2 Content-Length: 260 Content-Type: text/html | clean |
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=shoubiao.tmall.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://shoubiao.tmall.com/
Result: shoubiao.tmall.com is not infected or malware details are not published yet.
Result: shoubiao.tmall.com is not infected or malware details are not published yet.