Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: tonglingchina.com
Result:
HTTP/1.1 200 OK
Cache-Control: private
Connection: Close
Date: Sat, 04 Oct 2014 22:02:39 GMT
Server: NetBox Version 2.8 Build 4128
Content-Length: 58065
Content-Type: text/html
Set-Cookie: DRERZTLACPAYPHRLTADX=CHQEFWXECWKYLOYAATLTDQILVUTFLDSCVNINZZVF; path=/
...58065 bytes of data.
GET / HTTP/1.1
Host: tonglingchina.com
Result:
HTTP/1.1 200 OK
Cache-Control: private
Connection: Close
Date: Sat, 04 Oct 2014 22:02:39 GMT
Server: NetBox Version 2.8 Build 4128
Content-Length: 58065
Content-Type: text/html
Set-Cookie: DRERZTLACPAYPHRLTADX=CHQEFWXECWKYLOYAATLTDQILVUTFLDSCVNINZZVF; path=/
...58065 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: tonglingchina.com
Referer: http://www.google.com/search?q=tonglingchina.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: tonglingchina.com
Referer: http://www.google.com/search?q=tonglingchina.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Scanned pages/files
| Request | Server response | Status |
http://tonglingchina.com/ | 200 OK Content-Length: 58065 Content-Type: text/html | clean |
http://tonglingchina.com/index.asp | 200 OK Content-Length: 58065 Content-Type: text/html | clean |
http://tonglingchina.com/txt.asp?lm2=9 | 200 OK Content-Length: 16998 Content-Type: text/html | clean |
http://tonglingchina.com/txt.asp?lm2=1 | 200 OK Content-Length: 24669 Content-Type: text/html | clean |
http://tonglingchina.com/txt.asp?lm2=2 | 200 OK Content-Length: 13389 Content-Type: text/html | clean |
http://tonglingchina.com/txt.asp?lm2=3 | 200 OK Content-Length: 16801 Content-Type: text/html | clean |
http://tonglingchina.com/txt.asp?lm2=4 | 200 OK Content-Length: 14990 Content-Type: text/html | clean |
http://tonglingchina.com/txt.asp?lm2=5 | 200 OK Content-Length: 20486 Content-Type: text/html | clean |
http://tonglingchina.com/txt.asp?lm2=6 | 200 OK Content-Length: 22933 Content-Type: text/html | clean |
http://tonglingchina.com/tu.asp?lm2=6 | 200 OK Content-Length: 19614 Content-Type: text/html | clean |
http://tonglingchina.com/fx.asp?lm2=50 | 200 OK Content-Length: 18914 Content-Type: text/html | clean |
http://tonglingchina.com/txt.asp?lm2=50 | 200 OK Content-Length: 14451 Content-Type: text/html | clean |
http://tonglingchina.com/tat.asp?lm2=62 | 200 OK Content-Length: 20059 Content-Type: text/html | clean |
http://tonglingchina.com/web.asp?newsid=1954 | 200 OK Content-Length: 22122 Content-Type: text/html | clean |
http://tonglingchina.com/admin/edit/UploadFile/201471514581216.xls | 200 OK Content-Length: 60416 Content-Type: application/vnd.ms-excel | clean |
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=tonglingchina.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://tonglingchina.com/
Result: tonglingchina.com is not infected or malware details are not published yet.
Result: tonglingchina.com is not infected or malware details are not published yet.