Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: wedz.gov.cn
Result:
HTTP/1.1 200 OK
Connection: close
Date: Sat, 04 Oct 2014 19:31:40 GMT
ETag: W/"54657-1412052711174"
Server: Apache-Coyote/1.1
Content-Length: 54657
Content-Type: text/html
Last-Modified: Tue, 30 Sep 2014 04:51:51 GMT
Set-Cookie: JSESSIONID=63E41CDAC189DA36CAFEFF882F3DB436; Path=/
...54657 bytes of data.
GET / HTTP/1.1
Host: wedz.gov.cn
Result:
HTTP/1.1 200 OK
Connection: close
Date: Sat, 04 Oct 2014 19:31:40 GMT
ETag: W/"54657-1412052711174"
Server: Apache-Coyote/1.1
Content-Length: 54657
Content-Type: text/html
Last-Modified: Tue, 30 Sep 2014 04:51:51 GMT
Set-Cookie: JSESSIONID=63E41CDAC189DA36CAFEFF882F3DB436; Path=/
...54657 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: wedz.gov.cn
Referer: http://www.google.com/search?q=wedz.gov.cn
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: wedz.gov.cn
Referer: http://www.google.com/search?q=wedz.gov.cn
Result:
The result is similar to the first query. There are no suspicious redirects found.
Scanned pages/files
| Request | Server response | Status |
http://wedz.gov.cn/ | 200 OK Content-Length: 54657 Content-Type: text/html | clean |
http://wedz.gov.cn/theme/js/function.js | 200 OK Content-Length: 3251 Content-Type: text/javascript | clean |
http://wedz.gov.cn/theme/js/swfobject_modified.js | 200 OK Content-Length: 22365 Content-Type: text/javascript | clean |
http://wedz.gov.cn/theme/js/date.js | 200 OK Content-Length: 489 Content-Type: text/javascript | clean |
http://wedz.gov.cn/publish/zkjjkfq/xwbd/kfqyw/20140929/201409291617501300.html | 200 OK Content-Length: 5801 Content-Type: text/html | clean |
http://wedz.gov.cn/publish/zkjjkfq/xwbd/ptp_news.html | 200 OK Content-Length: 27535 Content-Type: text/html | clean |
http://wedz.gov.cn/theme/dynamicImage/dynamicImage.js | 200 OK Content-Length: 5396 Content-Type: text/javascript | clean |
http://wedz.gov.cn/publish/zkjjkfq/xwbd/kfqyw/ptp_ContentList.html | 200 OK Content-Length: 18129 Content-Type: text/html | clean |
http://wedz.gov.cn/publish/zkjjkfq/xwbd/kfqyw/20140929/201409291617061299.html | 200 OK Content-Length: 5682 Content-Type: text/html | clean |
http://wedz.gov.cn/publish/zkjjkfq/xwbd/kfqyw/20140924/201409240914461267.html | 200 OK Content-Length: 5252 Content-Type: text/html | clean |
http://wedz.gov.cn/publish/zkjjkfq/xwbd/kfqyw/20140922/201409220953521246.html | 200 OK Content-Length: 6148 Content-Type: text/html | clean |
http://wedz.gov.cn/publish/zkjjkfq/xwbd/kfqyw/20140910/201409101557431165.html | 200 OK Content-Length: 7520 Content-Type: text/html | clean |
http://wedz.gov.cn/publish/zkjjkfq/xwbd/kfqyw/20140910/201409101555391164.html | 200 OK Content-Length: 5180 Content-Type: text/html | clean |
http://wedz.gov.cn/publish/zkjjkfq/xwbd/kfqyw/20140829/201408291644591121.html | 200 OK Content-Length: 5514 Content-Type: text/html | clean |
http://wedz.gov.cn/publish/zkjjkfq/xwbd/kfqyw/20140829/201408291641431119.html | 200 OK Content-Length: 5326 Content-Type: text/html | clean |
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=wedz.gov.cn
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://wedz.gov.cn/
Result: wedz.gov.cn is not infected or malware details are not published yet.
Result: wedz.gov.cn is not infected or malware details are not published yet.