Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: xinhu.cn
Result:
HTTP/1.1 200 OK
Connection: close
Date: Sun, 05 Oct 2014 01:36:35 GMT
Server: Apache/2.2.3 (Red Hat)
Content-Type: text/html; charset=utf-8
Author: www.ezool.org
Set-Cookie: ez_sid=deleted; expires=Sat, 05-Oct-2013 01:36:34 GMT; path=/
Set-Cookie: ez_sec=deleted; expires=Sat, 05-Oct-2013 01:36:34 GMT; path=/
Set-Cookie: ez_admin_auth=deleted; expires=Sat, 05-Oct-2013 01:36:34 GMT; path=/
Set-Cookie: ez_cookietime=deleted; expires=Sat, 05-Oct-2013 01:36:34 GMT; path=/
Set-Cookie: ez_lang=zh; expires=Mon, 05-Oct-2015 01:36:35 GMT; path=/
Set-Cookie: ez_is_zh=1; expires=Mon, 05-Oct-2015 01:36:35 GMT; path=/
GET / HTTP/1.1
Host: xinhu.cn
Result:
HTTP/1.1 200 OK
Connection: close
Date: Sun, 05 Oct 2014 01:36:35 GMT
Server: Apache/2.2.3 (Red Hat)
Content-Type: text/html; charset=utf-8
Author: www.ezool.org
Set-Cookie: ez_sid=deleted; expires=Sat, 05-Oct-2013 01:36:34 GMT; path=/
Set-Cookie: ez_sec=deleted; expires=Sat, 05-Oct-2013 01:36:34 GMT; path=/
Set-Cookie: ez_admin_auth=deleted; expires=Sat, 05-Oct-2013 01:36:34 GMT; path=/
Set-Cookie: ez_cookietime=deleted; expires=Sat, 05-Oct-2013 01:36:34 GMT; path=/
Set-Cookie: ez_lang=zh; expires=Mon, 05-Oct-2015 01:36:35 GMT; path=/
Set-Cookie: ez_is_zh=1; expires=Mon, 05-Oct-2015 01:36:35 GMT; path=/
Second query (visit from search engine):
GET / HTTP/1.1
Host: xinhu.cn
Referer: http://www.google.com/search?q=xinhu.cn
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: xinhu.cn
Referer: http://www.google.com/search?q=xinhu.cn
Result:
The result is similar to the first query. There are no suspicious redirects found.
Scanned pages/files
Request | Server response | Status |
http://xinhu.cn/ | 200 OK Content-Length: 185485 Content-Type: text/html | clean |
http://www.xinhu.cn/stuff/js/common.js | 200 OK Content-Length: 10638 Content-Type: application/x-javascript | clean |
http://www.xinhu.cn/stuff/js/jquery.js | 200 OK Content-Length: 72174 Content-Type: application/x-javascript | clean |
http://www.xinhu.cn/stuff/js/external/jquery.cookie.min.js | 200 OK Content-Length: 1241 Content-Type: application/x-javascript | clean |
http://www.xinhu.cn/stuff/js/jquery-ui.js | 200 OK Content-Length: 185345 Content-Type: application/x-javascript | clean |
http://www.xinhu.cn/stuff/js/external/jquery.ezool.js | 200 OK Content-Length: 38831 Content-Type: application/x-javascript | clean |
http://www.xinhu.cn/stuff/js/ezool.global.js | 200 OK Content-Length: 10238 Content-Type: application/x-javascript | clean |
http://www.xinhu.cn/stuff/js/DD_belatedPNG_0.0.8a.js | 200 OK Content-Length: 12331 Content-Type: application/x-javascript | clean |
http://www.xinhu.cn/stuff/js/swfobject.js | 200 OK Content-Length: 6880 Content-Type: application/x-javascript | clean |
http://www.xinhu.cn/stuff/js/media.js | 200 OK Content-Length: 6416 Content-Type: application/x-javascript | clean |
http://www.xinhu.cn/cache/bill/21.js | 200 OK Content-Length: 187 Content-Type: application/x-javascript | clean |
http://www.xinhu.cn/cache/bill/14.js | 200 OK Content-Length: 173 Content-Type: application/x-javascript | clean |
http://www.xinhu.cn/cache/bill/18.js | 200 OK Content-Length: 194 Content-Type: application/x-javascript | clean |
http://www.xinhu.cn/cache/bill/31.js | 200 OK Content-Length: 200 Content-Type: application/x-javascript | clean |
http://s86.cnzz.com/stat.php?id=892352&web_id=892352&show=pic | 200 OK Content-Length: 9322 Content-Type: application/javascript | clean |
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=xinhu.cn
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://xinhu.cn/
Result: xinhu.cn is not infected or malware details are not published yet.
Result: xinhu.cn is not infected or malware details are not published yet.