Malicious/Suspicious Redirects
Request | Server response | Status |
URL: http://www.xinmei.org/ (imitation of visitor from search engine) GET / HTTP/1.1 Host: www.xinmei.org Referer: http://www.google.com/search?q=redirect+check1 | HTTP/1.1 302 Object moved Cache-Control: private Date: Fri, 15 Aug 2014 08:26:49 GMT Location: http://www.baidu.com/link?url=Kp8Is6wqHh3icHdQ-9CSJwdDQg7nrpe-_8ApEmybPdG Server: IIS Content-Length: 194 Content-Type: text/html; Charset=gb2312 Set-Cookie: ASPSESSIONIDSSQQABTA=APGODFDCJMCMLINLEOMABIMG; path=/ X-Powered-By: WAF/2.0 | malicious |
URL: http://www.baidu.com/link?url=Kp8Is6wqHh3icHdQ-9CSJwdDQg7nrpe-_8ApEmybPdG (imitation of visitor from search engine) GET /link?url=Kp8Is6wqHh3icHdQ-9CSJwdDQg7nrpe-_8ApEmybPdG HTTP/1.1 Host: www.baidu.com Referer: http://www.google.com/search?q=redirect+check2 | HTTP/1.1 302 Found Cache-Control: max-age=86400 Connection: Keep-Alive Date: Fri, 15 Aug 2014 08:27:23 GMT Location: http://xinmei.org/ Server: Apache Content-Length: 202 Content-Type: text/html; charset=iso-8859-1 Expires: Sat, 16 Aug 2014 08:27:23 GMT | suspicious |
Scanned pages/files
Request | Server response | Status |
http://www.xinmei.org/ | 200 OK Content-Length: 82040 Content-Type: text/html | clean |
http://www.xinmei.org/Scripts/AC_RunActiveContent.js | HTTP/1.1 200 OK Date: Fri, 15 Aug 2014 08:26:52 GMT Accept-Ranges: bytes ETag: "07e3b2cbac7c81:8b527" Server: IIS Content-Length: 3359 Content-Location: http://www.xinmei.org/Scripts/AC_RunActiveContent.js Content-Type: application/x-javascript Last-Modified: Fri, 06 Jun 2008 09:46:20 GMT X-Powered-By: WAF/2.0 | clean |
http://www.xinmei.org/scripts/ac_runactivecontent.js | HTTP/1.1 200 OK Date: Fri, 15 Aug 2014 08:26:52 GMT Accept-Ranges: bytes ETag: "07e3b2cbac7c81:8b527" Server: IIS Content-Length: 3359 Content-Location: http://www.xinmei.org/scripts/ac_runactivecontent.js Content-Type: application/x-javascript Last-Modified: Fri, 06 Jun 2008 09:46:20 GMT X-Powered-By: WAF/2.0 | clean |
http://www.xinmei.org/test404page.js | HTTP/1.1 200 OK Date: Fri, 15 Aug 2014 08:26:55 GMT Accept-Ranges: bytes ETag: "f06bad6bffcfcd1:8b527" Server: IIS Content-Length: 2724 Content-Location: http://www.xinmei.org/_apps/errdocs/404ad.html?404;http://www.xinmei.org:80/test404page.js Content-Type: text/html Last-Modified: Sat, 01 Dec 2012 20:06:59 GMT X-Powered-By: WAF/2.0 | clean |
http://www.xinmei.org/_apps/errdocs/404ad.html?404;http://www.xinmei.org:80/test404page.js | 200 OK Content-Length: 2724 Content-Type: text/html | clean |
http://www.xinmei.org/../date.asp | 403 Forbidden Content-Length: 32 Content-Type: text/html | clean |
http://count29.51yes.com/click.aspx?id=294383220&logo=12 | 200 OK Content-Length: 1694 Content-Type: text/html | clean |
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=xinmei.org
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://xinmei.org/
Result: xinmei.org is not infected or malware details are not published yet.
Result: xinmei.org is not infected or malware details are not published yet.