Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=xuesoo.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://xuesoo.com/
Result: The website is marked by Yandex as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Yandex as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://www.xuesoo.com/ | HTTP/1.1 302 Found Connection: close Date: Thu, 02 Oct 2014 09:49:29 GMT Location: http://www.wenjingjiaoyu.com Server: Tengine | clean |
http://www.wenjingjiaoyu.com/ | 200 OK Content-Length: 224041 Content-Type: text/html | suspicious |
Page code contains blacklisted domain: mail.xuesoo.com <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> <meta http-equiv="X-UA-Compatible" content="IE=EmulateIE7"/> <title>å ¬å¡åèè¯ç½_人äºèè¯ç½_å ¬å¡åèè¯é¢è¯è¾ 导å¹è®_äºä¸åä½é¢ ...[4102 bytes skipped]... | ||
http://www.wenjingjiaoyu.com/skin/default/js/jquery-1.7.2.min.js | 200 OK Content-Length: 94839 Content-Type: application/javascript | clean |
http://www.wenjingjiaoyu.com/skin/default/js/tabs.js | 200 OK Content-Length: 7477 Content-Type: application/javascript | clean |
http://lead.soperson.com/20000270/10041437.js | 200 OK Content-Length: 3008 Content-Type: text/html | clean |
http://lead.soperson.com/test404page.js | 404 Not Found Content-Length: 564 Content-Type: text/html | clean |
http://siteapp.baidu.com/static/webappservice/uaredirect.js | 200 OK Content-Length: 819 Content-Type: text/javascript | clean |
http://www.wenjingjiaoyu.com/skin/default/js/jquery-ht.js | 200 OK Content-Length: 9882 Content-Type: application/javascript | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: xuesoo.com
Result:
GET / HTTP/1.1
Host: xuesoo.com
Result:
Second query (visit from search engine):
GET / HTTP/1.1
Host: xuesoo.com
Referer: http://www.google.com/search?q=xuesoo.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: xuesoo.com
Referer: http://www.google.com/search?q=xuesoo.com
Result:
The result is similar to the first query. There are no suspicious redirects found.