Scanned pages/files
Request | Server response | Status |
http://100add.com/ | HTTP/1.1 302 Moved Temporarily Connection: close Date: Fri, 12 Sep 2014 22:34:23 GMT Location: http://www.lofter.com/mydomainr.do?domain=100add.com&path=/ Server: nginx Content-Length: 154 Content-Type: text/html | clean |
http://www.lofter.com/mydomainr.do?domain=100add.com&path=/ | HTTP/1.1 302 Moved Temporarily Connection: close Date: Fri, 12 Sep 2014 22:34:24 GMT Location: http://100add.lofter.com/?mydomainr=true Server: nginx Content-Length: 0 Content-Type: text/html;charset=UTF-8 P3P: policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID" Set-Cookie: NTESLOFTSI=D6B351BEE783DAD2C12E173897636532.lofter13-8010; Domain=.www.lofter.com; Path=/ Set-Cookie: firstentry=%2Fmydomainr.do%3FX-From-ISP%3D2%26domain%3D100add.com%26path%3D%2F|; Domain=.lofter.com; Expires=Sat, 13-Sep-2014 22:34:24 GMT; Path=/ Set-Cookie: usertrack=ezq0eFQTdPAyowojDOp8Ag==; expires=Sat, 12-Sep-15 22:34:24 GMT; domain=lofter.com; path=/ | clean |
http://100add.lofter.com/?mydomainr=true | 200 OK Content-Length: 27341 Content-Type: text/html | suspicious |
Hidden iFrame found. style: hidden src: http://l.bst.126.net/rsc/htm/music.html <iframe style="display:none" src="http://l.bst.126.net/rsc/htm/music.html" > | ||
http://l.bst.126.net/rsc/js/pagelayer/pagelayer.js?0005 | 200 OK Content-Length: 26075 Content-Type: application/x-javascript | clean |
http://l.bst.126.net/rsc/js/jquery-1.6.2.min.js | 200 OK Content-Length: 91572 Content-Type: application/x-javascript | clean |
http://lofter.ph.126.net/ocjB906iug_Z0XxmX7uzYA==/5629523723468935467.js | 200 OK Content-Length: 854 Content-Type: application/javascript | clean |
http://l.bst.126.net/rsc/js/themecommon.js?0008 | 200 OK Content-Length: 7459 Content-Type: application/x-javascript | clean |
http://analytics.163.com/ntes.js | 200 OK Content-Length: 19650 Content-Type: application/x-javascript | clean |
http://100add.com/view | HTTP/1.1 302 Moved Temporarily Connection: close Date: Fri, 12 Sep 2014 22:34:33 GMT Location: http://www.lofter.com/mydomainr.do?domain=100add.com&path=/view Server: nginx Content-Length: 154 Content-Type: text/html | clean |
http://www.lofter.com/mydomainr.do?domain=100add.com&path=/view | HTTP/1.1 302 Moved Temporarily Connection: close Date: Fri, 12 Sep 2014 22:34:34 GMT Location: http://100add.lofter.com/view?mydomainr=true Server: nginx Content-Length: 0 Content-Type: text/html;charset=UTF-8 P3P: policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID" Set-Cookie: NTESLOFTSI=B9178C97036D6AE8406F77E31EBB59DB.blog83-8010; Domain=.www.lofter.com; Path=/ Set-Cookie: firstentry=%2Fmydomainr.do%3FX-From-ISP%3D2%26domain%3D100add.com%26path%3D%2Fview|; Domain=.lofter.com; Expires=Sat, 13-Sep-2014 22:34:34 GMT; Path=/ Set-Cookie: usertrack=ezq0eFQTdPqh/w9/DGy5Ag==; expires=Sat, 12-Sep-15 22:34:34 GMT; domain=lofter.com; path=/ | clean |
http://100add.lofter.com/view?mydomainr=true | 200 OK Content-Length: 59756 Content-Type: text/html | clean |
http://l.bst.126.net/s/core.js?c6c3508aff26ef8fd4afbb966d6c63a7 | 200 OK Content-Length: 85344 Content-Type: application/x-javascript | clean |
http://l.bst.126.net/s/pt_page_archive.js?d6894f8fe490c0f8d4e06591b616b20a | 200 OK Content-Length: 75323 Content-Type: application/x-javascript | clean |
http://100add.com/test404page.js | HTTP/1.1 302 Moved Temporarily Connection: close Date: Fri, 12 Sep 2014 22:34:42 GMT Location: http://www.lofter.com/mydomainr.do?domain=100add.com&path=/test404page.js Server: nginx Content-Length: 154 Content-Type: text/html | clean |
http://www.lofter.com/mydomainr.do?domain=100add.com&path=/test404page.js | HTTP/1.1 302 Moved Temporarily Connection: close Date: Fri, 12 Sep 2014 22:34:43 GMT Location: http://100add.lofter.com/test404page.js?mydomainr=true Server: nginx Content-Length: 0 Content-Type: text/html;charset=UTF-8 P3P: policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID" Set-Cookie: NTESLOFTSI=1B9AC4D995015E229B592FD35FE54DDA.lofter13-8010; Domain=.www.lofter.com; Path=/ Set-Cookie: firstentry=%2Fmydomainr.do%3FX-From-ISP%3D2%26domain%3D100add.com%26path%3D%2Ftest404page.js|; Domain=.lofter.com; Expires=Sat, 13-Sep-2014 22:34:43 GMT; Path=/ Set-Cookie: usertrack=ezq0eFQTdQM0YwonDJoSAg==; expires=Sat, 12-Sep-15 22:34:43 GMT; domain=lofter.com; path=/ | clean |
http://100add.lofter.com/test404page.js?mydomainr=true | 404 Not Found Content-Length: 7329 Content-Type: text/html | suspicious |
Hidden iFrame found. style: hidden src: http://l.bst.126.net/rsc/htm/music.html <iframe style="display:none" src="http://l.bst.126.net/rsc/htm/music.html" > | ||
http://l.bst.126.net/rsc/js/theme/r/pagephotoshow.min.js?0002 | 200 OK Content-Length: 54020 Content-Type: application/x-javascript | clean |
http://100add.com/rss | 200 OK Content-Length: 26437 Content-Type: text/xml | clean |
http://100add.com/tag/%E5%8E%9F%E5%88%9B | HTTP/1.1 302 Moved Temporarily Connection: close Date: Fri, 12 Sep 2014 22:34:48 GMT Location: http://www.lofter.com/mydomainr.do?domain=100add.com&path=/tag/%E5%8E%9F%E5%88%9B Server: nginx Content-Length: 154 Content-Type: text/html | clean |
http://www.lofter.com/mydomainr.do?domain=100add.com&path=/tag/%e5%8e%9f%e5%88%9b | HTTP/1.1 302 Moved Temporarily Connection: close Date: Fri, 12 Sep 2014 22:34:49 GMT Location: http://100add.lofter.com/tag/åå?mydomainr=true Server: nginx Content-Length: 0 Content-Type: text/html;charset=UTF-8 P3P: policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID" Set-Cookie: NTESLOFTSI=91377A0B1D2992731D2D191093803901.lofter1-8010; Domain=.www.lofter.com; Path=/ Set-Cookie: firstentry=%2Fmydomainr.do%3FX-From-ISP%3D2%26domain%3D100add.com%26path%3D%2Ftag%2F%25e5%258e%259f%25e5%2588%259b|; Domain=.lofter.com; Expires=Sat, 13-Sep-2014 22:34:49 GMT; Path=/ Set-Cookie: usertrack=ezq0eFQTdQmlri1MDPbkAg==; expires=Sat, 12-Sep-15 22:34:49 GMT; domain=lofter.com; path=/ | clean |
http://100add.lofter.com/tag/åå?mydomainr=true | 200 OK Content-Length: 7350 Content-Type: text/html | suspicious |
Hidden iFrame found. style: hidden src: http://l.bst.126.net/rsc/htm/music.html <iframe style="display:none" src="http://l.bst.126.net/rsc/htm/music.html" > | ||
http://100add.lofter.com/ | HTTP/1.1 301 Moved Permanently Connection: close Date: Fri, 12 Sep 2014 22:34:50 GMT Location: http://100add.com Server: nginx Content-Length: 0 Content-Type: text/html;charset=UTF-8 P3P: policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID" Set-Cookie: NTESLOFTSI=6BE6F3195AA710A5E1CB7B5AF8C41D56.blog197-8010; Domain=.www.lofter.com; Path=/ Set-Cookie: firstentry=%2Fblogindex.do%3FloftBlogName%3D100add%26X-From-ISP%3D2|; Domain=.lofter.com; Expires=Sat, 13-Sep-2014 22:34:50 GMT; Path=/ Set-Cookie: usertrack=ezq0d1QTdQoyowojDOuqAg==; expires=Sat, 12-Sep-15 22:34:50 GMT; domain=lofter.com; path=/ | clean |
http://100add.com/tag/ | HTTP/1.1 302 Moved Temporarily Connection: close Date: Fri, 12 Sep 2014 22:34:51 GMT Location: http://www.lofter.com/mydomainr.do?domain=100add.com&path=/tag/ Server: nginx Content-Length: 154 Content-Type: text/html | clean |
http://www.lofter.com/mydomainr.do?domain=100add.com&path=/tag/ | HTTP/1.1 302 Moved Temporarily Connection: close Date: Fri, 12 Sep 2014 22:34:52 GMT Location: http://100add.lofter.com/tag/?mydomainr=true Server: nginx Content-Length: 0 Content-Type: text/html;charset=UTF-8 P3P: policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID" Set-Cookie: NTESLOFTSI=F39CCAC58CB894B1BDE134C28C8A008E.lofter14-8010; Domain=.www.lofter.com; Path=/ Set-Cookie: firstentry=%2Fmydomainr.do%3FX-From-ISP%3D2%26domain%3D100add.com%26path%3D%2Ftag%2F|; Domain=.lofter.com; Expires=Sat, 13-Sep-2014 22:34:52 GMT; Path=/ Set-Cookie: usertrack=ezq0eFQTdQypEg+LDOXKAg==; expires=Sat, 12-Sep-15 22:34:52 GMT; domain=lofter.com; path=/ | clean |
http://100add.lofter.com/tag/?mydomainr=true | HTTP/1.1 302 Moved Temporarily Connection: close Date: Fri, 12 Sep 2014 22:34:52 GMT Location: http://100add.lofter.com/ Server: nginx Content-Length: 0 Content-Type: text/html;charset=UTF-8 P3P: policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID" Set-Cookie: NTESLOFTSI=EA6525B83C4A6F33349331BA8B8423C0.lofter14-8010; Domain=.www.lofter.com; Path=/ Set-Cookie: firstentry=%2Fblogtag.do%3FloftBlogName%3D100add%26X-From-ISP%3D2%26mydomainr%3Dtrue%26tag%3D|; Domain=.lofter.com; Expires=Sat, 13-Sep-2014 22:34:52 GMT; Path=/ Set-Cookie: usertrack=ezq0eFQTdQyqEi1ZDFwMAg==; expires=Sat, 12-Sep-15 22:34:52 GMT; domain=lofter.com; path=/ | clean |
http://100add.com/post/13da97_33f00f | HTTP/1.1 302 Moved Temporarily Connection: close Date: Fri, 12 Sep 2014 22:34:53 GMT Location: http://www.lofter.com/mydomainr.do?domain=100add.com&path=/post/13da97_33f00f Server: nginx Content-Length: 154 Content-Type: text/html | clean |
http://www.lofter.com/mydomainr.do?domain=100add.com&path=/post/13da97_33f00f | HTTP/1.1 302 Moved Temporarily Connection: close Date: Fri, 12 Sep 2014 22:34:54 GMT Location: http://100add.lofter.com/post/13da97_33f00f?mydomainr=true Server: nginx Content-Length: 0 Content-Type: text/html;charset=UTF-8 P3P: policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID" Set-Cookie: NTESLOFTSI=2823DEAD7EB105B4A6C4755CE499CE98.blog197-8010; Domain=.www.lofter.com; Path=/ Set-Cookie: firstentry=%2Fmydomainr.do%3FX-From-ISP%3D2%26domain%3D100add.com%26path%3D%2Fpost%2F13da97_33f00f|; Domain=.lofter.com; Expires=Sat, 13-Sep-2014 22:34:54 GMT; Path=/ Set-Cookie: usertrack=ezq0d1QTdQ6sdS1XDDrAAg==; expires=Sat, 12-Sep-15 22:34:54 GMT; domain=lofter.com; path=/ | clean |
http://100add.lofter.com/post/13da97_33f00f?mydomainr=true | 200 OK Content-Length: 35357 Content-Type: text/html | suspicious |
Hidden iFrame found. style: hidden src: http://l.bst.126.net/rsc/htm/music.html <iframe style="display:none" src="http://l.bst.126.net/rsc/htm/music.html" > | ||
http://100add.lofter.com/post/ | 404 Not Found Content-Length: 7329 Content-Type: text/html | suspicious |
Hidden iFrame found. style: hidden src: http://l.bst.126.net/rsc/htm/music.html <iframe style="display:none" src="http://l.bst.126.net/rsc/htm/music.html" > |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: 100add.com
Result:
HTTP/1.1 302 Moved Temporarily
Connection: close
Date: Fri, 12 Sep 2014 22:34:23 GMT
Location: http://www.lofter.com/mydomainr.do?domain=100add.com&path=/
Server: nginx
Content-Length: 154
Content-Type: text/html
...154 bytes of data.
GET / HTTP/1.1
Host: 100add.com
Result:
HTTP/1.1 302 Moved Temporarily
Connection: close
Date: Fri, 12 Sep 2014 22:34:23 GMT
Location: http://www.lofter.com/mydomainr.do?domain=100add.com&path=/
Server: nginx
Content-Length: 154
Content-Type: text/html
...154 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: 100add.com
Referer: http://www.google.com/search?q=100add.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: 100add.com
Referer: http://www.google.com/search?q=100add.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=100add.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://100add.com/
Result: 100add.com is not infected or malware details are not published yet.
Result: 100add.com is not infected or malware details are not published yet.