Scanned pages/files
| Request | Server response | Status |
http://andyq.net/ | HTTP/1.1 302 Moved Temporarily Connection: close Date: Thu, 05 Jun 2014 01:05:09 GMT Location: http://www.lofter.com/mydomainr.do?domain=andyq.net&path=/ Server: nginx Content-Length: 154 Content-Type: text/html | clean |
http://www.lofter.com/mydomainr.do?domain=andyq.net&path=/ | HTTP/1.1 302 Moved Temporarily Connection: close Date: Thu, 05 Jun 2014 01:05:09 GMT Location: http://andyq.lofter.com/?mydomainr=true Server: nginx Content-Length: 0 Content-Type: text/html;charset=UTF-8 P3P: policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID" Set-Cookie: NTESLOFTSI=3B8601481066BEC32FD72432D2E80A83.lofter0-8010; Domain=.www.lofter.com; Path=/ Set-Cookie: firstentry=%2Fmydomainr.do%3Fdomain%3Dandyq.net%26path%3D%2F|; Domain=.lofter.com; Expires=Fri, 06-Jun-2014 01:05:09 GMT; Path=/ Set-Cookie: usertrack=ZUcIhFOPwkUQ01nzPiwlAg==; expires=Fri, 05-Jun-15 01:05:09 GMT; domain=lofter.com; path=/ | clean |
http://andyq.lofter.com/?mydomainr=true | 200 OK Content-Length: 26188 Content-Type: text/html | suspicious |
Hidden iFrame found. style: hidden src: http://l.bst.126.net/rsc/htm/music.html <iframe style="display:none" src="http://l.bst.126.net/rsc/htm/music.html" > | ||
http://l.bst.126.net/rsc/js/jquery-1.6.2.min.js | 200 OK Content-Length: 91572 Content-Type: application/x-javascript | clean |
http://l.bst.126.net/rsc/js/themecommon.js?0005 | 200 OK Content-Length: 2224 Content-Type: application/x-javascript | clean |
http://analytics.163.com/ntes.js | 200 OK Content-Length: 19465 Content-Type: application/x-javascript | clean |
http://andyq.net/Page1 | HTTP/1.1 302 Moved Temporarily Connection: close Date: Thu, 05 Jun 2014 01:05:16 GMT Location: http://www.lofter.com/mydomainr.do?domain=andyq.net&path=/Page1 Server: nginx Content-Length: 154 Content-Type: text/html | clean |
http://www.lofter.com/mydomainr.do?domain=andyq.net&path=/page1 | HTTP/1.1 302 Moved Temporarily Connection: close Date: Thu, 05 Jun 2014 01:05:17 GMT Location: http://andyq.lofter.com/page1?mydomainr=true Server: nginx Content-Length: 0 Content-Type: text/html;charset=UTF-8 P3P: policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID" Set-Cookie: NTESLOFTSI=68E757E1ED3183DA65FBC2C593379378.lofter1-8010; Domain=.www.lofter.com; Path=/ Set-Cookie: firstentry=%2Fmydomainr.do%3Fdomain%3Dandyq.net%26path%3D%2Fpage1|; Domain=.lofter.com; Expires=Fri, 06-Jun-2014 01:05:17 GMT; Path=/ Set-Cookie: usertrack=ZUcIg1OPwk2XExDPRX7nAg==; expires=Fri, 05-Jun-15 01:05:17 GMT; domain=lofter.com; path=/ | clean |
http://andyq.lofter.com/page1?mydomainr=true | 200 OK Content-Length: 6007 Content-Type: text/html | suspicious |
Hidden iFrame found. style: hidden src: http://l.bst.126.net/rsc/htm/music.html <iframe style="display:none" src="http://l.bst.126.net/rsc/htm/music.html" > | ||
http://l.bst.126.net/rsc/js/theme/r/pagephotoshow.min.js?0002 | 200 OK Content-Length: 54020 Content-Type: application/x-javascript | clean |
http://andyq.net/view | HTTP/1.1 302 Moved Temporarily Connection: close Date: Thu, 05 Jun 2014 01:05:20 GMT Location: http://www.lofter.com/mydomainr.do?domain=andyq.net&path=/view Server: nginx Content-Length: 154 Content-Type: text/html | clean |
http://www.lofter.com/mydomainr.do?domain=andyq.net&path=/view | HTTP/1.1 302 Moved Temporarily Connection: close Date: Thu, 05 Jun 2014 01:05:21 GMT Location: http://andyq.lofter.com/view?mydomainr=true Server: nginx Content-Length: 0 Content-Type: text/html;charset=UTF-8 P3P: policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID" Set-Cookie: NTESLOFTSI=0DAA362F15D260717529D9691D7A5F86.lofter0-8010; Domain=.www.lofter.com; Path=/ Set-Cookie: firstentry=%2Fmydomainr.do%3Fdomain%3Dandyq.net%26path%3D%2Fview|; Domain=.lofter.com; Expires=Fri, 06-Jun-2014 01:05:21 GMT; Path=/ Set-Cookie: usertrack=ZUcIg1OPwlGYfxDWRQqfAg==; expires=Fri, 05-Jun-15 01:05:21 GMT; domain=lofter.com; path=/ | clean |
http://andyq.lofter.com/view?mydomainr=true | 200 OK Content-Length: 36383 Content-Type: text/html | clean |
http://l.bst.126.net/s/core.js?3c0ba1a2c69e517f0b513ef1b8a8e42d | 200 OK Content-Length: 85348 Content-Type: application/x-javascript | clean |
http://l.bst.126.net/s/pt_page_archive.js?9a2680513c3814f1bd4a9d5ea300f4b4 | 200 OK Content-Length: 72906 Content-Type: application/x-javascript | clean |
http://andyq.net/test404page.js | HTTP/1.1 302 Moved Temporarily Connection: close Date: Thu, 05 Jun 2014 01:05:26 GMT Location: http://www.lofter.com/mydomainr.do?domain=andyq.net&path=/test404page.js Server: nginx Content-Length: 154 Content-Type: text/html | clean |
http://www.lofter.com/mydomainr.do?domain=andyq.net&path=/test404page.js | HTTP/1.1 302 Moved Temporarily Connection: close Date: Thu, 05 Jun 2014 01:05:27 GMT Location: http://andyq.lofter.com/test404page.js?mydomainr=true Server: nginx Content-Length: 0 Content-Type: text/html;charset=UTF-8 P3P: policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID" Set-Cookie: NTESLOFTSI=D21910DBD57E58103A97F7EBA3FBA16B.lofter1-8010; Domain=.www.lofter.com; Path=/ Set-Cookie: firstentry=%2Fmydomainr.do%3Fdomain%3Dandyq.net%26path%3D%2Ftest404page.js|; Domain=.lofter.com; Expires=Fri, 06-Jun-2014 01:05:27 GMT; Path=/ Set-Cookie: usertrack=ZUcIg1OPwleVIBDJQ+7DAg==; expires=Fri, 05-Jun-15 01:05:27 GMT; domain=lofter.com; path=/ | clean |
http://andyq.lofter.com/test404page.js?mydomainr=true | 404 Not Found Content-Length: 6036 Content-Type: text/html | suspicious |
Hidden iFrame found. style: hidden src: http://l.bst.126.net/rsc/htm/music.html <iframe style="display:none" src="http://l.bst.126.net/rsc/htm/music.html" > | ||
http://andyq.lofter.com/ | HTTP/1.1 301 Moved Permanently Connection: close Date: Thu, 05 Jun 2014 01:05:30 GMT Location: http://andyq.net Server: nginx Content-Length: 0 Content-Type: text/html;charset=UTF-8 P3P: policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID" Set-Cookie: NTESLOFTSI=B9E0DAE2256D56F3F81D34FDE76DFD9F.blog198-8010; Domain=.www.lofter.com; Path=/ Set-Cookie: firstentry=%2Fblogindex.do%3FloftBlogName%3Dandyq%26|; Domain=.lofter.com; Expires=Fri, 06-Jun-2014 01:05:30 GMT; Path=/ Set-Cookie: usertrack=ZUcIhFOPwloSS1n8PqyvAg==; expires=Fri, 05-Jun-15 01:05:30 GMT; domain=lofter.com; path=/ | clean |
http://andyq.net/rss | 200 OK Content-Length: 22736 Content-Type: text/xml | clean |
http://andyq.net/post/112337_acd48a | HTTP/1.1 302 Moved Temporarily Connection: close Date: Thu, 05 Jun 2014 01:05:33 GMT Location: http://www.lofter.com/mydomainr.do?domain=andyq.net&path=/post/112337_acd48a Server: nginx Content-Length: 154 Content-Type: text/html | clean |
http://www.lofter.com/mydomainr.do?domain=andyq.net&path=/post/112337_acd48a | HTTP/1.1 302 Moved Temporarily Connection: close Date: Thu, 05 Jun 2014 01:05:34 GMT Location: http://andyq.lofter.com/post/112337_acd48a?mydomainr=true Server: nginx Content-Length: 0 Content-Type: text/html;charset=UTF-8 P3P: policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID" Set-Cookie: NTESLOFTSI=D3E8D333782512FBDFAFE0619D5AEE97.blog83-8010; Domain=.www.lofter.com; Path=/ Set-Cookie: firstentry=%2Fmydomainr.do%3Fdomain%3Dandyq.net%26path%3D%2Fpost%2F112337_acd48a|; Domain=.lofter.com; Expires=Fri, 06-Jun-2014 01:05:34 GMT; Path=/ Set-Cookie: usertrack=ZUcIg1OPwl6WNxDNQ8lOAg==; expires=Fri, 05-Jun-15 01:05:34 GMT; domain=lofter.com; path=/ | clean |
http://andyq.lofter.com/post/112337_acd48a?mydomainr=true | 200 OK Content-Length: 8812 Content-Type: text/html | suspicious |
Hidden iFrame found. style: hidden src: http://l.bst.126.net/rsc/htm/music.html <iframe style="display:none" src="http://l.bst.126.net/rsc/htm/music.html" > | ||
http://andyq.net/tag/Personal | 200 OK Content-Length: 13516 Content-Type: text/html | suspicious |
Hidden iFrame found. style: hidden src: http://l.bst.126.net/rsc/htm/music.html <iframe style="display:none" src="http://l.bst.126.net/rsc/htm/music.html" > | ||
http://andyq.net/post/112337_abf8ac | HTTP/1.1 302 Moved Temporarily Connection: close Date: Thu, 05 Jun 2014 01:05:38 GMT Location: http://www.lofter.com/mydomainr.do?domain=andyq.net&path=/post/112337_abf8ac Server: nginx Content-Length: 154 Content-Type: text/html | clean |
http://www.lofter.com/mydomainr.do?domain=andyq.net&path=/post/112337_abf8ac | HTTP/1.1 302 Moved Temporarily Connection: close Date: Thu, 05 Jun 2014 01:05:38 GMT Location: http://andyq.lofter.com/post/112337_abf8ac?mydomainr=true Server: nginx Content-Length: 0 Content-Type: text/html;charset=UTF-8 P3P: policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID" Set-Cookie: NTESLOFTSI=7FEAEA52339555E390828975BD3631FC.lofter1-8010; Domain=.www.lofter.com; Path=/ Set-Cookie: firstentry=%2Fmydomainr.do%3Fdomain%3Dandyq.net%26path%3D%2Fpost%2F112337_abf8ac|; Domain=.lofter.com; Expires=Fri, 06-Jun-2014 01:05:38 GMT; Path=/ Set-Cookie: usertrack=ZUcIg1OPwmKT1hDERLO3Ag==; expires=Fri, 05-Jun-15 01:05:38 GMT; domain=lofter.com; path=/ | clean |
http://andyq.lofter.com/post/112337_abf8ac?mydomainr=true | 200 OK Content-Length: 10566 Content-Type: text/html | suspicious |
Hidden iFrame found. style: hidden src: http://l.bst.126.net/rsc/htm/music.html <iframe style="display:none" src="http://l.bst.126.net/rsc/htm/music.html" > | ||
http://andyq.net/post/112337_aaf32c | 200 OK Content-Length: 11461 Content-Type: text/html | suspicious |
Hidden iFrame found. style: hidden src: http://l.bst.126.net/rsc/htm/music.html <iframe style="display:none" src="http://l.bst.126.net/rsc/htm/music.html" > | ||
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: andyq.net
Result:
HTTP/1.1 302 Moved Temporarily
Connection: close
Date: Thu, 05 Jun 2014 01:05:09 GMT
Location: http://www.lofter.com/mydomainr.do?domain=andyq.net&path=/
Server: nginx
Content-Length: 154
Content-Type: text/html
...154 bytes of data.
GET / HTTP/1.1
Host: andyq.net
Result:
HTTP/1.1 302 Moved Temporarily
Connection: close
Date: Thu, 05 Jun 2014 01:05:09 GMT
Location: http://www.lofter.com/mydomainr.do?domain=andyq.net&path=/
Server: nginx
Content-Length: 154
Content-Type: text/html
...154 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: andyq.net
Referer: http://www.google.com/search?q=andyq.net
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: andyq.net
Referer: http://www.google.com/search?q=andyq.net
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=andyq.net
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://andyq.net/
Result: andyq.net is not infected or malware details are not published yet.
Result: andyq.net is not infected or malware details are not published yet.