Scanned pages/files
| Request | Server response | Status |
http://down.yuloo.com/ | 200 OK Content-Length: 43021 Content-Type: text/html | clean |
http://cpro.baidu.com/cpro/ui/c.js | 200 OK Content-Length: 82097 Content-Type: application/x-javascript | suspicious |
Hidden iFrame found. size: 0x0 src: http://cpro.baidustatic.com/cpro/ui/html/appdetect.html <iframe src="http://cpro.baidustatic.com/cpro/ui/html/appdetect.html" width="0" height="0"align="center,center" marginwidth="0" marginheight="0" scrolling="no" frameborder="0" allowtransparency="true" style="margin-left:{iframmarginleft}px" > | ||
http://bbs.yuloo.com/api/javascript.php?key=downindex | 404 Not Found Content-Length: 16 Content-Type: text/html | clean |
http://bbs.yuloo.com/test404page.js | HTTP/1.1 302 Moved Temporarily Connection: close Date: Wed, 08 Oct 2014 23:25:09 GMT Location: http://bbs.yuloo.com/404.html Server: nginx/1.4.7 Content-Length: 160 Content-Type: text/html | clean |
http://bbs.yuloo.com/404.html | 200 OK Content-Length: 3095 Content-Type: text/html | clean |
http://bbs.yuloo.com/ | 200 OK Content-Length: 118425 Content-Type: text/html | clean |
http://bbs.yuloo.com/data/cache/common.js | 200 OK Content-Length: 62475 Content-Type: application/x-javascript | clean |
http://bbs.yuloo.com/static/club/js/jquery-1.7.2.min.js | 200 OK Content-Length: 94879 Content-Type: application/x-javascript | clean |
http://cg.yuloo.com/js/tab.js | 200 OK Content-Length: 488 Content-Type: application/javascript | clean |
http://bbs.yuloo.com/static/subsite/js/lrlunhuan.js | 200 OK Content-Length: 2053 Content-Type: application/x-javascript | clean |
http://bbs.yuloo.com/static/member/js/nowtime.js | 200 OK Content-Length: 4277 Content-Type: application/x-javascript | clean |
http://discuz.gtimg.cn/cloud/scripts/discuz_tips.js?v=1 | 200 OK Content-Length: 6173 Content-Type: application/x-javascript | clean |
http://bbs.yuloo.com/./ | 200 OK Content-Length: 118429 Content-Type: text/html | clean |
http://bbs.yuloo.com/./data/cache/common.js | 200 OK Content-Length: 62475 Content-Type: application/x-javascript | clean |
http://bbs.yuloo.com/./static/club/js/jquery-1.7.2.min.js | 200 OK Content-Length: 94879 Content-Type: application/x-javascript | clean |
http://bbs.yuloo.com/./static/subsite/js/lrlunhuan.js | 200 OK Content-Length: 2053 Content-Type: application/x-javascript | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: down.yuloo.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Wed, 08 Oct 2014 23:25:03 GMT
Accept-Ranges: bytes
ETag: "4f4371b3-a80d"
Server: nginx/1.4.7
Content-Length: 43021
Content-Type: text/html
Last-Modified: Tue, 21 Feb 2012 10:28:03 GMT
...43021 bytes of data.
GET / HTTP/1.1
Host: down.yuloo.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Wed, 08 Oct 2014 23:25:03 GMT
Accept-Ranges: bytes
ETag: "4f4371b3-a80d"
Server: nginx/1.4.7
Content-Length: 43021
Content-Type: text/html
Last-Modified: Tue, 21 Feb 2012 10:28:03 GMT
...43021 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: down.yuloo.com
Referer: http://www.google.com/search?q=down.yuloo.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: down.yuloo.com
Referer: http://www.google.com/search?q=down.yuloo.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=down.yuloo.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://down.yuloo.com/
Result: down.yuloo.com is not infected or malware details are not published yet.
Result: down.yuloo.com is not infected or malware details are not published yet.