Scanned pages/files
Request | Server response | Status |
http://www.fanthinks.com/ | 200 OK Content-Length: 20717 Content-Type: text/html | suspicious |
Hidden iFrame found. style: hidden src: http://l.bst.126.net/rsc/htm/music.html <iframe style="display:none" src="http://l.bst.126.net/rsc/htm/music.html" > | ||
http://l.bst.126.net/rsc/js/pagelayer/pagelayer.js?0006 | 200 OK Content-Length: 26075 Content-Type: application/x-javascript | clean |
http://l.bst.126.net/rsc/js/jquery-1.6.2.min.js | 200 OK Content-Length: 91572 Content-Type: application/x-javascript | clean |
http://lofter.ph.126.net/5aTzA_Yt4zTCgHoEMo-hQg==/6597121443702505913.js | 200 OK Content-Length: 498 Content-Type: application/javascript | clean |
http://l.bst.126.net/rsc/js/themecommon.js?0010 | 200 OK Content-Length: 8290 Content-Type: application/x-javascript | clean |
http://analytics.163.com/ntes.js | 200 OK Content-Length: 19650 Content-Type: application/x-javascript | clean |
http://www.fanthinks.com/weibo | HTTP/1.1 302 Moved Temporarily Connection: close Date: Sun, 28 Sep 2014 07:03:46 GMT Location: http://weibo.com/u/2329845532 Server: nginx Content-Length: 0 Content-Type: text/html;charset=UTF-8 Set-Cookie: NTESLOFTSI=9FEC08E3D579F43AE5D194B7DBF459EA.lofter1-8010; Domain=.www.lofter.com; Path=/ Set-Cookie: firstentry=%2Fcustompage.do%3Fmydomain%3Dwww.fanthinks.com%26%26url%3Dweibo|; Domain=.lofter.com; Expires=Mon, 29-Sep-2014 07:03:46 GMT; Path=/ | clean |
http://weibo.com/u/2329845532 | HTTP/1.1 302 Moved Temporarily Cache-Control: no-cache, no-store Connection: close Date: Sun, 28 Sep 2014 07:03:47 GMT Pragma: no-cache Location: http://passport.weibo.com/visitor/visitor?a=enter&url=http%3A%2F%2Fweibo.com%2Fu%2F2329845532&_rand=1411887827.1202 Server: WeiBo Content-Type: text/html; charset=utf-8 Expires: Sat, 26 Jul 1997 05:00:00 GMT DPOOL_HEADER: jason115 LB_HEADER: venus245 P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" Set-Cookie: YF-Page-G0=324e50a7d7f9947b6aaff9cb1680413f;Path=/ | clean |
http://passport.weibo.com/visitor/visitor?a=enter&url=http%3a%2f%2fweibo.com%2fu%2f2329845532&_rand=1411887827.1202 | 200 OK Content-Length: 4603 Content-Type: text/html | clean |
http://passport.weibo.com/js/visitor/mini.js | 200 OK Content-Length: 28163 Content-Type: application/javascript | clean |
http://www.fanthinks.com/test404page.js | 404 Not Found Content-Length: 6172 Content-Type: text/html | suspicious |
Hidden iFrame found. style: hidden src: http://l.bst.126.net/rsc/htm/music.html <iframe style="display:none" src="http://l.bst.126.net/rsc/htm/music.html" > | ||
http://l.bst.126.net/rsc/js/theme/r/pagephotoshow.min.js?0002 | 200 OK Content-Length: 54020 Content-Type: application/x-javascript | clean |
http://www.fanthinks.com/diandian | HTTP/1.1 302 Moved Temporarily Connection: close Date: Sun, 28 Sep 2014 07:03:53 GMT Location: http://lovingstuff.diandian.com/ Server: nginx Content-Length: 0 Content-Type: text/html;charset=UTF-8 Set-Cookie: NTESLOFTSI=342512CF76765B19A0A543A62556AF89.lofter1-8010; Domain=.www.lofter.com; Path=/ Set-Cookie: firstentry=%2Fcustompage.do%3Fmydomain%3Dwww.fanthinks.com%26%26url%3Ddiandian|; Domain=.lofter.com; Expires=Mon, 29-Sep-2014 07:03:53 GMT; Path=/ | clean |
http://lovingstuff.diandian.com/ | 200 OK Content-Length: 25411 Content-Type: text/html | suspicious |
Hidden iFrame found. size: 0x0 src: http://acl.a.srcdd.com/acl.html?2 <iframe src="http://acl.a.srcdd.com/acl.html?2" width="0" height="0" frameborder="0"> | ||
http://s.srcdd.com/package/theme/tools.$6918.js | 200 OK Content-Length: 149916 Content-Type: application/x-javascript | clean |
http://t.srcdd.com/js/libs/jquery/jquery-1.7-latest.js | 200 OK Content-Length: 94840 Content-Type: application/x-javascript | clean |
http://x.srcdd.com/farm1/a05baa/fde6509f/jquery.mousewheel-3.0.6.pack.js | 200 OK Content-Length: 1384 Content-Type: application/x-javascript | clean |
http://x.srcdd.com/farm1/08871e/7d5f5020/fancy.js | 200 OK Content-Length: 17638 Content-Type: application/x-javascript | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: fanthinks.com
Result:
GET / HTTP/1.1
Host: fanthinks.com
Result:
Second query (visit from search engine):
GET / HTTP/1.1
Host: fanthinks.com
Referer: http://www.google.com/search?q=fanthinks.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: fanthinks.com
Referer: http://www.google.com/search?q=fanthinks.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=fanthinks.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://fanthinks.com/
Result: fanthinks.com is not infected or malware details are not published yet.
Result: fanthinks.com is not infected or malware details are not published yet.