Scanned pages/files
| Request | Server response | Status |
http://imsaint.com/ | 200 OK Content-Length: 19933 Content-Type: text/html | suspicious |
Hidden iFrame found. style: hidden src: http://l.bst.126.net/rsc/htm/music.html <iframe style="display:none" src="http://l.bst.126.net/rsc/htm/music.html" > | ||
http://l.bst.126.net/rsc/js/pagelayer/pagelayer.js?0006 | 200 OK Content-Length: 26075 Content-Type: application/x-javascript | clean |
http://l.bst.126.net/rsc/js/jquery-1.6.2.min.js | 200 OK Content-Length: 91572 Content-Type: application/x-javascript | clean |
http://lofter.ph.126.net/tw-cRIZ4sjY6gArYawU0-w==/5629522623957307654.js | 200 OK Content-Length: 2515 Content-Type: application/javascript | clean |
http://l.bst.126.net/rsc/js/themecommon.js?0010 | 200 OK Content-Length: 8290 Content-Type: application/x-javascript | clean |
http://analytics.163.com/ntes.js | 200 OK Content-Length: 19650 Content-Type: application/x-javascript | clean |
http://imsaint.com/mydribbble | HTTP/1.1 302 Moved Temporarily Connection: close Date: Fri, 26 Sep 2014 20:24:45 GMT Location: http://dribbble.com/Saint Server: nginx Content-Length: 0 Content-Type: text/html;charset=UTF-8 Set-Cookie: NTESLOFTSI=C30055DCA407C164AB1C15EA58B60CBA.lofter0-8010; Domain=.www.lofter.com; Path=/ Set-Cookie: firstentry=%2Fcustompage.do%3Fmydomain%3Dimsaint.com%26%26url%3Dmydribbble|; Domain=.lofter.com; Expires=Sat, 27-Sep-2014 20:24:45 GMT; Path=/ | clean |
http://dribbble.com/saint | HTTP/1.1 301 Moved Permanently Connection: close Date: Fri, 26 Sep 2014 20:24:46 GMT Location: https://dribbble.com/saint Server: nginx Content-Type: text/html Status: 301 Moved Permanently X-Frame-Options: SAMEORIGIN X-Rack-Cache: miss X-Request-Id: c6525e306050c3405c8d581584ee73a8 X-Runtime: 0.001265 | clean |
https://dribbble.com/saint | 200 OK Content-Length: 51769 Content-Type: text/html | clean |
https://dribbble.com//ajax.googleapis.com/ajax/libs/jquery/1.8.3/jquery.min.js/ | 404 Not Found Content-Length: 1961 Content-Type: text/html | clean |
https://dribbble.com/ | 200 OK Content-Length: 55804 Content-Type: text/html | clean |
https://d13yacurqjgara.cloudfront.net/assets/global-d5b8aadfd160f0c808680523804227b6.js | 200 OK Content-Length: 30592 Content-Type: application/x-javascript | clean |
https://dribbble.com/session/new | 200 OK Content-Length: 4098 Content-Type: text/html | clean |
https://dribbble.com/password_resets/new | 200 OK Content-Length: 3753 Content-Type: text/html | clean |
http://dribbble.com/test404page.js | HTTP/1.1 301 Moved Permanently Connection: close Date: Fri, 26 Sep 2014 20:24:52 GMT Location: https://dribbble.com/test404page.js Server: nginx Content-Type: text/html Status: 301 Moved Permanently X-Frame-Options: SAMEORIGIN X-Rack-Cache: miss X-Request-Id: 86f863c11134ca9b5dfffda4b7c1ce58 X-Runtime: 0.004092 | clean |
https://dribbble.com/test404page.js | 404 Not Found Content-Length: 1961 Content-Type: text/html | clean |
https://dribbble.com/contact | 200 OK Content-Length: 23946 Content-Type: text/html | clean |
https://dribbble.com/session/new?return_to=%2Fcontact | 200 OK Content-Length: 4191 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: imsaint.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Fri, 26 Sep 2014 20:24:35 GMT
Server: nginx
Vary: Accept-Encoding
Vary: Accept-Encoding
Content-Type: text/html;charset=UTF-8
Set-Cookie: NTESLOFTSI=91F642FA2F358EEF9773ACAB737878DE.lofter0-8010; Domain=.www.lofter.com; Path=/
Set-Cookie: firstentry=%2Fblogindex.do%3Fmydomain%3Dimsaint.com%26|; Domain=.lofter.com; Expires=Sat, 27-Sep-2014 20:24:35 GMT; Path=/
GET / HTTP/1.1
Host: imsaint.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Fri, 26 Sep 2014 20:24:35 GMT
Server: nginx
Vary: Accept-Encoding
Vary: Accept-Encoding
Content-Type: text/html;charset=UTF-8
Set-Cookie: NTESLOFTSI=91F642FA2F358EEF9773ACAB737878DE.lofter0-8010; Domain=.www.lofter.com; Path=/
Set-Cookie: firstentry=%2Fblogindex.do%3Fmydomain%3Dimsaint.com%26|; Domain=.lofter.com; Expires=Sat, 27-Sep-2014 20:24:35 GMT; Path=/
Second query (visit from search engine):
GET / HTTP/1.1
Host: imsaint.com
Referer: http://www.google.com/search?q=imsaint.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: imsaint.com
Referer: http://www.google.com/search?q=imsaint.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=imsaint.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://imsaint.com/
Result: imsaint.com is not infected or malware details are not published yet.
Result: imsaint.com is not infected or malware details are not published yet.