Malicious/Suspicious Redirects
| Request | Server response | Status |
URL: http://iotrobot.com/ (imitation of visitor from search engine) GET / HTTP/1.1 Host: iotrobot.com Referer: http://www.google.com/search?q=redirect+check1 | HTTP/1.1 302 Moved Temporarily Connection: close Date: Wed, 10 Sep 2014 11:39:29 GMT Location: http://www.lofter.com/mydomainr.do?domain=iotrobot.com&path=/ Server: nginx Content-Length: 154 Content-Type: text/html | malicious |
URL: http://www.lofter.com/mydomainr.do?domain=iotrobot.com&path=/ (imitation of visitor from search engine) GET /mydomainr.do?domain=iotrobot.com&path=/ HTTP/1.1 Host: www.lofter.com Referer: http://www.google.com/search?q=redirect+check2 | HTTP/1.1 302 Moved Temporarily Connection: close Date: Wed, 10 Sep 2014 11:39:29 GMT Location: http://irobots.lofter.com/?mydomainr=true Server: nginx Content-Length: 0 Content-Type: text/html;charset=UTF-8 P3P: policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID" Set-Cookie: NTESLOFTSI=2D7F2331D1621B4C27E53EBA185CCF65.blog197-8010; Domain=.www.lofter.com; Path=/ Set-Cookie: firstentry=%2Fmydomainr.do%3FX-From-ISP%3D2%26domain%3Diotrobot.com%26path%3D%2F|http%3A%2F%2Fwww.google.com%2Furl%3Fsa%3Dt%26rct%3Dj%26q%3Diotrobot.com%26source%3Dweb%26cd%3D1%26ved%3D0CDEQFjAG%26url%3Dhttp%3A%252F%252Fiotrobot.com%252F%26ei%3DwC7yT5qCJbCCkQKtnwE%26usg%3DAFQjCNGEeYp3D7uuNLAJxMIVliLyQ9O_Pg; Domain=.lofter.com; Expires=Thu, 11-Sep-2014 11:39:29 GMT; Path=/ Set-Cookie: usertrack=ezq0eFQQOHGQagNXBduvAg==; expires=Thu, 10-Sep-15 11:39:29 GMT; domain=lofter.com; path=/ | suspicious |
Scanned pages/files
| Request | Server response | Status |
http://iotrobot.com/ | 200 OK Content-Length: 9546 Content-Type: text/html | suspicious |
Hidden iFrame found. style: hidden src: http://l.bst.126.net/rsc/htm/music.html <iframe style="display:none" src="http://l.bst.126.net/rsc/htm/music.html" > | ||
http://l.bst.126.net/rsc/js/pagelayer/pagelayer.js?0004 | 200 OK Content-Length: 26075 Content-Type: application/x-javascript | clean |
http://l.bst.126.net/rsc/js/jquery-1.6.2.min.js | 200 OK Content-Length: 91572 Content-Type: application/x-javascript | clean |
http://l.bst.126.net/rsc/js/themecommon.js?0006 | 200 OK Content-Length: 7174 Content-Type: application/x-javascript | clean |
http://analytics.163.com/ntes.js | 200 OK Content-Length: 19650 Content-Type: application/x-javascript | clean |
http://iotrobot.com/view | 200 OK Content-Length: 62660 Content-Type: text/html | clean |
http://l.bst.126.net/s/core.js?18ef768b59fa3f376949d1ecf9c55e44 | 200 OK Content-Length: 85344 Content-Type: application/x-javascript | clean |
http://l.bst.126.net/s/pt_page_archive.js?1c60f2589b92d7602ed0775d448bbeba | 200 OK Content-Length: 75323 Content-Type: application/x-javascript | clean |
http://iotrobot.com/test404page.js | 404 Not Found Content-Length: 6071 Content-Type: text/html | suspicious |
Hidden iFrame found. style: hidden src: http://l.bst.126.net/rsc/htm/music.html <iframe style="display:none" src="http://l.bst.126.net/rsc/htm/music.html" > | ||
http://l.bst.126.net/rsc/js/theme/r/pagephotoshow.min.js?0002 | 200 OK Content-Length: 54020 Content-Type: application/x-javascript | clean |
http://iotrobot.com/rss | 200 OK Content-Length: 3172 Content-Type: text/xml | clean |
http://iotrobot.com/post/d77ae_161625d | HTTP/1.1 302 Moved Temporarily Connection: close Date: Wed, 10 Sep 2014 11:39:46 GMT Location: http://www.lofter.com/mydomainr.do?domain=iotrobot.com&path=/post/d77ae_161625d Server: nginx Content-Length: 154 Content-Type: text/html | clean |
http://www.lofter.com/mydomainr.do?domain=iotrobot.com&path=/post/d77ae_161625d | HTTP/1.1 302 Moved Temporarily Connection: close Date: Wed, 10 Sep 2014 11:39:47 GMT Location: http://irobots.lofter.com/post/d77ae_161625d?mydomainr=true Server: nginx Content-Length: 0 Content-Type: text/html;charset=UTF-8 P3P: policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID" Set-Cookie: NTESLOFTSI=078B477FDC3965DDB289521237A60FAE.blog83-8010; Domain=.www.lofter.com; Path=/ Set-Cookie: firstentry=%2Fmydomainr.do%3FX-From-ISP%3D2%26domain%3Diotrobot.com%26path%3D%2Fpost%2Fd77ae_161625d|; Domain=.lofter.com; Expires=Thu, 11-Sep-2014 11:39:47 GMT; Path=/ Set-Cookie: usertrack=ezq0eFQQOIMZGXhYBYrtAg==; expires=Thu, 10-Sep-15 11:39:47 GMT; domain=lofter.com; path=/ | clean |
http://irobots.lofter.com/post/d77ae_161625d?mydomainr=true | 200 OK Content-Length: 8678 Content-Type: text/html | suspicious |
Hidden iFrame found. style: hidden src: http://l.bst.126.net/rsc/htm/music.html <iframe style="display:none" src="http://l.bst.126.net/rsc/htm/music.html" > | ||
http://irobots.lofter.com/ | HTTP/1.1 301 Moved Permanently Connection: close Date: Wed, 10 Sep 2014 11:39:49 GMT Location: http://iotrobot.com Server: nginx Content-Length: 0 Content-Type: text/html;charset=UTF-8 P3P: policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID" Set-Cookie: NTESLOFTSI=9C66E47049EA5EE765E41D0B25C5BFF4.lofter13-8010; Domain=.www.lofter.com; Path=/ Set-Cookie: firstentry=%2Fblogindex.do%3FloftBlogName%3Dirobots%26X-From-ISP%3D2|; Domain=.lofter.com; Expires=Thu, 11-Sep-2014 11:39:49 GMT; Path=/ Set-Cookie: usertrack=ezq0d1QQOIUO8Aj5BYPPAg==; expires=Thu, 10-Sep-15 11:39:49 GMT; domain=lofter.com; path=/ | clean |
http://iotrobot.com/tag/%E6%9C%BA%E5%99%A8%E4%BA%BA | 200 OK Content-Length: 9558 Content-Type: text/html | suspicious |
Hidden iFrame found. style: hidden src: http://l.bst.126.net/rsc/htm/music.html <iframe style="display:none" src="http://l.bst.126.net/rsc/htm/music.html" > | ||
http://iotrobot.com/tag/%E7%89%A9%E8%81%94%E7%BD%91 | HTTP/1.1 302 Moved Temporarily Connection: close Date: Wed, 10 Sep 2014 11:39:53 GMT Location: http://www.lofter.com/mydomainr.do?domain=iotrobot.com&path=/tag/%E7%89%A9%E8%81%94%E7%BD%91 Server: nginx Content-Length: 154 Content-Type: text/html | clean |
http://www.lofter.com/mydomainr.do?domain=iotrobot.com&path=/tag/%e7%89%a9%e8%81%94%e7%bd%91 | HTTP/1.1 302 Moved Temporarily Connection: close Date: Wed, 10 Sep 2014 11:39:54 GMT Location: http://irobots.lofter.com/tag/ç©èç½?mydomainr=true Server: nginx Content-Length: 0 Content-Type: text/html;charset=UTF-8 P3P: policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID" Set-Cookie: NTESLOFTSI=8366EC7A1A8AB9FA9FDA5E9EDB0F3A6C.blog83-8010; Domain=.www.lofter.com; Path=/ Set-Cookie: firstentry=%2Fmydomainr.do%3FX-From-ISP%3D2%26domain%3Diotrobot.com%26path%3D%2Ftag%2F%25e7%2589%25a9%25e8%2581%2594%25e7%25bd%2591|; Domain=.lofter.com; Expires=Thu, 11-Sep-2014 11:39:54 GMT; Path=/ Set-Cookie: usertrack=ezq0eFQQOIoFDgjoBWgCAg==; expires=Thu, 10-Sep-15 11:39:54 GMT; domain=lofter.com; path=/ | clean |
http://irobots.lofter.com/tag/ç©èç½?mydomainr=true | 200 OK Content-Length: 9558 Content-Type: text/html | suspicious |
Hidden iFrame found. style: hidden src: http://l.bst.126.net/rsc/htm/music.html <iframe style="display:none" src="http://l.bst.126.net/rsc/htm/music.html" > | ||
http://iotrobot.com/post/d77ae_1e5cf3 | 200 OK Content-Length: 9472 Content-Type: text/html | suspicious |
Hidden iFrame found. style: hidden src: http://l.bst.126.net/rsc/htm/music.html <iframe style="display:none" src="http://l.bst.126.net/rsc/htm/music.html" > | ||
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=iotrobot.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://iotrobot.com/
Result: iotrobot.com is not infected or malware details are not published yet.
Result: iotrobot.com is not infected or malware details are not published yet.