Malicious/Suspicious Redirects
Request | Server response | Status |
URL: http://www.jifengyu.com/ (imitation of visitor from search engine) GET / HTTP/1.1 Host: www.jifengyu.com Referer: http://www.google.com/search?q=redirect+check1 | HTTP/1.1 302 Moved Temporarily Connection: close Date: Tue, 09 Sep 2014 15:34:27 GMT Location: http://www.lofter.com/mydomainr.do?domain=www.jifengyu.com&path=/ Server: nginx Content-Length: 154 Content-Type: text/html | malicious |
URL: http://www.lofter.com/mydomainr.do?domain=www.jifengyu.com&path=/ (imitation of visitor from search engine) GET /mydomainr.do?domain=www.jifengyu.com&path=/ HTTP/1.1 Host: www.lofter.com Referer: http://www.google.com/search?q=redirect+check2 | HTTP/1.1 302 Moved Temporarily Connection: close Date: Tue, 09 Sep 2014 15:34:28 GMT Location: http://zytder.lofter.com/?mydomainr=true Server: nginx Content-Length: 0 Content-Type: text/html;charset=UTF-8 P3P: policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID" Set-Cookie: NTESLOFTSI=924B5BC945F30E35590BD131B26FDC3C.blog198-8010; Domain=.www.lofter.com; Path=/ Set-Cookie: firstentry=%2Fmydomainr.do%3FX-From-ISP%3D2%26domain%3Dwww.jifengyu.com%26path%3D%2F|http%3A%2F%2Fwww.google.com%2Furl%3Fsa%3Dt%26rct%3Dj%26q%3Dwww.jifengyu.com%26source%3Dweb%26cd%3D1%26ved%3D0CDEQFjAG%26url%3Dhttp%3A%252F%252Fwww.jifengyu.com%252F%26ei%3DwC7yT5qCJbCCkQKtnwE%26usg%3DAFQjCNGEeYp3D7uuNLAJxMIVliLyQ9O_Pg; Domain=.lofter.com; Expires=Wed, 10-Sep-2014 15:34:28 GMT; Path=/ Set-Cookie: usertrack=ezq0d1QPHgQRcwqqRj5OAg==; expires=Wed, 09-Sep-15 15:34:28 GMT; domain=lofter.com; path=/ | suspicious |
Scanned pages/files
Request | Server response | Status |
http://www.jifengyu.com/ | 200 OK Content-Length: 18341 Content-Type: text/html | suspicious |
Hidden iFrame found. style: hidden src: http://l.bst.126.net/rsc/htm/music.html <iframe style="display:none" src="http://l.bst.126.net/rsc/htm/music.html" > | ||
http://l.bst.126.net/rsc/js/pagelayer/pagelayer.js?0004 | 200 OK Content-Length: 26075 Content-Type: application/x-javascript | clean |
http://l.bst.126.net/rsc/js/jquery-1.6.2.min.js | 200 OK Content-Length: 91572 Content-Type: application/x-javascript | clean |
http://lofter.ph.126.net/5nAPU6ahbjfrCen4Cn_whA==/6597121443702505879.js | 200 OK Content-Length: 1047 Content-Type: application/javascript | clean |
http://l.bst.126.net/rsc/js/themecommon.js?0006 | 200 OK Content-Length: 7174 Content-Type: application/x-javascript | clean |
http://analytics.163.com/ntes.js | 200 OK Content-Length: 19650 Content-Type: application/x-javascript | clean |
http://www.jifengyu.com/view | 200 OK Content-Length: 88551 Content-Type: text/html | clean |
http://l.bst.126.net/s/core.js?38f92d7d456f92d2bda5272f6f2c7a9e | 200 OK Content-Length: 85344 Content-Type: application/x-javascript | clean |
http://l.bst.126.net/s/pt_page_archive.js?c3a34ee47bccf540c3c49f021dd7551f | 200 OK Content-Length: 75323 Content-Type: application/x-javascript | clean |
http://www.jifengyu.com/test404page.js | HTTP/1.1 302 Moved Temporarily Connection: close Date: Tue, 09 Sep 2014 15:34:45 GMT Location: http://www.lofter.com/mydomainr.do?domain=www.jifengyu.com&path=/test404page.js Server: nginx Content-Length: 154 Content-Type: text/html | clean |
http://www.lofter.com/mydomainr.do?domain=www.jifengyu.com&path=/test404page.js | HTTP/1.1 302 Moved Temporarily Connection: close Date: Tue, 09 Sep 2014 15:34:46 GMT Location: http://zytder.lofter.com/test404page.js?mydomainr=true Server: nginx Content-Length: 0 Content-Type: text/html;charset=UTF-8 P3P: policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID" Set-Cookie: NTESLOFTSI=D6FFCC7F2580A7F0687EF19D764BC585.lofter14-8010; Domain=.www.lofter.com; Path=/ Set-Cookie: firstentry=%2Fmydomainr.do%3FX-From-ISP%3D2%26domain%3Dwww.jifengyu.com%26path%3D%2Ftest404page.js|; Domain=.lofter.com; Expires=Wed, 10-Sep-2014 15:34:46 GMT; Path=/ Set-Cookie: usertrack=ezq0eFQPHhZlSgkNRgPOAg==; expires=Wed, 09-Sep-15 15:34:46 GMT; domain=lofter.com; path=/ | clean |
http://zytder.lofter.com/test404page.js?mydomainr=true | 404 Not Found Content-Length: 4995 Content-Type: text/html | suspicious |
Hidden iFrame found. style: hidden src: http://l.bst.126.net/rsc/htm/music.html <iframe style="display:none" src="http://l.bst.126.net/rsc/htm/music.html" > | ||
http://l.bst.126.net/rsc/js/theme/r/pagephotoshow.min.js?0002 | 200 OK Content-Length: 54020 Content-Type: application/x-javascript | clean |
http://www.jifengyu.com/rss | HTTP/1.1 302 Moved Temporarily Connection: close Date: Tue, 09 Sep 2014 15:34:51 GMT Location: http://www.lofter.com/mydomainr.do?domain=www.jifengyu.com&path=/rss Server: nginx Content-Length: 154 Content-Type: text/html | clean |
http://www.lofter.com/mydomainr.do?domain=www.jifengyu.com&path=/rss | HTTP/1.1 302 Moved Temporarily Connection: close Date: Tue, 09 Sep 2014 15:34:51 GMT Location: http://zytder.lofter.com/rss?mydomainr=true Server: nginx Content-Length: 0 Content-Type: text/html;charset=UTF-8 P3P: policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID" Set-Cookie: NTESLOFTSI=CC6F0717F8E8D99C1B0A69BCB11CA052.lofter14-8010; Domain=.www.lofter.com; Path=/ Set-Cookie: firstentry=%2Fmydomainr.do%3FX-From-ISP%3D2%26domain%3Dwww.jifengyu.com%26path%3D%2Frss|; Domain=.lofter.com; Expires=Wed, 10-Sep-2014 15:34:51 GMT; Path=/ Set-Cookie: usertrack=ezq0eFQPHhsHQAqeRU5YAg==; expires=Wed, 09-Sep-15 15:34:51 GMT; domain=lofter.com; path=/ | clean |
http://zytder.lofter.com/rss?mydomainr=true | 200 OK Content-Length: 278211 Content-Type: text/xml | clean |
http://zytder.lofter.com/ | HTTP/1.1 301 Moved Permanently Connection: close Date: Tue, 09 Sep 2014 15:34:54 GMT Location: http://www.jifengyu.com Server: nginx Content-Length: 0 Content-Type: text/html;charset=UTF-8 P3P: policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID" Set-Cookie: NTESLOFTSI=048137D38589F28E9CE20D3300D8D077.blog198-8010; Domain=.www.lofter.com; Path=/ Set-Cookie: firstentry=%2Fblogindex.do%3FloftBlogName%3Dzytder%26X-From-ISP%3D2|; Domain=.lofter.com; Expires=Wed, 10-Sep-2014 15:34:54 GMT; Path=/ Set-Cookie: usertrack=ezq0d1QPHh5VUWc8RcssAg==; expires=Wed, 09-Sep-15 15:34:54 GMT; domain=lofter.com; path=/ | clean |
http://www.jifengyu.com/post/bd529_178d6a7 | HTTP/1.1 302 Moved Temporarily Connection: close Date: Tue, 09 Sep 2014 15:34:55 GMT Location: http://www.lofter.com/mydomainr.do?domain=www.jifengyu.com&path=/post/bd529_178d6a7 Server: nginx Content-Length: 154 Content-Type: text/html | clean |
http://www.lofter.com/mydomainr.do?domain=www.jifengyu.com&path=/post/bd529_178d6a7 | HTTP/1.1 302 Moved Temporarily Connection: close Date: Tue, 09 Sep 2014 15:34:56 GMT Location: http://zytder.lofter.com/post/bd529_178d6a7?mydomainr=true Server: nginx Content-Length: 0 Content-Type: text/html;charset=UTF-8 P3P: policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID" Set-Cookie: NTESLOFTSI=832BD31A202E2A7C6C8C9CA3B9572E5F.lofter13-8010; Domain=.www.lofter.com; Path=/ Set-Cookie: firstentry=%2Fmydomainr.do%3FX-From-ISP%3D2%26domain%3Dwww.jifengyu.com%26path%3D%2Fpost%2Fbd529_178d6a7|; Domain=.lofter.com; Expires=Wed, 10-Sep-2014 15:34:56 GMT; Path=/ Set-Cookie: usertrack=ezq0eFQPHiAOzQqnRgxaAg==; expires=Wed, 09-Sep-15 15:34:56 GMT; domain=lofter.com; path=/ | clean |
http://zytder.lofter.com/post/bd529_178d6a7?mydomainr=true | 200 OK Content-Length: 8785 Content-Type: text/html | suspicious |
Hidden iFrame found. style: hidden src: http://l.bst.126.net/rsc/htm/music.html <iframe style="display:none" src="http://l.bst.126.net/rsc/htm/music.html" > | ||
http://zytder.lofter.com/post/ | 404 Not Found Content-Length: 4995 Content-Type: text/html | suspicious |
Hidden iFrame found. style: hidden src: http://l.bst.126.net/rsc/htm/music.html <iframe style="display:none" src="http://l.bst.126.net/rsc/htm/music.html" > | ||
http://www.jifengyu.com/post/ | HTTP/1.1 302 Moved Temporarily Connection: close Date: Tue, 09 Sep 2014 15:35:00 GMT Location: http://www.lofter.com/mydomainr.do?domain=www.jifengyu.com&path=/post/ Server: nginx Content-Length: 154 Content-Type: text/html | clean |
http://www.lofter.com/mydomainr.do?domain=www.jifengyu.com&path=/post/ | HTTP/1.1 302 Moved Temporarily Connection: close Date: Tue, 09 Sep 2014 15:35:01 GMT Location: http://zytder.lofter.com/post/?mydomainr=true Server: nginx Content-Length: 0 Content-Type: text/html;charset=UTF-8 P3P: policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID" Set-Cookie: NTESLOFTSI=F6BF30C89DA1F1470F01EA5E0F9545A5.blog197-8010; Domain=.www.lofter.com; Path=/ Set-Cookie: firstentry=%2Fmydomainr.do%3FX-From-ISP%3D2%26domain%3Dwww.jifengyu.com%26path%3D%2Fpost%2F|; Domain=.lofter.com; Expires=Wed, 10-Sep-2014 15:35:01 GMT; Path=/ Set-Cookie: usertrack=ezq0eFQPHiUMHAqkRVSuAg==; expires=Wed, 09-Sep-15 15:35:01 GMT; domain=lofter.com; path=/ | clean |
http://zytder.lofter.com/post/?mydomainr=true | 404 Not Found Content-Length: 4995 Content-Type: text/html | suspicious |
Hidden iFrame found. style: hidden src: http://l.bst.126.net/rsc/htm/music.html <iframe style="display:none" src="http://l.bst.126.net/rsc/htm/music.html" > |
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=jifengyu.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://jifengyu.com/
Result: jifengyu.com is not infected or malware details are not published yet.
Result: jifengyu.com is not infected or malware details are not published yet.