Scanned pages/files
Request | Server response | Status |
http://jinrongquan.net/ | HTTP/1.1 302 Moved Temporarily Connection: close Date: Mon, 25 Aug 2014 13:56:22 GMT Location: http://www.lofter.com/mydomainr.do?domain=jinrongquan.net&path=/ Server: nginx Content-Length: 154 Content-Type: text/html | clean |
http://www.lofter.com/mydomainr.do?domain=jinrongquan.net&path=/ | HTTP/1.1 302 Moved Temporarily Connection: close Date: Mon, 25 Aug 2014 13:56:22 GMT Location: http://jinrongquan.lofter.com/?mydomainr=true Server: nginx Content-Length: 0 Content-Type: text/html;charset=UTF-8 P3P: policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID" Set-Cookie: NTESLOFTSI=F1DC27281F417F0F6A95383A1F7CA1BF.blog198-8010; Domain=.www.lofter.com; Path=/ Set-Cookie: firstentry=%2Fmydomainr.do%3FX-From-ISP%3D2%26domain%3Djinrongquan.net%26path%3D%2F|; Domain=.lofter.com; Expires=Tue, 26-Aug-2014 13:56:22 GMT; Path=/ Set-Cookie: usertrack=ezq0d1P7QIZDACCiBVF1Ag==; expires=Tue, 25-Aug-15 13:56:22 GMT; domain=lofter.com; path=/ | clean |
http://jinrongquan.lofter.com/?mydomainr=true | 200 OK Content-Length: 70311 Content-Type: text/html | suspicious |
Hidden iFrame found. style: hidden src: http://l.bst.126.net/rsc/htm/music.html <iframe style="display:none" src="http://l.bst.126.net/rsc/htm/music.html" > | ||
http://l.bst.126.net/rsc/js/jquery-1.6.2.min.js | 200 OK Content-Length: 91572 Content-Type: application/x-javascript | clean |
http://lofter.ph.126.net/yxPNwg69q8y9BovPBYmoyw==/6597122543214133685.js | 200 OK Content-Length: 5881 Content-Type: application/javascript | clean |
http://l.bst.126.net/rsc/js/themecommon.js?0005 | 200 OK Content-Length: 2224 Content-Type: application/x-javascript | clean |
http://analytics.163.com/ntes.js | 200 OK Content-Length: 19650 Content-Type: application/x-javascript | clean |
http://jinrongquan.net/view | HTTP/1.1 302 Moved Temporarily Connection: close Date: Mon, 25 Aug 2014 13:56:30 GMT Location: http://www.lofter.com/mydomainr.do?domain=jinrongquan.net&path=/view Server: nginx Content-Length: 154 Content-Type: text/html | clean |
http://www.lofter.com/mydomainr.do?domain=jinrongquan.net&path=/view | HTTP/1.1 302 Moved Temporarily Connection: close Date: Mon, 25 Aug 2014 13:56:32 GMT Location: http://jinrongquan.lofter.com/view?mydomainr=true Server: nginx Content-Length: 0 Content-Type: text/html;charset=UTF-8 P3P: policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID" Set-Cookie: NTESLOFTSI=764233819CCF32F52D367B38B2EB1473.lofter13-8010; Domain=.www.lofter.com; Path=/ Set-Cookie: firstentry=%2Fmydomainr.do%3FX-From-ISP%3D2%26domain%3Djinrongquan.net%26path%3D%2Fview|; Domain=.lofter.com; Expires=Tue, 26-Aug-2014 13:56:32 GMT; Path=/ Set-Cookie: usertrack=ezq0d1P7QJCmcB+VBc59Ag==; expires=Tue, 25-Aug-15 13:56:32 GMT; domain=lofter.com; path=/ | clean |
http://jinrongquan.lofter.com/view?mydomainr=true | 200 OK Content-Length: 53584 Content-Type: text/html | clean |
http://l.bst.126.net/s/core.js?a320094065542fb124e72fd034d60f86 | 200 OK Content-Length: 85344 Content-Type: application/x-javascript | clean |
http://l.bst.126.net/s/pt_page_archive.js?7b25b616020375002c8ffe9cebbb7b4d | 200 OK Content-Length: 75190 Content-Type: application/x-javascript | clean |
http://jinrongquan.net/test404page.js | HTTP/1.1 302 Moved Temporarily Connection: close Date: Mon, 25 Aug 2014 13:56:39 GMT Location: http://www.lofter.com/mydomainr.do?domain=jinrongquan.net&path=/test404page.js Server: nginx Content-Length: 154 Content-Type: text/html | clean |
http://www.lofter.com/mydomainr.do?domain=jinrongquan.net&path=/test404page.js | HTTP/1.1 302 Moved Temporarily Connection: close Date: Mon, 25 Aug 2014 13:56:39 GMT Location: http://jinrongquan.lofter.com/test404page.js?mydomainr=true Server: nginx Content-Length: 0 Content-Type: text/html;charset=UTF-8 P3P: policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID" Set-Cookie: NTESLOFTSI=FEF44053716BB8098BA8AC5D3EE33A49.lofter14-8010; Domain=.www.lofter.com; Path=/ Set-Cookie: firstentry=%2Fmydomainr.do%3FX-From-ISP%3D2%26domain%3Djinrongquan.net%26path%3D%2Ftest404page.js|; Domain=.lofter.com; Expires=Tue, 26-Aug-2014 13:56:39 GMT; Path=/ Set-Cookie: usertrack=ezq0eFP7QJdACCCeBYXwAg==; expires=Tue, 25-Aug-15 13:56:39 GMT; domain=lofter.com; path=/ | clean |
http://jinrongquan.lofter.com/test404page.js?mydomainr=true | 404 Not Found Content-Length: 6027 Content-Type: text/html | suspicious |
Hidden iFrame found. style: hidden src: http://l.bst.126.net/rsc/htm/music.html <iframe style="display:none" src="http://l.bst.126.net/rsc/htm/music.html" > | ||
http://l.bst.126.net/rsc/js/theme/r/pagephotoshow.min.js?0002 | 200 OK Content-Length: 54020 Content-Type: application/x-javascript | clean |
http://jinrongquan.net/rss | HTTP/1.1 302 Moved Temporarily Connection: close Date: Mon, 25 Aug 2014 13:56:43 GMT Location: http://www.lofter.com/mydomainr.do?domain=jinrongquan.net&path=/rss Server: nginx Content-Length: 154 Content-Type: text/html | clean |
http://www.lofter.com/mydomainr.do?domain=jinrongquan.net&path=/rss | HTTP/1.1 302 Moved Temporarily Connection: close Date: Mon, 25 Aug 2014 13:56:44 GMT Location: http://jinrongquan.lofter.com/rss?mydomainr=true Server: nginx Content-Length: 0 Content-Type: text/html;charset=UTF-8 P3P: policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID" Set-Cookie: NTESLOFTSI=293D689F50D5180558E83BFFCD17F892.lofter0-8010; Domain=.www.lofter.com; Path=/ Set-Cookie: firstentry=%2Fmydomainr.do%3FX-From-ISP%3D2%26domain%3Djinrongquan.net%26path%3D%2Frss|; Domain=.lofter.com; Expires=Tue, 26-Aug-2014 13:56:44 GMT; Path=/ Set-Cookie: usertrack=ezq0eFP7QJxMzCCsBWU2Ag==; expires=Tue, 25-Aug-15 13:56:44 GMT; domain=lofter.com; path=/ | clean |
http://jinrongquan.lofter.com/rss?mydomainr=true | 200 OK Content-Length: 205273 Content-Type: text/xml | clean |
http://jinrongquan.lofter.com/ | HTTP/1.1 301 Moved Permanently Connection: close Date: Mon, 25 Aug 2014 13:56:46 GMT Location: http://jinrongquan.net Server: nginx Content-Length: 0 Content-Type: text/html;charset=UTF-8 P3P: policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID" Set-Cookie: NTESLOFTSI=F89F1515F39FB8E08DE1F01B1FEBB9A4.blog83-8010; Domain=.www.lofter.com; Path=/ Set-Cookie: firstentry=%2Fblogindex.do%3FloftBlogName%3Djinrongquan%26X-From-ISP%3D2|; Domain=.lofter.com; Expires=Tue, 26-Aug-2014 13:56:46 GMT; Path=/ Set-Cookie: usertrack=ezq0d1P7QJ46ICCJBXlfAg==; expires=Tue, 25-Aug-15 13:56:46 GMT; domain=lofter.com; path=/ | clean |
http://jinrongquan.net/app?from=theme | HTTP/1.1 302 Moved Temporarily Connection: close Date: Mon, 25 Aug 2014 13:56:47 GMT Location: http://www.lofter.com/mydomainr.do?domain=jinrongquan.net&path=/app?from=theme Server: nginx Content-Length: 154 Content-Type: text/html | clean |
http://www.lofter.com/mydomainr.do?domain=jinrongquan.net&path=/app?from=theme | HTTP/1.1 302 Moved Temporarily Connection: close Date: Mon, 25 Aug 2014 13:56:48 GMT Location: http://jinrongquan.lofter.com/app?from=theme&mydomainr=true Server: nginx Content-Length: 0 Content-Type: text/html;charset=UTF-8 P3P: policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID" Set-Cookie: NTESLOFTSI=1BE4AFA297D9F3C9A772C718287FE012.lofter14-8010; Domain=.www.lofter.com; Path=/ Set-Cookie: firstentry=%2Fmydomainr.do%3FX-From-ISP%3D2%26domain%3Djinrongquan.net%26path%3D%2Fapp%3Ffrom%3Dtheme|; Domain=.lofter.com; Expires=Tue, 26-Aug-2014 13:56:48 GMT; Path=/ Set-Cookie: usertrack=ezq0d1P7QKBMhyCqBWrvAg==; expires=Tue, 25-Aug-15 13:56:48 GMT; domain=lofter.com; path=/ | clean |
http://jinrongquan.lofter.com/app?from=theme&mydomainr=true | HTTP/1.1 302 Moved Temporarily Connection: close Date: Mon, 25 Aug 2014 13:56:49 GMT Location: http://www.lofter.com/app/jinrongquan?from=theme Server: nginx Content-Length: 0 Content-Type: text/html;charset=UTF-8 P3P: policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID" Set-Cookie: NTESLOFTSI=CDCAE6D7F42867E999A7B700E8AB141F.lofter0-8010; Domain=.www.lofter.com; Path=/ Set-Cookie: firstentry=%2Fgouappdownload.do%3FloftBlogName%3Djinrongquan%26X-From-ISP%3D2%26from%3Dtheme%26mydomainr%3Dtrue|; Domain=.lofter.com; Expires=Tue, 26-Aug-2014 13:56:49 GMT; Path=/ Set-Cookie: usertrack=ezq0d1P7QKFD4iCjBVs3Ag==; expires=Tue, 25-Aug-15 13:56:49 GMT; domain=lofter.com; path=/ | clean |
http://www.lofter.com/app/jinrongquan?from=theme | 200 OK Content-Length: 109824 Content-Type: text/html | clean |
http://l.bst.126.net/s/pt_page_uapp_uappDownload.js?dde4d770d7cc48c195f258ea4e47dcc2 | 200 OK Content-Length: 91823 Content-Type: application/x-javascript | clean |
http://jinrongquan.net/login | 500 timeout Content-Length: 30 Content-Type: text/plain | clean |
http://jinrongquan.net/regurs | 404 Not Found Content-Length: 6027 Content-Type: text/html | suspicious |
Hidden iFrame found. style: hidden src: http://l.bst.126.net/rsc/htm/music.html <iframe style="display:none" src="http://l.bst.126.net/rsc/htm/music.html" > |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: jinrongquan.net
Result:
HTTP/1.1 302 Moved Temporarily
Connection: close
Date: Mon, 25 Aug 2014 13:56:22 GMT
Location: http://www.lofter.com/mydomainr.do?domain=jinrongquan.net&path=/
Server: nginx
Content-Length: 154
Content-Type: text/html
...154 bytes of data.
GET / HTTP/1.1
Host: jinrongquan.net
Result:
HTTP/1.1 302 Moved Temporarily
Connection: close
Date: Mon, 25 Aug 2014 13:56:22 GMT
Location: http://www.lofter.com/mydomainr.do?domain=jinrongquan.net&path=/
Server: nginx
Content-Length: 154
Content-Type: text/html
...154 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: jinrongquan.net
Referer: http://www.google.com/search?q=jinrongquan.net
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: jinrongquan.net
Referer: http://www.google.com/search?q=jinrongquan.net
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=jinrongquan.net
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://jinrongquan.net/
Result: jinrongquan.net is not infected or malware details are not published yet.
Result: jinrongquan.net is not infected or malware details are not published yet.