Scanned pages/files
| Request | Server response | Status |
http://www.leyouyou.net/ | 200 OK Content-Length: 6743 Content-Type: text/html | suspicious |
Hidden iFrame found. style: hidden src: http://l.bst.126.net/rsc/htm/music.html <iframe style="display:none" src="http://l.bst.126.net/rsc/htm/music.html" > | ||
http://l.bst.126.net/rsc/js/pagelayer/pagelayer.js?002 | 200 OK Content-Length: 26075 Content-Type: application/x-javascript | clean |
http://l.bst.126.net/rsc/js/jquery-1.6.2.min.js | 200 OK Content-Length: 91572 Content-Type: application/x-javascript | clean |
http://lofter.ph.126.net/tRsO2AlTSrmLafck0XlIeg==/5629523723468935447.js | 200 OK Content-Length: 1101 Content-Type: application/javascript | clean |
http://l.bst.126.net/rsc/js/themecommon.js?0005 | 200 OK Content-Length: 7174 Content-Type: application/x-javascript | clean |
http://analytics.163.com/ntes.js | 200 OK Content-Length: 19650 Content-Type: application/x-javascript | clean |
http://www.leyouyou.net/guanyu | 200 OK Content-Length: 7657 Content-Type: text/html | suspicious |
Hidden iFrame found. style: hidden src: http://l.bst.126.net/rsc/htm/music.html <iframe style="display:none" src="http://l.bst.126.net/rsc/htm/music.html" > | ||
http://l.bst.126.net/rsc/js/theme/r/pagephotoshow.min.js?0002 | 200 OK Content-Length: 54020 Content-Type: application/x-javascript | clean |
http://www.leyouyou.net/view | 200 OK Content-Length: 54256 Content-Type: text/html | clean |
http://l.bst.126.net/s/core.js?37e14cc6cb0013f19b1a99e7707d715b | 200 OK Content-Length: 85344 Content-Type: application/x-javascript | clean |
http://l.bst.126.net/s/pt_page_archive.js?7bc70b32409867ecccff0754f0e7484b | 200 OK Content-Length: 75323 Content-Type: application/x-javascript | clean |
http://www.leyouyou.net/test404page.js | HTTP/1.1 302 Moved Temporarily Connection: close Date: Fri, 05 Sep 2014 03:25:45 GMT Location: http://www.lofter.com/mydomainr.do?domain=www.leyouyou.net&path=/test404page.js Server: nginx Content-Length: 154 Content-Type: text/html | clean |
http://www.lofter.com/mydomainr.do?domain=www.leyouyou.net&path=/test404page.js | HTTP/1.1 302 Moved Temporarily Connection: close Date: Fri, 05 Sep 2014 03:25:46 GMT Location: http://leyouyounet.lofter.com/test404page.js?mydomainr=true Server: nginx Content-Length: 0 Content-Type: text/html;charset=UTF-8 P3P: policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID" Set-Cookie: NTESLOFTSI=8EC3654B735FF7F6EEA74338A90CD468.lofter1-8010; Domain=.www.lofter.com; Path=/ Set-Cookie: firstentry=%2Fmydomainr.do%3FX-From-ISP%3D2%26domain%3Dwww.leyouyou.net%26path%3D%2Ftest404page.js|; Domain=.lofter.com; Expires=Sat, 06-Sep-2014 03:25:46 GMT; Path=/ Set-Cookie: usertrack=ezq0eFQJLTqR5wfnEzXIAg==; expires=Sat, 05-Sep-15 03:25:46 GMT; domain=lofter.com; path=/ | clean |
http://leyouyounet.lofter.com/test404page.js?mydomainr=true | 404 Not Found Content-Length: 7491 Content-Type: text/html | suspicious |
Hidden iFrame found. style: hidden src: http://l.bst.126.net/rsc/htm/music.html <iframe style="display:none" src="http://l.bst.126.net/rsc/htm/music.html" > | ||
http://leyouyounet.lofter.com/ | HTTP/1.1 301 Moved Permanently Connection: close Date: Fri, 05 Sep 2014 03:25:47 GMT Location: http://www.leyouyou.net Server: nginx Content-Length: 0 Content-Type: text/html;charset=UTF-8 P3P: policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID" Set-Cookie: NTESLOFTSI=096496E1010792D011E9282502193A21.blog83-8010; Domain=.www.lofter.com; Path=/ Set-Cookie: firstentry=%2Fblogindex.do%3FloftBlogName%3Dleyouyounet%26X-From-ISP%3D2|; Domain=.lofter.com; Expires=Sat, 06-Sep-2014 03:25:47 GMT; Path=/ Set-Cookie: usertrack=ezq0eFQJLTuY7katEohnAg==; expires=Sat, 05-Sep-15 03:25:47 GMT; domain=lofter.com; path=/ | clean |
http://www.leyouyou.net/rss | HTTP/1.1 302 Moved Temporarily Connection: close Date: Fri, 05 Sep 2014 03:25:48 GMT Location: http://www.lofter.com/mydomainr.do?domain=www.leyouyou.net&path=/rss Server: nginx Content-Length: 154 Content-Type: text/html | clean |
http://www.lofter.com/mydomainr.do?domain=www.leyouyou.net&path=/rss | HTTP/1.1 302 Moved Temporarily Connection: close Date: Fri, 05 Sep 2014 03:25:49 GMT Location: http://leyouyounet.lofter.com/rss?mydomainr=true Server: nginx Content-Length: 0 Content-Type: text/html;charset=UTF-8 P3P: policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID" Set-Cookie: NTESLOFTSI=D5164F6BEA9DD9061A5C4C561BA90F6D.lofter14-8010; Domain=.www.lofter.com; Path=/ Set-Cookie: firstentry=%2Fmydomainr.do%3FX-From-ISP%3D2%26domain%3Dwww.leyouyou.net%26path%3D%2Frss|; Domain=.lofter.com; Expires=Sat, 06-Sep-2014 03:25:49 GMT; Path=/ Set-Cookie: usertrack=ezq0d1QJLT2YAh6lEnkWAg==; expires=Sat, 05-Sep-15 03:25:49 GMT; domain=lofter.com; path=/ | clean |
http://leyouyounet.lofter.com/rss?mydomainr=true | 200 OK Content-Length: 579 Content-Type: text/xml | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: leyouyou.net
Result:
GET / HTTP/1.1
Host: leyouyou.net
Result:
Second query (visit from search engine):
GET / HTTP/1.1
Host: leyouyou.net
Referer: http://www.google.com/search?q=leyouyou.net
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: leyouyou.net
Referer: http://www.google.com/search?q=leyouyou.net
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=leyouyou.net
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://leyouyou.net/
Result: leyouyou.net is not infected or malware details are not published yet.
Result: leyouyou.net is not infected or malware details are not published yet.