Malicious/Suspicious Redirects
| Request | Server response | Status |
URL: http://www.lofovi.com/ (imitation of visitor from search engine) GET / HTTP/1.1 Host: www.lofovi.com Referer: http://www.google.com/search?q=redirect+check1 | HTTP/1.1 302 Moved Temporarily Connection: close Date: Wed, 03 Sep 2014 14:43:23 GMT Location: http://www.lofter.com/mydomainr.do?domain=www.lofovi.com&path=/ Server: nginx Content-Length: 154 Content-Type: text/html | malicious |
URL: http://www.lofter.com/mydomainr.do?domain=www.lofovi.com&path=/ (imitation of visitor from search engine) GET /mydomainr.do?domain=www.lofovi.com&path=/ HTTP/1.1 Host: www.lofter.com Referer: http://www.google.com/search?q=redirect+check2 | HTTP/1.1 302 Moved Temporarily Connection: close Date: Wed, 03 Sep 2014 14:43:23 GMT Location: http://lofovi.lofter.com/?mydomainr=true Server: nginx Content-Length: 0 Content-Type: text/html;charset=UTF-8 P3P: policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID" Set-Cookie: NTESLOFTSI=E385D2DB8F4CD833DDFCC80518E47719.blog197-8010; Domain=.www.lofter.com; Path=/ Set-Cookie: firstentry=%2Fmydomainr.do%3FX-From-ISP%3D2%26domain%3Dwww.lofovi.com%26path%3D%2F|http%3A%2F%2Fwww.google.com%2Furl%3Fsa%3Dt%26rct%3Dj%26q%3Dwww.lofovi.com%26source%3Dweb%26cd%3D1%26ved%3D0CDEQFjAG%26url%3Dhttp%3A%252F%252Fwww.lofovi.com%252F%26ei%3DwC7yT5qCJbCCkQKtnwE%26usg%3DAFQjCNGEeYp3D7uuNLAJxMIVliLyQ9O_Pg; Domain=.lofter.com; Expires=Thu, 04-Sep-2014 14:43:23 GMT; Path=/ Set-Cookie: usertrack=ezq0d1QHKQuwzlE/BuwWAg==; expires=Thu, 03-Sep-15 14:43:23 GMT; domain=lofter.com; path=/ | suspicious |
Scanned pages/files
| Request | Server response | Status |
http://www.lofovi.com/ | 200 OK Content-Length: 30370 Content-Type: text/html | suspicious |
Hidden iFrame found. style: hidden src: http://l.bst.126.net/rsc/htm/music.html <iframe style="display:none" src="http://l.bst.126.net/rsc/htm/music.html" > | ||
http://l.bst.126.net/rsc/js/jquery-1.6.2.min.js | 200 OK Content-Length: 91572 Content-Type: application/x-javascript | clean |
http://lofter.ph.126.net/PwY1UYoNxroOPrC4GhQHmw==/5629542415166606852.js | 200 OK Content-Length: 857 Content-Type: application/javascript | clean |
http://l.bst.126.net/rsc/js/themecommon.js?0005 | 200 OK Content-Length: 2224 Content-Type: application/x-javascript | clean |
http://analytics.163.com/ntes.js | 200 OK Content-Length: 19650 Content-Type: application/x-javascript | clean |
http://www.lofovi.com/view | 200 OK Content-Length: 58422 Content-Type: text/html | clean |
http://l.bst.126.net/s/core.js?f42482aa1460235cb518ac0dab3e2977 | 200 OK Content-Length: 85344 Content-Type: application/x-javascript | clean |
http://l.bst.126.net/s/pt_page_archive.js?49f6c71aa70b5f636e402071d71c5389 | 200 OK Content-Length: 75190 Content-Type: application/x-javascript | clean |
http://www.lofovi.com/test404page.js | HTTP/1.1 302 Moved Temporarily Connection: close Date: Wed, 03 Sep 2014 14:43:39 GMT Location: http://www.lofter.com/mydomainr.do?domain=www.lofovi.com&path=/test404page.js Server: nginx Content-Length: 154 Content-Type: text/html | clean |
http://www.lofter.com/mydomainr.do?domain=www.lofovi.com&path=/test404page.js | HTTP/1.1 302 Moved Temporarily Connection: close Date: Wed, 03 Sep 2014 14:43:40 GMT Location: http://lofovi.lofter.com/test404page.js?mydomainr=true Server: nginx Content-Length: 0 Content-Type: text/html;charset=UTF-8 P3P: policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID" Set-Cookie: NTESLOFTSI=B54736652195E415171ABFAB81F7F27F.lofter13-8010; Domain=.www.lofter.com; Path=/ Set-Cookie: firstentry=%2Fmydomainr.do%3FX-From-ISP%3D2%26domain%3Dwww.lofovi.com%26path%3D%2Ftest404page.js|; Domain=.lofter.com; Expires=Thu, 04-Sep-2014 14:43:40 GMT; Path=/ Set-Cookie: usertrack=ezq0d1QHKRyyHVFJByX3Ag==; expires=Thu, 03-Sep-15 14:43:40 GMT; domain=lofter.com; path=/ | clean |
http://lofovi.lofter.com/test404page.js?mydomainr=true | 404 Not Found Content-Length: 9237 Content-Type: text/html | suspicious |
Hidden iFrame found. style: hidden src: http://l.bst.126.net/rsc/htm/music.html <iframe style="display:none" src="http://l.bst.126.net/rsc/htm/music.html" > | ||
http://l.bst.126.net/rsc/js/theme/r/pagephotoshow.min.js?0002 | 200 OK Content-Length: 54020 Content-Type: application/x-javascript | clean |
http://www.lofovi.com/rss | 200 OK Content-Length: 90011 Content-Type: text/xml | clean |
http://www.lofovi.com/art?act=qbart_20140703_02&s=art03 | HTTP/1.1 302 Moved Temporarily Connection: close Date: Wed, 03 Sep 2014 14:43:49 GMT Location: http://www.lofter.com/art/lofovi Server: nginx Content-Length: 0 Content-Type: text/html;charset=UTF-8 Set-Cookie: NTESLOFTSI=4EEB51F8B7D7070D8F23ABD4D68647EE.lofter0-8010; Domain=.www.lofter.com; Path=/ Set-Cookie: firstentry=%2Fcustompage.do%3Fmydomain%3Dwww.lofovi.com%26act%3Dqbart_20140703_02%26s%3Dart03%26url%3Dart|; Domain=.lofter.com; Expires=Thu, 04-Sep-2014 14:43:49 GMT; Path=/ | clean |
http://www.lofter.com/art/lofovi | 200 OK Content-Length: 55597 Content-Type: text/html | clean |
http://l.bst.126.net/s/pt_page_sale_artPersonalHome.js?a44e11aa6adaeabafc3600f4ef22ec6e | 200 OK Content-Length: 65350 Content-Type: application/x-javascript | clean |
http://www.lofovi.com/art | HTTP/1.1 302 Moved Temporarily Connection: close Date: Wed, 03 Sep 2014 14:43:53 GMT Location: http://www.lofter.com/mydomainr.do?domain=www.lofovi.com&path=/art Server: nginx Content-Length: 154 Content-Type: text/html | clean |
http://www.lofter.com/mydomainr.do?domain=www.lofovi.com&path=/art | HTTP/1.1 302 Moved Temporarily Connection: close Date: Wed, 03 Sep 2014 14:43:54 GMT Location: http://lofovi.lofter.com/art?mydomainr=true Server: nginx Content-Length: 0 Content-Type: text/html;charset=UTF-8 P3P: policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID" Set-Cookie: NTESLOFTSI=792A20159AC7002C5F5AC7ABA641E505.blog198-8010; Domain=.www.lofter.com; Path=/ Set-Cookie: firstentry=%2Fmydomainr.do%3FX-From-ISP%3D2%26domain%3Dwww.lofovi.com%26path%3D%2Fart|; Domain=.lofter.com; Expires=Thu, 04-Sep-2014 14:43:54 GMT; Path=/ Set-Cookie: usertrack=ezq0d1QHKSoXCFVRBvw5Ag==; expires=Thu, 03-Sep-15 14:43:54 GMT; domain=lofter.com; path=/ | clean |
http://lofovi.lofter.com/art?mydomainr=true | HTTP/1.1 302 Moved Temporarily Connection: close Date: Wed, 03 Sep 2014 14:43:55 GMT Location: http://www.lofter.com/art/lofovi Server: nginx Content-Length: 0 Content-Type: text/html;charset=UTF-8 P3P: policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID" Set-Cookie: NTESLOFTSI=65A621D718B7D917673D73976413AEDB.lofter0-8010; Domain=.www.lofter.com; Path=/ Set-Cookie: firstentry=%2Fcustompage.do%3FloftBlogName%3Dlofovi%26X-From-ISP%3D2%26mydomainr%3Dtrue%26url%3Dart|; Domain=.lofter.com; Expires=Thu, 04-Sep-2014 14:43:55 GMT; Path=/ Set-Cookie: usertrack=ezq0d1QHKSsjKlVxB1oHAg==; expires=Thu, 03-Sep-15 14:43:55 GMT; domain=lofter.com; path=/ | clean |
http://www.lofovi.com/art/print | 404 Not Found Content-Length: 9237 Content-Type: text/html | suspicious |
Hidden iFrame found. style: hidden src: http://l.bst.126.net/rsc/htm/music.html <iframe style="display:none" src="http://l.bst.126.net/rsc/htm/music.html" > | ||
http://www.lofovi.com/art/ | 500 timeout Content-Length: 30 Content-Type: text/plain | clean |
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=lofovi.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://lofovi.com/
Result: lofovi.com is not infected or malware details are not published yet.
Result: lofovi.com is not infected or malware details are not published yet.