Scanned pages/files
Request | Server response | Status |
http://lvyumi.com/ | 200 OK Content-Length: 6844 Content-Type: text/html | suspicious |
Hidden iFrame found. style: hidden src: http://l.bst.126.net/rsc/htm/music.html <iframe style="display:none" src="http://l.bst.126.net/rsc/htm/music.html" > | ||
http://l.bst.126.net/rsc/js/pagelayer/pagelayer.js?0011 | 200 OK Content-Length: 26178 Content-Type: application/x-javascript | clean |
http://l.bst.126.net/rsc/js/jquery-1.6.2.min.js | 200 OK Content-Length: 91572 Content-Type: application/x-javascript | clean |
http://lvyumi.com/?page=2&t=1405668278459 | HTTP/1.1 302 Moved Temporarily Connection: close Date: Sun, 14 Jun 2015 15:48:10 GMT Location: http://www.lofter.com/mydomainr.do?domain=lvyumi.com&path=/?page=2&t=1405668278459 Server: nginx Content-Length: 154 Content-Type: text/html | clean |
http://www.lofter.com/mydomainr.do?domain=lvyumi.com&path=/?page=2&t=1405668278459 | HTTP/1.1 302 Moved Temporarily Connection: close Date: Sun, 14 Jun 2015 15:48:11 GMT Location: http://luyumi.lofter.com/?page=2&mydomainr=true Server: nginx Content-Length: 0 Content-Type: text/html;charset=UTF-8 P3P: policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID" Set-Cookie: NTESLOFTSI=1D6BB662059CE86CDB88B9D3A320129F.classa-lofter1-8010; Domain=.www.lofter.com; Path=/ Set-Cookie: firstentry=%2Fmydomainr.do%3FX-From-ISP%3D2%26domain%3Dlvyumi.com%26path%3D%2F%3Fpage%3D2%26t%3D1405668278459|; Domain=.lofter.com; Expires=Mon, 15-Jun-2015 15:48:11 GMT; Path=/ Set-Cookie: usertrack=c+5+hVV9ojs4Z3/ckadeAg==; expires=Mon, 13-Jun-16 15:48:11 GMT; domain=lofter.com; path=/ | clean |
http://luyumi.lofter.com/?page=2&mydomainr=true | 200 OK Content-Length: 7534 Content-Type: text/html | suspicious |
Hidden iFrame found. style: hidden src: http://l.bst.126.net/rsc/htm/music.html <iframe style="display:none" src="http://l.bst.126.net/rsc/htm/music.html" > | ||
http://l.bst.126.net/rsc/js/themecommon.js?0020 | 200 OK Content-Length: 20012 Content-Type: application/x-javascript | clean |
http://analytics.163.com/ntes.js | 200 OK Content-Length: 20058 Content-Type: application/x-javascript | clean |
http://lvyumi.com/?page=1&t=-1396772552613 | HTTP/1.1 302 Moved Temporarily Connection: close Date: Sun, 14 Jun 2015 15:48:16 GMT Location: http://www.lofter.com/mydomainr.do?domain=lvyumi.com&path=/?page=1&t=-1396772552613 Server: nginx Content-Length: 154 Content-Type: text/html | clean |
http://www.lofter.com/mydomainr.do?domain=lvyumi.com&path=/?page=1&t=-1396772552613 | HTTP/1.1 302 Moved Temporarily Connection: close Date: Sun, 14 Jun 2015 15:48:18 GMT Location: http://luyumi.lofter.com/?page=1&mydomainr=true Server: nginx Content-Length: 0 Content-Type: text/html;charset=UTF-8 P3P: policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID" Set-Cookie: NTESLOFTSI=93C116451345DC69524BD9C6142567E8.classa-lofter4-8010; Domain=.www.lofter.com; Path=/ Set-Cookie: firstentry=%2Fmydomainr.do%3FX-From-ISP%3D2%26domain%3Dlvyumi.com%26path%3D%2F%3Fpage%3D1%26t%3D-1396772552613|; Domain=.lofter.com; Expires=Mon, 15-Jun-2015 15:48:18 GMT; Path=/ Set-Cookie: usertrack=c+5+hVV9okIyMn/dkqwEAg==; expires=Mon, 13-Jun-16 15:48:18 GMT; domain=lofter.com; path=/ | clean |
http://luyumi.lofter.com/?page=1&mydomainr=true | 200 OK Content-Length: 7932 Content-Type: text/html | suspicious |
Hidden iFrame found. style: hidden src: http://l.bst.126.net/rsc/htm/music.html <iframe style="display:none" src="http://l.bst.126.net/rsc/htm/music.html" > | ||
http://luyumi.lofter.com/ | HTTP/1.1 301 Moved Permanently Connection: close Date: Sun, 14 Jun 2015 15:48:21 GMT Location: http://www.lvyumi.com Server: nginx Content-Length: 0 Content-Type: text/html;charset=UTF-8 P3P: policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID" Set-Cookie: NTESLOFTSI=C50E5425B886F5EFA508844075E72B6B.classa-lofter4-8010; Domain=.www.lofter.com; Path=/ Set-Cookie: firstentry=%2Fblogindex.do%3FloftBlogName%3Dluyumi%26X-From-ISP%3D2|; Domain=.lofter.com; Expires=Mon, 15-Jun-2015 15:48:21 GMT; Path=/ Set-Cookie: usertrack=c+5+hVV9okUr53/Ukm6OAg==; expires=Mon, 13-Jun-16 15:48:21 GMT; domain=lofter.com; path=/ | clean |
http://www.lvyumi.com/ | HTTP/1.1 302 Moved Temporarily Connection: close Date: Sun, 14 Jun 2015 15:48:23 GMT Location: http://www.lofter.com/mydomainr.do?domain=www.lvyumi.com&path=/ Server: nginx Content-Length: 154 Content-Type: text/html | clean |
http://www.lofter.com/mydomainr.do?domain=www.lvyumi.com&path=/ | HTTP/1.1 302 Moved Temporarily Connection: close Date: Sun, 14 Jun 2015 15:48:24 GMT Location: http://luyumi.lofter.com/?mydomainr=true Server: nginx Content-Length: 0 Content-Type: text/html;charset=UTF-8 P3P: policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID" Set-Cookie: NTESLOFTSI=8A683BACFB9CCDFDD25841FAFFD52E26.classa-lofter8-8010; Domain=.www.lofter.com; Path=/ Set-Cookie: firstentry=%2Fmydomainr.do%3FX-From-ISP%3D2%26domain%3Dwww.lvyumi.com%26path%3D%2F|; Domain=.lofter.com; Expires=Mon, 15-Jun-2015 15:48:24 GMT; Path=/ Set-Cookie: usertrack=c+5+hlV9okgealbLkbBRAg==; expires=Mon, 13-Jun-16 15:48:24 GMT; domain=lofter.com; path=/ | clean |
http://luyumi.lofter.com/?mydomainr=true | 200 OK Content-Length: 7932 Content-Type: text/html | suspicious |
Hidden iFrame found. style: hidden src: http://l.bst.126.net/rsc/htm/music.html <iframe style="display:none" src="http://l.bst.126.net/rsc/htm/music.html" > | ||
http://luyumi.lofter.com/?page=2&t=1405668278459 | HTTP/1.1 301 Moved Permanently Connection: close Date: Sun, 14 Jun 2015 15:48:26 GMT Location: http://www.lvyumi.com/?page=2&t=1405668278459 Server: nginx Content-Length: 0 Content-Type: text/html;charset=UTF-8 P3P: policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID" Set-Cookie: NTESLOFTSI=434668CE7FC6794E5C53855581F3EFBC.classa-lofter10-8010; Domain=.www.lofter.com; Path=/ Set-Cookie: firstentry=%2Fblogindex.do%3FloftBlogName%3Dluyumi%26X-From-ISP%3D2%26page%3D2%26t%3D1405668278459|; Domain=.lofter.com; Expires=Mon, 15-Jun-2015 15:48:26 GMT; Path=/ Set-Cookie: usertrack=c+5+hlV9okopKlbRkesnAg==; expires=Mon, 13-Jun-16 15:48:26 GMT; domain=lofter.com; path=/ | clean |
http://www.lvyumi.com/?page=2&t=1405668278459 | HTTP/1.1 302 Moved Temporarily Connection: close Date: Sun, 14 Jun 2015 15:48:28 GMT Location: http://www.lofter.com/mydomainr.do?domain=www.lvyumi.com&path=/?page=2&t=1405668278459 Server: nginx Content-Length: 154 Content-Type: text/html | clean |
http://www.lofter.com/mydomainr.do?domain=www.lvyumi.com&path=/?page=2&t=1405668278459 | HTTP/1.1 302 Moved Temporarily Connection: close Date: Sun, 14 Jun 2015 15:48:29 GMT Location: http://luyumi.lofter.com/?page=2&mydomainr=true Server: nginx Content-Length: 0 Content-Type: text/html;charset=UTF-8 P3P: policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID" Set-Cookie: NTESLOFTSI=2D305214C1A2DCD35DA823F7DBCE70B4.blog197-8010; Domain=.www.lofter.com; Path=/ Set-Cookie: firstentry=%2Fmydomainr.do%3FX-From-ISP%3D2%26domain%3Dwww.lvyumi.com%26path%3D%2F%3Fpage%3D2%26t%3D1405668278459|; Domain=.lofter.com; Expires=Mon, 15-Jun-2015 15:48:29 GMT; Path=/ Set-Cookie: usertrack=c+5+hVV9ok09T3/ikp/0Ag==; expires=Mon, 13-Jun-16 15:48:29 GMT; domain=lofter.com; path=/ | clean |
http://luyumi.lofter.com/test404page.js | 404 Not Found Content-Length: 6903 Content-Type: text/html | suspicious |
Hidden iFrame found. style: hidden src: http://l.bst.126.net/rsc/htm/music.html <iframe style="display:none" src="http://l.bst.126.net/rsc/htm/music.html" > | ||
http://l.bst.126.net/rsc/js/theme/r/pagephotoshow.min.js?0002 | 200 OK Content-Length: 54117 Content-Type: application/x-javascript | clean |
http://lvyumi.com/?page=3&t=1396772552613 | HTTP/1.1 302 Moved Temporarily Connection: close Date: Sun, 14 Jun 2015 15:48:35 GMT Location: http://www.lofter.com/mydomainr.do?domain=lvyumi.com&path=/?page=3&t=1396772552613 Server: nginx Content-Length: 154 Content-Type: text/html | clean |
http://www.lofter.com/mydomainr.do?domain=lvyumi.com&path=/?page=3&t=1396772552613 | HTTP/1.1 302 Moved Temporarily Connection: close Date: Sun, 14 Jun 2015 15:48:36 GMT Location: http://luyumi.lofter.com/?page=3&mydomainr=true Server: nginx Content-Length: 0 Content-Type: text/html;charset=UTF-8 P3P: policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID" Set-Cookie: NTESLOFTSI=166BE0EE7ED12FC7510A4CCA336F0B11.classa-lofter4-8010; Domain=.www.lofter.com; Path=/ Set-Cookie: firstentry=%2Fmydomainr.do%3FX-From-ISP%3D2%26domain%3Dlvyumi.com%26path%3D%2F%3Fpage%3D3%26t%3D1396772552613|; Domain=.lofter.com; Expires=Mon, 15-Jun-2015 15:48:36 GMT; Path=/ Set-Cookie: usertrack=c+5+hlV9olQlX1bPk6lPAg==; expires=Mon, 13-Jun-16 15:48:36 GMT; domain=lofter.com; path=/ | clean |
http://luyumi.lofter.com/?page=3&mydomainr=true | 200 OK Content-Length: 4013 Content-Type: text/html | suspicious |
Hidden iFrame found. style: hidden src: http://l.bst.126.net/rsc/htm/music.html <iframe style="display:none" src="http://l.bst.126.net/rsc/htm/music.html" > |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: lvyumi.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Sun, 14 Jun 2015 15:48:03 GMT
Server: nginx
Vary: Accept-Encoding
Vary: Accept-Encoding
Content-Type: text/html;charset=UTF-8
Set-Cookie: NTESLOFTSI=66B49CC2056A26043E461F4421A6D124.classa-lofter2-8010; Domain=.www.lofter.com; Path=/
Set-Cookie: firstentry=%2Fblogindex.do%3Fmydomain%3Dlvyumi.com%26|; Domain=.lofter.com; Expires=Mon, 15-Jun-2015 15:48:03 GMT; Path=/
GET / HTTP/1.1
Host: lvyumi.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Sun, 14 Jun 2015 15:48:03 GMT
Server: nginx
Vary: Accept-Encoding
Vary: Accept-Encoding
Content-Type: text/html;charset=UTF-8
Set-Cookie: NTESLOFTSI=66B49CC2056A26043E461F4421A6D124.classa-lofter2-8010; Domain=.www.lofter.com; Path=/
Set-Cookie: firstentry=%2Fblogindex.do%3Fmydomain%3Dlvyumi.com%26|; Domain=.lofter.com; Expires=Mon, 15-Jun-2015 15:48:03 GMT; Path=/
Second query (visit from search engine):
GET / HTTP/1.1
Host: lvyumi.com
Referer: http://www.google.com/search?q=lvyumi.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: lvyumi.com
Referer: http://www.google.com/search?q=lvyumi.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=lvyumi.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://lvyumi.com/
Result: lvyumi.com is not infected or malware details are not published yet.
Result: lvyumi.com is not infected or malware details are not published yet.