Scanned pages/files
Request | Server response | Status |
http://onekgold.com/ | HTTP/1.1 302 Moved Temporarily Connection: close Date: Sat, 07 Jun 2014 10:24:17 GMT Location: http://www.lofter.com/mydomainr.do?domain=onekgold.com&path=/ Server: nginx Content-Length: 154 Content-Type: text/html | clean |
http://www.lofter.com/mydomainr.do?domain=onekgold.com&path=/ | HTTP/1.1 302 Moved Temporarily Connection: close Date: Sat, 07 Jun 2014 10:24:18 GMT Location: http://onekgold.lofter.com/?mydomainr=true Server: nginx Content-Length: 0 Content-Type: text/html;charset=UTF-8 P3P: policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID" Set-Cookie: NTESLOFTSI=9E95D2B6FF93BE2949882BBB5EF8E28E.blog197-8010; Domain=.www.lofter.com; Path=/ Set-Cookie: firstentry=%2Fmydomainr.do%3Fdomain%3Donekgold.com%26path%3D%2F|; Domain=.lofter.com; Expires=Sun, 08-Jun-2014 10:24:18 GMT; Path=/ Set-Cookie: usertrack=ZUcIg1OS6FIgFBlCD3jaAg==; expires=Sun, 07-Jun-15 10:24:18 GMT; domain=lofter.com; path=/ | clean |
http://onekgold.lofter.com/?mydomainr=true | 200 OK Content-Length: 14549 Content-Type: text/html | suspicious |
Hidden iFrame found. style: hidden src: http://l.bst.126.net/rsc/htm/music.html <iframe style="display:none" src="http://l.bst.126.net/rsc/htm/music.html" > | ||
http://l.bst.126.net/rsc/js/jquery-1.6.2.min.js | 200 OK Content-Length: 91572 Content-Type: application/x-javascript | clean |
http://lofter.ph.126.net/aJfwwpFDwsyGZctfFifWbg==/5629523723468935429.js | 200 OK Content-Length: 564 Content-Type: application/javascript | clean |
http://l.bst.126.net/rsc/js/themecommon.js?0005 | 200 OK Content-Length: 2224 Content-Type: application/x-javascript | clean |
http://analytics.163.com/ntes.js | 200 OK Content-Length: 19465 Content-Type: application/x-javascript | clean |
http://onekgold.com/?page=1 | HTTP/1.1 302 Moved Temporarily Connection: close Date: Sat, 07 Jun 2014 10:24:25 GMT Location: http://www.lofter.com/mydomainr.do?domain=onekgold.com&path=/?page=1 Server: nginx Content-Length: 154 Content-Type: text/html | clean |
http://www.lofter.com/mydomainr.do?domain=onekgold.com&path=/?page=1 | HTTP/1.1 302 Moved Temporarily Connection: close Date: Sat, 07 Jun 2014 10:24:26 GMT Location: http://onekgold.lofter.com/?page=1&mydomainr=true Server: nginx Content-Length: 0 Content-Type: text/html;charset=UTF-8 P3P: policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID" Set-Cookie: NTESLOFTSI=129E6D049252927EC693F1DDC2B50F4E.blog198-8010; Domain=.www.lofter.com; Path=/ Set-Cookie: firstentry=%2Fmydomainr.do%3Fdomain%3Donekgold.com%26path%3D%2F%3Fpage%3D1|; Domain=.lofter.com; Expires=Sun, 08-Jun-2014 10:24:26 GMT; Path=/ Set-Cookie: usertrack=ZUcIhFOS6FpINQLXDfg7Ag==; expires=Sun, 07-Jun-15 10:24:26 GMT; domain=lofter.com; path=/ | clean |
http://onekgold.lofter.com/?page=1&mydomainr=true | 200 OK Content-Length: 14549 Content-Type: text/html | suspicious |
Hidden iFrame found. style: hidden src: http://l.bst.126.net/rsc/htm/music.html <iframe style="display:none" src="http://l.bst.126.net/rsc/htm/music.html" > | ||
http://onekgold.lofter.com/ | HTTP/1.1 301 Moved Permanently Connection: close Date: Sat, 07 Jun 2014 10:24:29 GMT Location: http://www.onekgold.com Server: nginx Content-Length: 0 Content-Type: text/html;charset=UTF-8 P3P: policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID" Set-Cookie: NTESLOFTSI=BB30E33FFE885397021CA7EF2FAA7D69.blog197-8010; Domain=.www.lofter.com; Path=/ Set-Cookie: firstentry=%2Fblogindex.do%3FloftBlogName%3Donekgold%26|; Domain=.lofter.com; Expires=Sun, 08-Jun-2014 10:24:29 GMT; Path=/ Set-Cookie: usertrack=ZUcIhFOS6F1HPQLRDbb3Ag==; expires=Sun, 07-Jun-15 10:24:29 GMT; domain=lofter.com; path=/ | clean |
http://www.onekgold.com/ | HTTP/1.1 302 Moved Temporarily Connection: close Date: Sat, 07 Jun 2014 10:24:30 GMT Location: http://www.lofter.com/mydomainr.do?domain=www.onekgold.com&path=/ Server: nginx Content-Length: 154 Content-Type: text/html | clean |
http://www.lofter.com/mydomainr.do?domain=www.onekgold.com&path=/ | HTTP/1.1 302 Moved Temporarily Connection: close Date: Sat, 07 Jun 2014 10:24:31 GMT Location: http://onekgold.lofter.com/?mydomainr=true Server: nginx Content-Length: 0 Content-Type: text/html;charset=UTF-8 P3P: policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID" Set-Cookie: NTESLOFTSI=EDFA49A286D177BB60CEE3859E834ED1.blog197-8010; Domain=.www.lofter.com; Path=/ Set-Cookie: firstentry=%2Fmydomainr.do%3Fdomain%3Dwww.onekgold.com%26path%3D%2F|; Domain=.lofter.com; Expires=Sun, 08-Jun-2014 10:24:31 GMT; Path=/ Set-Cookie: usertrack=ZUcIhFOS6F9IawLYDagXAg==; expires=Sun, 07-Jun-15 10:24:31 GMT; domain=lofter.com; path=/ | clean |
http://onekgold.lofter.com/test404page.js | 404 Not Found Content-Length: 6537 Content-Type: text/html | suspicious |
Hidden iFrame found. style: hidden src: http://l.bst.126.net/rsc/htm/music.html <iframe style="display:none" src="http://l.bst.126.net/rsc/htm/music.html" > | ||
http://l.bst.126.net/rsc/js/theme/r/pagephotoshow.min.js?0002 | 200 OK Content-Length: 54020 Content-Type: application/x-javascript | clean |
http://onekgold.com/?page=2 | 200 OK Content-Length: 18225 Content-Type: text/html | suspicious |
Hidden iFrame found. style: hidden src: http://l.bst.126.net/rsc/htm/music.html <iframe style="display:none" src="http://l.bst.126.net/rsc/htm/music.html" > | ||
http://onekgold.com/wp-content/uploads/2014/02/thumbs20140224231544.jpg | 404 Not Found Content-Length: 6537 Content-Type: text/html | suspicious |
Hidden iFrame found. style: hidden src: http://l.bst.126.net/rsc/htm/music.html <iframe style="display:none" src="http://l.bst.126.net/rsc/htm/music.html" > | ||
http://onekgold.com/wp-content/uploads/2014/02/ | 404 Not Found Content-Length: 6537 Content-Type: text/html | suspicious |
Hidden iFrame found. style: hidden src: http://l.bst.126.net/rsc/htm/music.html <iframe style="display:none" src="http://l.bst.126.net/rsc/htm/music.html" > | ||
http://onekgold.com/wp-content/uploads/2014/02/QQ20140224231637.png | 404 Not Found Content-Length: 6537 Content-Type: text/html | suspicious |
Hidden iFrame found. style: hidden src: http://l.bst.126.net/rsc/htm/music.html <iframe style="display:none" src="http://l.bst.126.net/rsc/htm/music.html" > | ||
http://onekgold.com/wp-content/uploads/2014/02/a.jpg | HTTP/1.1 302 Moved Temporarily Connection: close Date: Sat, 07 Jun 2014 10:24:49 GMT Location: http://www.lofter.com/mydomainr.do?domain=onekgold.com&path=/wp-content/uploads/2014/02/a.jpg Server: nginx Content-Length: 154 Content-Type: text/html | clean |
http://www.lofter.com/mydomainr.do?domain=onekgold.com&path=/wp-content/uploads/2014/02/a.jpg | HTTP/1.1 302 Moved Temporarily Connection: close Date: Sat, 07 Jun 2014 10:24:50 GMT Location: http://onekgold.lofter.com/wp-content/uploads/2014/02/a.jpg?mydomainr=true Server: nginx Content-Length: 0 Content-Type: text/html;charset=UTF-8 P3P: policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID" Set-Cookie: NTESLOFTSI=F761D50F22ADCA274B31AFD7989DEB48.lofter0-8010; Domain=.www.lofter.com; Path=/ Set-Cookie: firstentry=%2Fmydomainr.do%3Fdomain%3Donekgold.com%26path%3D%2Fwp-content%2Fuploads%2F2014%2F02%2Fa.jpg|; Domain=.lofter.com; Expires=Sun, 08-Jun-2014 10:24:50 GMT; Path=/ Set-Cookie: usertrack=ZUcIg1OS6HIfbRk/D38QAg==; expires=Sun, 07-Jun-15 10:24:50 GMT; domain=lofter.com; path=/ | clean |
http://onekgold.lofter.com/wp-content/uploads/2014/02/a.jpg?mydomainr=true | 404 Not Found Content-Length: 6537 Content-Type: text/html | suspicious |
Hidden iFrame found. style: hidden src: http://l.bst.126.net/rsc/htm/music.html <iframe style="display:none" src="http://l.bst.126.net/rsc/htm/music.html" > | ||
http://onekgold.lofter.com/wp-content/uploads/2014/02/ | 404 Not Found Content-Length: 6537 Content-Type: text/html | suspicious |
Hidden iFrame found. style: hidden src: http://l.bst.126.net/rsc/htm/music.html <iframe style="display:none" src="http://l.bst.126.net/rsc/htm/music.html" > | ||
http://onekgold.com/wp-content/uploads/2014/02/b.jpg | HTTP/1.1 302 Moved Temporarily Connection: close Date: Sat, 07 Jun 2014 10:24:53 GMT Location: http://www.lofter.com/mydomainr.do?domain=onekgold.com&path=/wp-content/uploads/2014/02/b.jpg Server: nginx Content-Length: 154 Content-Type: text/html | clean |
http://www.lofter.com/mydomainr.do?domain=onekgold.com&path=/wp-content/uploads/2014/02/b.jpg | HTTP/1.1 302 Moved Temporarily Connection: close Date: Sat, 07 Jun 2014 10:24:54 GMT Location: http://onekgold.lofter.com/wp-content/uploads/2014/02/b.jpg?mydomainr=true Server: nginx Content-Length: 0 Content-Type: text/html;charset=UTF-8 P3P: policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID" Set-Cookie: NTESLOFTSI=643D555E157222337D50139C7BF6C326.blog198-8010; Domain=.www.lofter.com; Path=/ Set-Cookie: firstentry=%2Fmydomainr.do%3Fdomain%3Donekgold.com%26path%3D%2Fwp-content%2Fuploads%2F2014%2F02%2Fb.jpg|; Domain=.lofter.com; Expires=Sun, 08-Jun-2014 10:24:54 GMT; Path=/ Set-Cookie: usertrack=ZUcIg1OS6HYZrxkoEHCFAg==; expires=Sun, 07-Jun-15 10:24:54 GMT; domain=lofter.com; path=/ | clean |
http://onekgold.lofter.com/wp-content/uploads/2014/02/b.jpg?mydomainr=true | 404 Not Found Content-Length: 6537 Content-Type: text/html | suspicious |
Hidden iFrame found. style: hidden src: http://l.bst.126.net/rsc/htm/music.html <iframe style="display:none" src="http://l.bst.126.net/rsc/htm/music.html" > |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: onekgold.com
Result:
HTTP/1.1 302 Moved Temporarily
Connection: close
Date: Sat, 07 Jun 2014 10:24:17 GMT
Location: http://www.lofter.com/mydomainr.do?domain=onekgold.com&path=/
Server: nginx
Content-Length: 154
Content-Type: text/html
...154 bytes of data.
GET / HTTP/1.1
Host: onekgold.com
Result:
HTTP/1.1 302 Moved Temporarily
Connection: close
Date: Sat, 07 Jun 2014 10:24:17 GMT
Location: http://www.lofter.com/mydomainr.do?domain=onekgold.com&path=/
Server: nginx
Content-Length: 154
Content-Type: text/html
...154 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: onekgold.com
Referer: http://www.google.com/search?q=onekgold.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: onekgold.com
Referer: http://www.google.com/search?q=onekgold.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=onekgold.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://onekgold.com/
Result: onekgold.com is not infected or malware details are not published yet.
Result: onekgold.com is not infected or malware details are not published yet.