Scanned pages/files
Request | Server response | Status |
http://samming.net/ | HTTP/1.1 302 Moved Temporarily Connection: close Date: Wed, 24 Sep 2014 05:38:29 GMT Location: http://www.lofter.com/mydomainr.do?domain=samming.net&path=/ Server: nginx Content-Length: 154 Content-Type: text/html | clean |
http://www.lofter.com/mydomainr.do?domain=samming.net&path=/ | HTTP/1.1 302 Moved Temporarily Connection: close Date: Wed, 24 Sep 2014 05:38:30 GMT Location: http://samming.lofter.com/?mydomainr=true Server: nginx Content-Length: 0 Content-Type: text/html;charset=UTF-8 P3P: policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID" Set-Cookie: NTESLOFTSI=9FDE9248AD90A2B9CEDF95475ED7FC2A.lofter15-8010; Domain=.www.lofter.com; Path=/ Set-Cookie: firstentry=%2Fmydomainr.do%3FX-From-ISP%3D2%26domain%3Dsamming.net%26path%3D%2F|; Domain=.lofter.com; Expires=Thu, 25-Sep-2014 05:38:30 GMT; Path=/ Set-Cookie: usertrack=ezq0eFQiWNZbnmIBI3j0Ag==; expires=Thu, 24-Sep-15 05:38:30 GMT; domain=lofter.com; path=/ | clean |
http://samming.lofter.com/?mydomainr=true | 200 OK Content-Length: 17794 Content-Type: text/html | suspicious |
Hidden iFrame found. style: hidden src: http://l.bst.126.net/rsc/htm/music.html <iframe style="display:none" src="http://l.bst.126.net/rsc/htm/music.html" > | ||
http://l.bst.126.net/rsc/js/pagelayer/pagelayer.js?0006 | 200 OK Content-Length: 26075 Content-Type: application/x-javascript | clean |
http://l.bst.126.net/rsc/js/jquery-1.6.2.min.js | 200 OK Content-Length: 91572 Content-Type: application/x-javascript | clean |
http://lofter.ph.126.net/6F6FnCij3nRyOu03vSOnww==/5629523723468935453.js | 200 OK Content-Length: 2252 Content-Type: application/javascript | clean |
http://l.bst.126.net/rsc/js/themecommon.js?0010 | 200 OK Content-Length: 8290 Content-Type: application/x-javascript | clean |
http://analytics.163.com/ntes.js | 200 OK Content-Length: 19650 Content-Type: application/x-javascript | clean |
http://samming.net/?page=2 | 200 OK Content-Length: 18804 Content-Type: text/html | suspicious |
Hidden iFrame found. style: hidden src: http://l.bst.126.net/rsc/htm/music.html <iframe style="display:none" src="http://l.bst.126.net/rsc/htm/music.html" > | ||
http://samming.net/?page=1 | HTTP/1.1 302 Moved Temporarily Connection: close Date: Wed, 24 Sep 2014 05:38:40 GMT Location: http://www.lofter.com/mydomainr.do?domain=samming.net&path=/?page=1 Server: nginx Content-Length: 154 Content-Type: text/html | clean |
http://www.lofter.com/mydomainr.do?domain=samming.net&path=/?page=1 | HTTP/1.1 302 Moved Temporarily Connection: close Date: Wed, 24 Sep 2014 05:38:41 GMT Location: http://samming.lofter.com/?page=1&mydomainr=true Server: nginx Content-Length: 0 Content-Type: text/html;charset=UTF-8 P3P: policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID" Set-Cookie: NTESLOFTSI=F13B8B7741016E3E7C80FCB35F523FD5.lofter16-8010; Domain=.www.lofter.com; Path=/ Set-Cookie: firstentry=%2Fmydomainr.do%3FX-From-ISP%3D2%26domain%3Dsamming.net%26path%3D%2F%3Fpage%3D1|; Domain=.lofter.com; Expires=Thu, 25-Sep-2014 05:38:41 GMT; Path=/ Set-Cookie: usertrack=ezq0d1QiWOEEWncpIt88Ag==; expires=Thu, 24-Sep-15 05:38:41 GMT; domain=lofter.com; path=/ | clean |
http://samming.lofter.com/?page=1&mydomainr=true | 200 OK Content-Length: 17794 Content-Type: text/html | suspicious |
Hidden iFrame found. style: hidden src: http://l.bst.126.net/rsc/htm/music.html <iframe style="display:none" src="http://l.bst.126.net/rsc/htm/music.html" > | ||
http://samming.lofter.com/ | HTTP/1.1 301 Moved Permanently Connection: close Date: Wed, 24 Sep 2014 05:38:43 GMT Location: http://isming.me Server: nginx Content-Length: 0 Content-Type: text/html;charset=UTF-8 P3P: policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID" Set-Cookie: NTESLOFTSI=245B98BE9FA9AD6B8DE139C911CDF2F4.lofter14-8010; Domain=.www.lofter.com; Path=/ Set-Cookie: firstentry=%2Fblogindex.do%3FloftBlogName%3Dsamming%26X-From-ISP%3D2|; Domain=.lofter.com; Expires=Thu, 25-Sep-2014 05:38:43 GMT; Path=/ Set-Cookie: usertrack=ezq0d1QiWONflWIFIzuaAg==; expires=Thu, 24-Sep-15 05:38:43 GMT; domain=lofter.com; path=/ | clean |
http://isming.me/ | HTTP/1.1 302 Moved Temporarily Connection: close Date: Wed, 24 Sep 2014 05:38:45 GMT Location: http://www.lofter.com/mydomainr.do?domain=isming.me&path=/ Server: nginx Content-Length: 154 Content-Type: text/html | clean |
http://www.lofter.com/mydomainr.do?domain=isming.me&path=/ | HTTP/1.1 302 Moved Temporarily Connection: close Date: Wed, 24 Sep 2014 05:38:45 GMT Location: http://samming.lofter.com/?mydomainr=true Server: nginx Content-Length: 0 Content-Type: text/html;charset=UTF-8 P3P: policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID" Set-Cookie: NTESLOFTSI=17ABCC7CB2CA88D5DB79BC3895E3405D.lofter15-8010; Domain=.www.lofter.com; Path=/ Set-Cookie: firstentry=%2Fmydomainr.do%3FX-From-ISP%3D2%26domain%3Disming.me%26path%3D%2F|; Domain=.lofter.com; Expires=Thu, 25-Sep-2014 05:38:45 GMT; Path=/ Set-Cookie: usertrack=ezq0d1QiWOVBd2H3Ip2SAg==; expires=Thu, 24-Sep-15 05:38:45 GMT; domain=lofter.com; path=/ | clean |
http://samming.lofter.com/test404page.js | 404 Not Found Content-Length: 8541 Content-Type: text/html | suspicious |
Hidden iFrame found. style: hidden src: http://l.bst.126.net/rsc/htm/music.html <iframe style="display:none" src="http://l.bst.126.net/rsc/htm/music.html" > | ||
http://l.bst.126.net/rsc/js/theme/r/pagephotoshow.min.js?0002 | 200 OK Content-Length: 54020 Content-Type: application/x-javascript | clean |
http://samming.net/?page=3 | HTTP/1.1 302 Moved Temporarily Connection: close Date: Wed, 24 Sep 2014 05:38:49 GMT Location: http://www.lofter.com/mydomainr.do?domain=samming.net&path=/?page=3 Server: nginx Content-Length: 154 Content-Type: text/html | clean |
http://www.lofter.com/mydomainr.do?domain=samming.net&path=/?page=3 | HTTP/1.1 302 Moved Temporarily Connection: close Date: Wed, 24 Sep 2014 05:38:50 GMT Location: http://samming.lofter.com/?page=3&mydomainr=true Server: nginx Content-Length: 0 Content-Type: text/html;charset=UTF-8 P3P: policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID" Set-Cookie: NTESLOFTSI=B6BB2E2A57F92EE01280921D6706F3FE.lofter1-8010; Domain=.www.lofter.com; Path=/ Set-Cookie: firstentry=%2Fmydomainr.do%3FX-From-ISP%3D2%26domain%3Dsamming.net%26path%3D%2F%3Fpage%3D3|; Domain=.lofter.com; Expires=Thu, 25-Sep-2014 05:38:50 GMT; Path=/ Set-Cookie: usertrack=ezq0eFQiWOpflWIFIzwxAg==; expires=Thu, 24-Sep-15 05:38:50 GMT; domain=lofter.com; path=/ | clean |
http://samming.lofter.com/?page=3&mydomainr=true | 200 OK Content-Length: 17991 Content-Type: text/html | suspicious |
Hidden iFrame found. style: hidden src: http://l.bst.126.net/rsc/htm/music.html <iframe style="display:none" src="http://l.bst.126.net/rsc/htm/music.html" > | ||
http://samming.lofter.com/?page=2 | HTTP/1.1 301 Moved Permanently Connection: close Date: Wed, 24 Sep 2014 05:38:52 GMT Location: http://isming.me/?page=2 Server: nginx Content-Length: 0 Content-Type: text/html;charset=UTF-8 P3P: policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID" Set-Cookie: NTESLOFTSI=920A0D7D06F68E7D49710581B32ED466.lofter14-8010; Domain=.www.lofter.com; Path=/ Set-Cookie: firstentry=%2Fblogindex.do%3FloftBlogName%3Dsamming%26X-From-ISP%3D2%26page%3D2|; Domain=.lofter.com; Expires=Thu, 25-Sep-2014 05:38:52 GMT; Path=/ Set-Cookie: usertrack=ezq0eFQiWOwF0XcmIp09Ag==; expires=Thu, 24-Sep-15 05:38:52 GMT; domain=lofter.com; path=/ | clean |
http://isming.me/?page=2 | HTTP/1.1 302 Moved Temporarily Connection: close Date: Wed, 24 Sep 2014 05:38:53 GMT Location: http://www.lofter.com/mydomainr.do?domain=isming.me&path=/?page=2 Server: nginx Content-Length: 154 Content-Type: text/html | clean |
http://www.lofter.com/mydomainr.do?domain=isming.me&path=/?page=2 | HTTP/1.1 302 Moved Temporarily Connection: close Date: Wed, 24 Sep 2014 05:38:54 GMT Location: http://samming.lofter.com/?page=2&mydomainr=true Server: nginx Content-Length: 0 Content-Type: text/html;charset=UTF-8 P3P: policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID" Set-Cookie: NTESLOFTSI=EE8FEA6D8A937C15D1281D9799F16D47.lofter16-8010; Domain=.www.lofter.com; Path=/ Set-Cookie: firstentry=%2Fmydomainr.do%3FX-From-ISP%3D2%26domain%3Disming.me%26path%3D%2F%3Fpage%3D2|; Domain=.lofter.com; Expires=Thu, 25-Sep-2014 05:38:54 GMT; Path=/ Set-Cookie: usertrack=ezq0eFQiWO4342HyI63xAg==; expires=Thu, 24-Sep-15 05:38:54 GMT; domain=lofter.com; path=/ | clean |
http://samming.lofter.com/?page=2&mydomainr=true | 200 OK Content-Length: 18804 Content-Type: text/html | suspicious |
Hidden iFrame found. style: hidden src: http://l.bst.126.net/rsc/htm/music.html <iframe style="display:none" src="http://l.bst.126.net/rsc/htm/music.html" > | ||
http://samming.lofter.com/post/14304c_a4f54a | HTTP/1.1 301 Moved Permanently Connection: close Date: Wed, 24 Sep 2014 05:38:56 GMT Location: http://isming.me/post/14304c_a4f54a Server: nginx Content-Length: 0 Content-Type: text/html;charset=UTF-8 P3P: policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID" Set-Cookie: NTESLOFTSI=849B32B77B57BD2C7FB9B64175BB8CDB.blog198-8010; Domain=.www.lofter.com; Path=/ Set-Cookie: firstentry=%2Fpost.do%3FloftBlogName%3Dsamming%26loftPostUrl%3D14304c_a4f54a%26X-From-ISP%3D2|; Domain=.lofter.com; Expires=Thu, 25-Sep-2014 05:38:56 GMT; Path=/ Set-Cookie: usertrack=ezq0eFQiWPAQuncyI2toAg==; expires=Thu, 24-Sep-15 05:38:56 GMT; domain=lofter.com; path=/ | clean |
http://isming.me/post/14304c_a4f54a | HTTP/1.1 302 Moved Temporarily Connection: close Date: Wed, 24 Sep 2014 05:38:56 GMT Location: http://www.lofter.com/mydomainr.do?domain=isming.me&path=/post/14304c_a4f54a Server: nginx Content-Length: 154 Content-Type: text/html | clean |
http://www.lofter.com/mydomainr.do?domain=isming.me&path=/post/14304c_a4f54a | HTTP/1.1 302 Moved Temporarily Connection: close Date: Wed, 24 Sep 2014 05:38:57 GMT Location: http://samming.lofter.com/post/14304c_a4f54a?mydomainr=true Server: nginx Content-Length: 0 Content-Type: text/html;charset=UTF-8 P3P: policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID" Set-Cookie: NTESLOFTSI=FC8944DF0C207A54BB82035FA8977776.lofter14-8010; Domain=.www.lofter.com; Path=/ Set-Cookie: firstentry=%2Fmydomainr.do%3FX-From-ISP%3D2%26domain%3Disming.me%26path%3D%2Fpost%2F14304c_a4f54a|; Domain=.lofter.com; Expires=Thu, 25-Sep-2014 05:38:57 GMT; Path=/ Set-Cookie: usertrack=ezq0eFQiWPEgb3c5Io8GAg==; expires=Thu, 24-Sep-15 05:38:57 GMT; domain=lofter.com; path=/ | clean |
http://samming.lofter.com/post/14304c_a4f54a?mydomainr=true | 200 OK Content-Length: 12744 Content-Type: text/html | suspicious |
Hidden iFrame found. style: hidden src: http://l.bst.126.net/rsc/htm/music.html <iframe style="display:none" src="http://l.bst.126.net/rsc/htm/music.html" > | ||
http://samming.lofter.com/post/ | 404 Not Found Content-Length: 8541 Content-Type: text/html | suspicious |
Hidden iFrame found. style: hidden src: http://l.bst.126.net/rsc/htm/music.html <iframe style="display:none" src="http://l.bst.126.net/rsc/htm/music.html" > | ||
http://samming.lofter.com/post/14304c_b3f9aa | HTTP/1.1 301 Moved Permanently Connection: close Date: Wed, 24 Sep 2014 05:38:59 GMT Location: http://isming.me/post/14304c_b3f9aa Server: nginx Content-Length: 0 Content-Type: text/html;charset=UTF-8 P3P: policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID" Set-Cookie: NTESLOFTSI=4C624DEA6784E9228F8180E2BC174261.lofter14-8010; Domain=.www.lofter.com; Path=/ Set-Cookie: firstentry=%2Fpost.do%3FloftBlogName%3Dsamming%26loftPostUrl%3D14304c_b3f9aa%26X-From-ISP%3D2|; Domain=.lofter.com; Expires=Thu, 25-Sep-2014 05:38:59 GMT; Path=/ Set-Cookie: usertrack=ezq0d1QiWPOJy1ayIt1HAg==; expires=Thu, 24-Sep-15 05:38:59 GMT; domain=lofter.com; path=/ | clean |
http://isming.me/post/14304c_b3f9aa | 200 OK Content-Length: 13449 Content-Type: text/html | suspicious |
Hidden iFrame found. style: hidden src: http://l.bst.126.net/rsc/htm/music.html <iframe style="display:none" src="http://l.bst.126.net/rsc/htm/music.html" > |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: samming.net
Result:
HTTP/1.1 302 Moved Temporarily
Connection: close
Date: Wed, 24 Sep 2014 05:38:29 GMT
Location: http://www.lofter.com/mydomainr.do?domain=samming.net&path=/
Server: nginx
Content-Length: 154
Content-Type: text/html
...154 bytes of data.
GET / HTTP/1.1
Host: samming.net
Result:
HTTP/1.1 302 Moved Temporarily
Connection: close
Date: Wed, 24 Sep 2014 05:38:29 GMT
Location: http://www.lofter.com/mydomainr.do?domain=samming.net&path=/
Server: nginx
Content-Length: 154
Content-Type: text/html
...154 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: samming.net
Referer: http://www.google.com/search?q=samming.net
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: samming.net
Referer: http://www.google.com/search?q=samming.net
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=samming.net
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://samming.net/
Result: samming.net is not infected or malware details are not published yet.
Result: samming.net is not infected or malware details are not published yet.