Scanned pages/files
Request | Server response | Status |
http://www.we17.com/ | HTTP/1.1 302 Moved Temporarily Connection: close Date: Sat, 06 Sep 2014 18:58:22 GMT Location: http://www.lofter.com/mydomainr.do?domain=www.we17.com&path=/ Server: nginx Content-Length: 154 Content-Type: text/html | clean |
http://www.lofter.com/mydomainr.do?domain=www.we17.com&path=/ | HTTP/1.1 302 Moved Temporarily Connection: close Date: Sat, 06 Sep 2014 18:58:22 GMT Location: http://we17com.lofter.com/?mydomainr=true Server: nginx Content-Length: 0 Content-Type: text/html;charset=UTF-8 P3P: policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID" Set-Cookie: NTESLOFTSI=130D863E5181E08BE0498987E6DF39C2.lofter1-8010; Domain=.www.lofter.com; Path=/ Set-Cookie: firstentry=%2Fmydomainr.do%3FX-From-ISP%3D2%26domain%3Dwww.we17.com%26path%3D%2F|; Domain=.lofter.com; Expires=Sun, 07-Sep-2014 18:58:22 GMT; Path=/ Set-Cookie: usertrack=ezq0eFQLWU4IIgqfGnJ4Ag==; expires=Sun, 06-Sep-15 18:58:22 GMT; domain=lofter.com; path=/ | clean |
http://we17com.lofter.com/?mydomainr=true | 200 OK Content-Length: 15434 Content-Type: text/html | suspicious |
Hidden iFrame found. style: hidden src: http://l.bst.126.net/rsc/htm/music.html <iframe style="display:none" src="http://l.bst.126.net/rsc/htm/music.html" > | ||
http://l.bst.126.net/rsc/js/pagelayer/pagelayer.js?0004 | 200 OK Content-Length: 26075 Content-Type: application/x-javascript | clean |
http://l.bst.126.net/rsc/js/jquery-1.6.2.min.js | 200 OK Content-Length: 91572 Content-Type: application/x-javascript | clean |
http://lofter.ph.126.net/AaDo4mEoX3cq9NX3Dc_mcw==/6597122543214133663.js | 200 OK Content-Length: 849 Content-Type: application/javascript | clean |
http://l.bst.126.net/rsc/js/themecommon.js?0006 | 200 OK Content-Length: 7174 Content-Type: application/x-javascript | clean |
http://analytics.163.com/ntes.js | 200 OK Content-Length: 19650 Content-Type: application/x-javascript | clean |
http://www.we17.com/post/e2213_23c419 | HTTP/1.1 302 Moved Temporarily Connection: close Date: Sat, 06 Sep 2014 18:58:31 GMT Location: http://www.lofter.com/mydomainr.do?domain=www.we17.com&path=/post/e2213_23c419 Server: nginx Content-Length: 154 Content-Type: text/html | clean |
http://www.lofter.com/mydomainr.do?domain=www.we17.com&path=/post/e2213_23c419 | HTTP/1.1 302 Moved Temporarily Connection: close Date: Sat, 06 Sep 2014 18:58:32 GMT Location: http://we17com.lofter.com/post/e2213_23c419?mydomainr=true Server: nginx Content-Length: 0 Content-Type: text/html;charset=UTF-8 P3P: policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID" Set-Cookie: NTESLOFTSI=83725A5E34BA979F4BB604E99838A873.blog83-8010; Domain=.www.lofter.com; Path=/ Set-Cookie: firstentry=%2Fmydomainr.do%3FX-From-ISP%3D2%26domain%3Dwww.we17.com%26path%3D%2Fpost%2Fe2213_23c419|; Domain=.lofter.com; Expires=Sun, 07-Sep-2014 18:58:32 GMT; Path=/ Set-Cookie: usertrack=ezq0d1QLWVhXvmdAGw6YAg==; expires=Sun, 06-Sep-15 18:58:32 GMT; domain=lofter.com; path=/ | clean |
http://we17com.lofter.com/post/e2213_23c419?mydomainr=true | 200 OK Content-Length: 9648 Content-Type: text/html | suspicious |
Hidden iFrame found. style: hidden src: http://l.bst.126.net/rsc/htm/music.html <iframe style="display:none" src="http://l.bst.126.net/rsc/htm/music.html" > | ||
http://l.bst.126.net/rsc/js/theme/r/pagephotoshow.min.js?0002 | 200 OK Content-Length: 54020 Content-Type: application/x-javascript | clean |
http://www.we17.com/tag/%E6%97%85%E8%A1%8C | HTTP/1.1 302 Moved Temporarily Connection: close Date: Sat, 06 Sep 2014 18:58:36 GMT Location: http://www.lofter.com/mydomainr.do?domain=www.we17.com&path=/tag/%E6%97%85%E8%A1%8C Server: nginx Content-Length: 154 Content-Type: text/html | clean |
http://www.lofter.com/mydomainr.do?domain=www.we17.com&path=/tag/%e6%97%85%e8%a1%8c | HTTP/1.1 302 Moved Temporarily Connection: close Date: Sat, 06 Sep 2014 18:58:36 GMT Location: http://we17com.lofter.com/tag/æ è¡?mydomainr=true Server: nginx Content-Length: 0 Content-Type: text/html;charset=UTF-8 P3P: policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID" Set-Cookie: NTESLOFTSI=E1D7093EE343AC57A3FC84851AF06C9E.lofter13-8010; Domain=.www.lofter.com; Path=/ Set-Cookie: firstentry=%2Fmydomainr.do%3FX-From-ISP%3D2%26domain%3Dwww.we17.com%26path%3D%2Ftag%2F%25e6%2597%2585%25e8%25a1%258c|; Domain=.lofter.com; Expires=Sun, 07-Sep-2014 18:58:36 GMT; Path=/ Set-Cookie: usertrack=ezq0d1QLWVxVqmdCGxU+Ag==; expires=Sun, 06-Sep-15 18:58:36 GMT; domain=lofter.com; path=/ | clean |
http://we17com.lofter.com/tag/æ
è¡?mydomainr=true | 200 OK Content-Length: 9287 Content-Type: text/html | suspicious |
Hidden iFrame found. style: hidden src: http://l.bst.126.net/rsc/htm/music.html <iframe style="display:none" src="http://l.bst.126.net/rsc/htm/music.html" > | ||
http://we17com.lofter.com/ | HTTP/1.1 301 Moved Permanently Connection: close Date: Sat, 06 Sep 2014 18:58:38 GMT Location: http://www.we17.com Server: nginx Content-Length: 0 Content-Type: text/html;charset=UTF-8 P3P: policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID" Set-Cookie: NTESLOFTSI=213FB67BAB0929CA8FDE1BA4E5955901.blog83-8010; Domain=.www.lofter.com; Path=/ Set-Cookie: firstentry=%2Fblogindex.do%3FloftBlogName%3Dwe17com%26X-From-ISP%3D2|; Domain=.lofter.com; Expires=Sun, 07-Sep-2014 18:58:38 GMT; Path=/ Set-Cookie: usertrack=ezq0eFQLWV5iPQkLG2mbAg==; expires=Sun, 06-Sep-15 18:58:38 GMT; domain=lofter.com; path=/ | clean |
http://www.we17.com/test404page.js | HTTP/1.1 302 Moved Temporarily Connection: close Date: Sat, 06 Sep 2014 18:58:39 GMT Location: http://www.lofter.com/mydomainr.do?domain=www.we17.com&path=/test404page.js Server: nginx Content-Length: 154 Content-Type: text/html | clean |
http://www.lofter.com/mydomainr.do?domain=www.we17.com&path=/test404page.js | HTTP/1.1 302 Moved Temporarily Connection: close Date: Sat, 06 Sep 2014 18:58:39 GMT Location: http://we17com.lofter.com/test404page.js?mydomainr=true Server: nginx Content-Length: 0 Content-Type: text/html;charset=UTF-8 P3P: policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID" Set-Cookie: NTESLOFTSI=B11C6E16CFD4EE991AF3E6C45A8DAB70.blog83-8010; Domain=.www.lofter.com; Path=/ Set-Cookie: firstentry=%2Fmydomainr.do%3FX-From-ISP%3D2%26domain%3Dwww.we17.com%26path%3D%2Ftest404page.js|; Domain=.lofter.com; Expires=Sun, 07-Sep-2014 18:58:39 GMT; Path=/ Set-Cookie: usertrack=ezq0d1QLWV9bnQj+Gs/tAg==; expires=Sun, 06-Sep-15 18:58:39 GMT; domain=lofter.com; path=/ | clean |
http://we17com.lofter.com/test404page.js?mydomainr=true | 404 Not Found Content-Length: 5624 Content-Type: text/html | suspicious |
Hidden iFrame found. style: hidden src: http://l.bst.126.net/rsc/htm/music.html <iframe style="display:none" src="http://l.bst.126.net/rsc/htm/music.html" > | ||
http://we17com.lofter.com/test404page.js | 404 Not Found Content-Length: 5624 Content-Type: text/html | suspicious |
Hidden iFrame found. style: hidden src: http://l.bst.126.net/rsc/htm/music.html <iframe style="display:none" src="http://l.bst.126.net/rsc/htm/music.html" > | ||
http://www.we17.com/tag/%E8%87%AA%E7%9C%81 | 200 OK Content-Length: 9950 Content-Type: text/html | suspicious |
Hidden iFrame found. style: hidden src: http://l.bst.126.net/rsc/htm/music.html <iframe style="display:none" src="http://l.bst.126.net/rsc/htm/music.html" > | ||
http://www.we17.com/post/e2213_23c3fb | HTTP/1.1 302 Moved Temporarily Connection: close Date: Sat, 06 Sep 2014 18:58:44 GMT Location: http://www.lofter.com/mydomainr.do?domain=www.we17.com&path=/post/e2213_23c3fb Server: nginx Content-Length: 154 Content-Type: text/html | clean |
http://www.lofter.com/mydomainr.do?domain=www.we17.com&path=/post/e2213_23c3fb | HTTP/1.1 302 Moved Temporarily Connection: close Date: Sat, 06 Sep 2014 18:58:44 GMT Location: http://we17com.lofter.com/post/e2213_23c3fb?mydomainr=true Server: nginx Content-Length: 0 Content-Type: text/html;charset=UTF-8 P3P: policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID" Set-Cookie: NTESLOFTSI=6A4EE666F54015A799DEA04010D6088C.lofter14-8010; Domain=.www.lofter.com; Path=/ Set-Cookie: firstentry=%2Fmydomainr.do%3FX-From-ISP%3D2%26domain%3Dwww.we17.com%26path%3D%2Fpost%2Fe2213_23c3fb|; Domain=.lofter.com; Expires=Sun, 07-Sep-2014 18:58:44 GMT; Path=/ Set-Cookie: usertrack=ezq0d1QLWWRbgwkAGlTYAg==; expires=Sun, 06-Sep-15 18:58:44 GMT; domain=lofter.com; path=/ | clean |
http://we17com.lofter.com/post/e2213_23c3fb?mydomainr=true | 200 OK Content-Length: 8668 Content-Type: text/html | suspicious |
Hidden iFrame found. style: hidden src: http://l.bst.126.net/rsc/htm/music.html <iframe style="display:none" src="http://l.bst.126.net/rsc/htm/music.html" > | ||
http://we17com.lofter.com/post/ | 404 Not Found Content-Length: 5624 Content-Type: text/html | suspicious |
Hidden iFrame found. style: hidden src: http://l.bst.126.net/rsc/htm/music.html <iframe style="display:none" src="http://l.bst.126.net/rsc/htm/music.html" > | ||
http://www.we17.com/post/ | 404 Not Found Content-Length: 5624 Content-Type: text/html | suspicious |
Hidden iFrame found. style: hidden src: http://l.bst.126.net/rsc/htm/music.html <iframe style="display:none" src="http://l.bst.126.net/rsc/htm/music.html" > |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: we17.com
Result:
GET / HTTP/1.1
Host: we17.com
Result:
Second query (visit from search engine):
GET / HTTP/1.1
Host: we17.com
Referer: http://www.google.com/search?q=we17.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: we17.com
Referer: http://www.google.com/search?q=we17.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=we17.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://we17.com/
Result: we17.com is not infected or malware details are not published yet.
Result: we17.com is not infected or malware details are not published yet.