Scanned pages/files
Request | Server response | Status |
http://zgao.org/ | HTTP/1.1 302 Moved Temporarily Connection: close Date: Sun, 01 Jun 2014 23:18:06 GMT Location: http://www.lofter.com/mydomainr.do?domain=zgao.org&path=/ Server: nginx Content-Length: 154 Content-Type: text/html | clean |
http://www.lofter.com/mydomainr.do?domain=zgao.org&path=/ | HTTP/1.1 302 Moved Temporarily Connection: close Date: Sun, 01 Jun 2014 23:18:07 GMT Location: http://gaozheng.lofter.com/?mydomainr=true Server: nginx Content-Length: 0 Content-Type: text/html;charset=UTF-8 P3P: policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID" Set-Cookie: NTESLOFTSI=4767D23A6120F7EF66326C9647DE9BD9.blog83-8010; Domain=.www.lofter.com; Path=/ Set-Cookie: firstentry=%2Fmydomainr.do%3Fdomain%3Dzgao.org%26path%3D%2F|; Domain=.lofter.com; Expires=Mon, 02-Jun-2014 23:18:07 GMT; Path=/ Set-Cookie: usertrack=ZUcIg1OLtK+SGRC6Io0EAg==; expires=Mon, 01-Jun-15 23:18:07 GMT; domain=lofter.com; path=/ | clean |
http://gaozheng.lofter.com/?mydomainr=true | 200 OK Content-Length: 10891 Content-Type: text/html | suspicious |
Hidden iFrame found. style: hidden src: http://l.bst.126.net/rsc/htm/music.html <iframe style="display:none" src="http://l.bst.126.net/rsc/htm/music.html" > | ||
http://lofter.ph.126.net/w_SD7NyHwj1cMtsx_dDfsw==/5629542415166606617.js | 200 OK Content-Length: 41528 Content-Type: application/javascript | clean |
http://lofter.ph.126.net/WixTvrpVJaNBoxTepYE5_Q==/5629542415166606618.js | 200 OK Content-Length: 5486 Content-Type: application/javascript | clean |
http://lofter.ph.126.net/twhcFs2NEfz4lTn2neLSZg==/6597125841749016978.js | 200 OK Content-Length: 1021 Content-Type: application/javascript | clean |
http://l.bst.126.net/rsc/js/themecommon.js?0005 | 200 OK Content-Length: 2224 Content-Type: application/x-javascript | clean |
http://analytics.163.com/ntes.js | 200 OK Content-Length: 19378 Content-Type: application/x-javascript | clean |
http://zgao.org/view | HTTP/1.1 302 Moved Temporarily Connection: close Date: Sun, 01 Jun 2014 23:18:18 GMT Location: http://www.lofter.com/mydomainr.do?domain=zgao.org&path=/view Server: nginx Content-Length: 154 Content-Type: text/html | clean |
http://www.lofter.com/mydomainr.do?domain=zgao.org&path=/view | HTTP/1.1 302 Moved Temporarily Connection: close Date: Sun, 01 Jun 2014 23:18:19 GMT Location: http://gaozheng.lofter.com/view?mydomainr=true Server: nginx Content-Length: 0 Content-Type: text/html;charset=UTF-8 P3P: policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID" Set-Cookie: NTESLOFTSI=0EB671832AC613398F4F28C5698431FE.blog83-8010; Domain=.www.lofter.com; Path=/ Set-Cookie: firstentry=%2Fmydomainr.do%3Fdomain%3Dzgao.org%26path%3D%2Fview|; Domain=.lofter.com; Expires=Mon, 02-Jun-2014 23:18:19 GMT; Path=/ Set-Cookie: usertrack=ZUcIhFOLtLsVq1oGIUm0Ag==; expires=Mon, 01-Jun-15 23:18:19 GMT; domain=lofter.com; path=/ | clean |
http://gaozheng.lofter.com/view?mydomainr=true | 200 OK Content-Length: 37880 Content-Type: text/html | clean |
http://l.bst.126.net/s/core.js?f86092792628ad97f9000ee35dfcd149 | 200 OK Content-Length: 85348 Content-Type: application/x-javascript | clean |
http://l.bst.126.net/s/pt_page_archive.js?f2c33eeecfd5b55bd930d8676c444c26 | 200 OK Content-Length: 72906 Content-Type: application/x-javascript | clean |
http://zgao.org/test404page.js | HTTP/1.1 302 Moved Temporarily Connection: close Date: Sun, 01 Jun 2014 23:18:24 GMT Location: http://www.lofter.com/mydomainr.do?domain=zgao.org&path=/test404page.js Server: nginx Content-Length: 154 Content-Type: text/html | clean |
http://www.lofter.com/mydomainr.do?domain=zgao.org&path=/test404page.js | HTTP/1.1 302 Moved Temporarily Connection: close Date: Sun, 01 Jun 2014 23:18:25 GMT Location: http://gaozheng.lofter.com/test404page.js?mydomainr=true Server: nginx Content-Length: 0 Content-Type: text/html;charset=UTF-8 P3P: policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID" Set-Cookie: NTESLOFTSI=FDBC96FF9168A1C87A6E2286DF1A929D.lofter0-8010; Domain=.www.lofter.com; Path=/ Set-Cookie: firstentry=%2Fmydomainr.do%3Fdomain%3Dzgao.org%26path%3D%2Ftest404page.js|; Domain=.lofter.com; Expires=Mon, 02-Jun-2014 23:18:25 GMT; Path=/ Set-Cookie: usertrack=ZUcIg1OLtMGSjxC9JHLWAg==; expires=Mon, 01-Jun-15 23:18:25 GMT; domain=lofter.com; path=/ | clean |
http://gaozheng.lofter.com/test404page.js?mydomainr=true | 404 Not Found Content-Length: 7136 Content-Type: text/html | suspicious |
Hidden iFrame found. style: hidden src: http://l.bst.126.net/rsc/htm/music.html <iframe style="display:none" src="http://l.bst.126.net/rsc/htm/music.html" > | ||
http://l.bst.126.net/rsc/js/theme/r/pagephotoshow.min.js?0002 | 200 OK Content-Length: 54020 Content-Type: application/x-javascript | clean |
http://zgao.org/rss | 200 OK Content-Length: 6137 Content-Type: text/xml | clean |
http://zgao.org/post/4b3bd_1319dca | 200 OK Content-Length: 8655 Content-Type: text/html | suspicious |
Hidden iFrame found. style: hidden src: http://l.bst.126.net/rsc/htm/music.html <iframe style="display:none" src="http://l.bst.126.net/rsc/htm/music.html" > | ||
http://zgao.org/post/ | HTTP/1.1 302 Moved Temporarily Connection: close Date: Sun, 01 Jun 2014 23:18:30 GMT Location: http://www.lofter.com/mydomainr.do?domain=zgao.org&path=/post/ Server: nginx Content-Length: 154 Content-Type: text/html | clean |
http://www.lofter.com/mydomainr.do?domain=zgao.org&path=/post/ | HTTP/1.1 302 Moved Temporarily Connection: close Date: Sun, 01 Jun 2014 23:18:31 GMT Location: http://gaozheng.lofter.com/post/?mydomainr=true Server: nginx Content-Length: 0 Content-Type: text/html;charset=UTF-8 P3P: policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID" Set-Cookie: NTESLOFTSI=7BC41E2467951E082CB985FD171D2348.lofter1-8010; Domain=.www.lofter.com; Path=/ Set-Cookie: firstentry=%2Fmydomainr.do%3Fdomain%3Dzgao.org%26path%3D%2Fpost%2F|; Domain=.lofter.com; Expires=Mon, 02-Jun-2014 23:18:31 GMT; Path=/ Set-Cookie: usertrack=ZUcIg1OLtMeY+BDYJIV5Ag==; expires=Mon, 01-Jun-15 23:18:31 GMT; domain=lofter.com; path=/ | clean |
http://gaozheng.lofter.com/post/?mydomainr=true | 404 Not Found Content-Length: 7136 Content-Type: text/html | suspicious |
Hidden iFrame found. style: hidden src: http://l.bst.126.net/rsc/htm/music.html <iframe style="display:none" src="http://l.bst.126.net/rsc/htm/music.html" > | ||
http://gaozheng.lofter.com/ | HTTP/1.1 301 Moved Permanently Connection: close Date: Sun, 01 Jun 2014 23:18:32 GMT Location: http://zgao.org Server: nginx Content-Length: 0 Content-Type: text/html;charset=UTF-8 P3P: policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID" Set-Cookie: NTESLOFTSI=8A5F91E0B2327B62A8F50C7165A74537.blog198-8010; Domain=.www.lofter.com; Path=/ Set-Cookie: firstentry=%2Fblogindex.do%3FloftBlogName%3Dgaozheng%26|; Domain=.lofter.com; Expires=Mon, 02-Jun-2014 23:18:32 GMT; Path=/ Set-Cookie: usertrack=ZUcIg1OLtMiS/BC/I3FRAg==; expires=Mon, 01-Jun-15 23:18:32 GMT; domain=lofter.com; path=/ | clean |
http://zgao.org/tag/%E8%A5%8C | HTTP/1.1 302 Moved Temporarily Connection: close Date: Sun, 01 Jun 2014 23:18:33 GMT Location: http://www.lofter.com/mydomainr.do?domain=zgao.org&path=/tag/%E8%A5%8C Server: nginx Content-Length: 154 Content-Type: text/html | clean |
http://www.lofter.com/mydomainr.do?domain=zgao.org&path=/tag/%e8%a5%8c | HTTP/1.1 302 Moved Temporarily Connection: close Date: Sun, 01 Jun 2014 23:18:33 GMT Location: http://gaozheng.lofter.com/tag/�mydomainr=true Server: nginx Content-Length: 0 Content-Type: text/html;charset=UTF-8 P3P: policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID" Set-Cookie: NTESLOFTSI=FF1358F8F40A0DD8444234E8AC0DB9B0.blog197-8010; Domain=.www.lofter.com; Path=/ Set-Cookie: firstentry=%2Fmydomainr.do%3Fdomain%3Dzgao.org%26path%3D%2Ftag%2F%25e8%25a5%258c|; Domain=.lofter.com; Expires=Mon, 02-Jun-2014 23:18:33 GMT; Path=/ Set-Cookie: usertrack=ZUcIg1OLtMmZOhDZJerVAg==; expires=Mon, 01-Jun-15 23:18:33 GMT; domain=lofter.com; path=/ | clean |
http://gaozheng.lofter.com/tag/�mydomainr=true | 200 OK Content-Length: 7043 Content-Type: text/html | suspicious |
Hidden iFrame found. style: hidden src: http://l.bst.126.net/rsc/htm/music.html <iframe style="display:none" src="http://l.bst.126.net/rsc/htm/music.html" > |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: zgao.org
Result:
HTTP/1.1 302 Moved Temporarily
Connection: close
Date: Sun, 01 Jun 2014 23:18:06 GMT
Location: http://www.lofter.com/mydomainr.do?domain=zgao.org&path=/
Server: nginx
Content-Length: 154
Content-Type: text/html
...154 bytes of data.
GET / HTTP/1.1
Host: zgao.org
Result:
HTTP/1.1 302 Moved Temporarily
Connection: close
Date: Sun, 01 Jun 2014 23:18:06 GMT
Location: http://www.lofter.com/mydomainr.do?domain=zgao.org&path=/
Server: nginx
Content-Length: 154
Content-Type: text/html
...154 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: zgao.org
Referer: http://www.google.com/search?q=zgao.org
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: zgao.org
Referer: http://www.google.com/search?q=zgao.org
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=zgao.org
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://zgao.org/
Result: zgao.org is not infected or malware details are not published yet.
Result: zgao.org is not infected or malware details are not published yet.