Scanned pages/files
| Request | Server response | Status |
http://www.finox.bg/ | 200 OK Content-Length: 1035 Content-Type: text/html | clean |
http://www.finox.bg/home.php?lang=bg | 200 OK Content-Length: 5246 Content-Type: text/html | suspicious |
Deface/Content modification. The following signature was found: Hacked by Bulgarian Cyber Army ...[4471 bytes skipped]... ÑоÑанÑи, баÑове, Ñ Ð¾Ñели, ÑÑпеÑмаÑкеÑи и Ñ.н.</span></div> <div id ="midnewsbox"><span class="blue" style="margin-left:10px;">Ðовини</span><br><br> <table width='460' cellspacing='10'><tr><td class='newsdate'> 2014-12-28 </td><td class='newstitle'> <a href='getnews.php?nid=8&lang=bg' >Hacked by Bulgarian Cyber Army</a></td></tr></table></div> </div> </div> <div id="banners"> <h4> ÐÑÑги пÑодÑкÑи </h4> <iframe src="media/zi_caffe/Zi caffe_205x70 pxl_1 JUL_v2.html" width="249" height="85" id="zi_caffe_banner">Zi Caffe</iframe><br/> <a href="http://www.kuhnensko.com"><img width="250" height="75" src="/media/images/rapido_link.jpg" alt="Rapido"> ...[1380 bytes skipped]... | ||
http://www.finox.bg/about.php?lang=bg | 200 OK Content-Length: 5713 Content-Type: text/html | clean |
http://www.finox.bg/products.php?lang=bg&cat=0&item=0 | 200 OK Content-Length: 7481 Content-Type: text/html | clean |
http://www.finox.bg/lib/highslide/highslide.js | 200 OK Content-Length: 50249 Content-Type: application/javascript | clean |
http://www.finox.bg/lib/custom-form-elements.js | 200 OK Content-Length: 4942 Content-Type: application/javascript | clean |
http://www.finox.bg/distributor.php?lang=bg | 200 OK Content-Length: 4667 Content-Type: text/html | clean |
http://www.finox.bg/news.php?lang=bg&str=0 | 200 OK Content-Length: 4980 Content-Type: text/html | clean |
http://www.finox.bg/contacts.php?lang=bg | 200 OK Content-Length: 6569 Content-Type: text/html | clean |
http://www.finox.bg/lib/md5.js | 200 OK Content-Length: 8570 Content-Type: application/javascript | clean |
http://www.finox.bg/lib/jcap.js | 200 OK Content-Length: 8200 Content-Type: application/javascript | clean |
http://www.finox.bg/lib/validator.js | 200 OK Content-Length: 26775 Content-Type: application/javascript | clean |
http://www.finox.bg/topselling.php?lang=bg | 200 OK Content-Length: 10522 Content-Type: text/html | clean |
http://www.finox.bg/promo.php?lang=bg | 200 OK Content-Length: 8038 Content-Type: text/html | clean |
http://www.finox.bg/products.php?lang=bg&cat=1&item=0 | 200 OK Content-Length: 10863 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: finox.bg
Result:
GET / HTTP/1.1
Host: finox.bg
Result:
Second query (visit from search engine):
GET / HTTP/1.1
Host: finox.bg
Referer: http://www.google.com/search?q=finox.bg
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: finox.bg
Referer: http://www.google.com/search?q=finox.bg
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=finox.bg
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://finox.bg/
Result: finox.bg is not infected or malware details are not published yet.
Result: finox.bg is not infected or malware details are not published yet.