Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: fnr-top.com
Result:
HTTP/1.1 200 OK
Cache-Control: private
Connection: close
Date: Tue, 29 Jul 2014 16:17:57 GMT
Pragma: private
Server: nginx admin
Vary: Accept-Encoding
Content-Type: text/html; charset=windows-1256
Set-Cookie: bblastvisit=1406650677; expires=Wed, 29-Jul-2015 16:17:57 GMT; path=/
Set-Cookie: bblastactivity=0; expires=Wed, 29-Jul-2015 16:17:57 GMT; path=/
X-Cache: HIT from Backend
X-UA-Compatible: IE=7
GET / HTTP/1.1
Host: fnr-top.com
Result:
HTTP/1.1 200 OK
Cache-Control: private
Connection: close
Date: Tue, 29 Jul 2014 16:17:57 GMT
Pragma: private
Server: nginx admin
Vary: Accept-Encoding
Content-Type: text/html; charset=windows-1256
Set-Cookie: bblastvisit=1406650677; expires=Wed, 29-Jul-2015 16:17:57 GMT; path=/
Set-Cookie: bblastactivity=0; expires=Wed, 29-Jul-2015 16:17:57 GMT; path=/
X-Cache: HIT from Backend
X-UA-Compatible: IE=7
Second query (visit from search engine):
GET / HTTP/1.1
Host: fnr-top.com
Referer: http://www.google.com/search?q=fnr-top.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: fnr-top.com
Referer: http://www.google.com/search?q=fnr-top.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Scanned pages/files
Request | Server response | Status |
http://fnr-top.com/ | 200 OK Content-Length: 83842 Content-Type: text/html | clean |
http://fnr-top.com/clientscript/yui/yahoo-dom-event/yahoo-dom-event.js?v=387 | 200 OK Content-Length: 36628 Content-Type: application/x-javascript | clean |
http://fnr-top.com/clientscript/yui/connection/connection-min.js?v=387 | 200 OK Content-Length: 11604 Content-Type: application/x-javascript | clean |
http://fnr-top.com/clientscript/vbulletin_global.js?v=387 | 200 OK Content-Length: 26014 Content-Type: application/x-javascript | clean |
http://fnr-top.com/clientscript/vbulletin_menu.js?v=387 | 200 OK Content-Length: 9427 Content-Type: application/x-javascript | clean |
http://fnr-top.com/clientscript/vbulletin_md5.js?v=387 | 200 OK Content-Length: 5464 Content-Type: application/x-javascript | clean |
http://fnr-top.com/clientscript/vbulletin_read_marker.js?v=387 | 200 OK Content-Length: 3426 Content-Type: application/x-javascript | clean |
http://fnr-top.com/showthread.php?s=e8f71ca491fae3364bda4e2162d91d7c&goto=newpost&t=833 | HTTP/1.1 302 Moved Temporarily Connection: close Date: Tue, 29 Jul 2014 16:18:00 GMT Location: http://fnr-top.com/showthread.php?s=e8f71ca491fae3364bda4e2162d91d7c&p=7523#post7523 Server: nginx admin Content-Length: 0 Content-Type: text/html Set-Cookie: bblastvisit=1406650680; expires=Wed, 29-Jul-2015 16:18:00 GMT; path=/ Set-Cookie: bblastactivity=0; expires=Wed, 29-Jul-2015 16:18:00 GMT; path=/ X-UA-Compatible: IE=7 | clean |
http://fnr-top.com/showthread.php?s=e8f71ca491fae3364bda4e2162d91d7c&p=7523 | 200 OK Content-Length: 65807 Content-Type: text/html | clean |
http://fnr-top.com/clientscript/vbulletin_post_loader.js?v=387 | 200 OK Content-Length: 2024 Content-Type: application/x-javascript | clean |
http://fnr-top.com//pagead2.googlesyndication.com/pagead/js/adsbygoogle.js/ | 404 Not Found Content-Length: 372 Content-Type: text/html | clean |
http://fnr-top.com/test404page.js | 404 Not Found Content-Length: 331 Content-Type: text/html | clean |
http://fnr-top.com/clientscript/vbulletin_lightbox.js?v=387 | 200 OK Content-Length: 12989 Content-Type: application/x-javascript | clean |
http://fnr-top.com/showthread.php?s=e8f71ca491fae3364bda4e2162d91d7c&goto=newpost&t=835 | HTTP/1.1 302 Moved Temporarily Connection: close Date: Tue, 29 Jul 2014 16:18:02 GMT Location: http://fnr-top.com/showthread.php?s=e8f71ca491fae3364bda4e2162d91d7c&p=7522#post7522 Server: nginx admin Content-Length: 0 Content-Type: text/html Set-Cookie: bblastvisit=1406650682; expires=Wed, 29-Jul-2015 16:18:02 GMT; path=/ Set-Cookie: bblastactivity=0; expires=Wed, 29-Jul-2015 16:18:02 GMT; path=/ X-UA-Compatible: IE=7 | clean |
http://fnr-top.com/showthread.php?s=e8f71ca491fae3364bda4e2162d91d7c&p=7522 | 200 OK Content-Length: 90694 Content-Type: text/html | clean |
http://fnr-top.com/showthread.php?s=e8f71ca491fae3364bda4e2162d91d7c&goto=newpost&t=699 | HTTP/1.1 302 Moved Temporarily Connection: close Date: Tue, 29 Jul 2014 16:18:02 GMT Location: http://fnr-top.com/showthread.php?s=e8f71ca491fae3364bda4e2162d91d7c&p=7520#post7520 Server: nginx admin Content-Length: 0 Content-Type: text/html Set-Cookie: bblastvisit=1406650682; expires=Wed, 29-Jul-2015 16:18:02 GMT; path=/ Set-Cookie: bblastactivity=0; expires=Wed, 29-Jul-2015 16:18:02 GMT; path=/ X-UA-Compatible: IE=7 | clean |
http://fnr-top.com/showthread.php?s=e8f71ca491fae3364bda4e2162d91d7c&p=7520 | 200 OK Content-Length: 84605 Content-Type: text/html | clean |
http://fnr-top.com/showthread.php?s=e8f71ca491fae3364bda4e2162d91d7c&goto=newpost&t=723 | HTTP/1.1 302 Moved Temporarily Connection: close Date: Tue, 29 Jul 2014 16:18:03 GMT Location: http://fnr-top.com/showthread.php?s=e8f71ca491fae3364bda4e2162d91d7c&p=7517#post7517 Server: nginx admin Content-Length: 0 Content-Type: text/html Set-Cookie: bblastvisit=1406650683; expires=Wed, 29-Jul-2015 16:18:03 GMT; path=/ Set-Cookie: bblastactivity=0; expires=Wed, 29-Jul-2015 16:18:03 GMT; path=/ X-UA-Compatible: IE=7 | clean |
http://fnr-top.com/showthread.php?s=e8f71ca491fae3364bda4e2162d91d7c&p=7517 | 200 OK Content-Length: 61844 Content-Type: text/html | clean |
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=fnr-top.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://fnr-top.com/
Result: fnr-top.com is not infected or malware details are not published yet.
Result: fnr-top.com is not infected or malware details are not published yet.