Scanned pages/files
Request | Server response | Status |
http://homepage1.nifty.com/ | 403 Forbidden Content-Length: 3390 Content-Type: text/html | clean |
http://cf.ad-v.jp/adam/cm8adam_1_call.js | 200 OK Content-Length: 19443 Content-Type: application/x-javascript | clean |
http://homepage1.nifty.com/test404page.js | HTTP/1.1 404 Not Found Connection: close Date: Tue, 16 Dec 2014 23:13:22 GMT ETag: "50f5f494-db1" Server: Apache Content-Length: 3505 Content-Type: text/html | clean |
http://www.nifty.com/?top21 | HTTP/1.1 200 OK Connection: close Date: Tue, 16 Dec 2014 23:13:24 GMT Accept-Ranges: bytes Server: Apache Vary: Accept-Encoding Content-Length: 105127 Content-Type: text/html Last-Modified: Tue, 16 Dec 2014 23:11:48 GMT X-Frame-Options: DENY | clean |
http://www.nifty.com/text/ | 200 OK Content-Length: 50993 Content-Type: text/html | suspicious |
Suspicious code found <div id="search" class="pkg"> <form id="srchForm" name="srchForm" action="http://search.nifty.com/cgi-bin/gosearch.cgi"> <div id="srcHiddenParm"> <input type="hidden" name="cflg" value="õ" /> <input type="hidden" name="frm" value="nifty_top_txt_tp" /> <input type="hidden" name="select2" value="õ" /> </div> <div id="srchInptElmnt"> <input ty <input class="btnSubmit" type="submit" value="EFuõ" /> </div> </form> <!--SrchOptn--> <div id="SrchOptn"> <span class="item"><a href="http://www.nifty.com/category/" onmousedown="return countlink('www','txttop_category',this.href);">@niftyT[rXê</a></span> </div> <!--/SrchOptn--> </div> | ||
http://www.nifty.com/text/misc/js/niftop_js_140206_1100.txt | 200 OK Content-Length: 35395 Content-Type: text/plain | clean |
http://www.nifty.com/text/misc/js/\"javascript:void(0);\" | 404 Not Found Content-Length: 3609 Content-Type: text/html | clean |
http://www.nifty.com/?top20 | HTTP/1.1 200 OK Connection: close Date: Tue, 16 Dec 2014 23:13:31 GMT Accept-Ranges: bytes Server: Apache Vary: Accept-Encoding Content-Length: 105137 Content-Type: text/html Last-Modified: Tue, 16 Dec 2014 23:12:44 GMT X-Frame-Options: DENY | clean |
http://www.nifty.com/test404page.js | 404 Not Found Content-Length: 3609 Content-Type: text/html | clean |
http://www.nifty.com/ | HTTP/1.1 200 OK Connection: close Date: Tue, 16 Dec 2014 23:13:34 GMT Accept-Ranges: bytes Server: Apache Vary: Accept-Encoding Content-Length: 105137 Content-Type: text/html Last-Modified: Tue, 16 Dec 2014 23:12:44 GMT X-Frame-Options: DENY | clean |
http://www.nifty.com/users/signup/indexf.htm | 200 OK Content-Length: 4225 Content-Type: text/html | clean |
http://www.nifty.com/users/signup/../info/js/common.js | 200 OK Content-Length: 970 Content-Type: application/javascript | clean |
http://www.nifty.com/users/signup/ | 200 OK Content-Length: 4222 Content-Type: text/html | clean |
http://www.nifty.com/setsuzoku/ | HTTP/1.1 200 OK Connection: close Date: Tue, 16 Dec 2014 23:13:38 GMT Accept-Ranges: bytes ETag: "16527b-22e-43dc0f0a1e6c0" Server: Apache Content-Length: 558 Content-Type: text/html Last-Modified: Wed, 31 Oct 2007 02:46:27 GMT | clean |
http://setsuzoku.nifty.com/ | 200 OK Content-Length: 32370 Content-Type: text/html | suspicious |
Hidden iFrame found. size: 1x1 src: http://o.advg.jp/oif?aid=1416&pid=8 <iframe src="http://o.advg.jp/oif?aid=1416&pid=8" width="1" height="1"> | ||
http://setsuzoku.nifty.com/common/js/mjl.js | 200 OK Content-Length: 38335 Content-Type: application/javascript | clean |
http://www.nifty.com/common/js/jquery.js | 404 Not Found Content-Length: 3609 Content-Type: text/html | clean |
http://www.nifty.com/policy/link_copy.htm | 200 OK Content-Length: 7083 Content-Type: text/html | clean |
http://www.nifty.com/policy/../misc/common.js | 200 OK Content-Length: 3121 Content-Type: application/javascript | clean |
http://www.nifty.com/policy/ | HTTP/1.1 200 OK Connection: close Date: Tue, 16 Dec 2014 23:13:46 GMT Accept-Ranges: bytes Server: Apache Vary: Accept-Encoding,User-Agent Content-Length: 577 Content-Type: text/html Expires: Tue, 16 Dec 2014 23:13:46 GMT Last-Modified: Mon, 30 Aug 2010 01:37:24 GMT Set-Cookie: PUSER=ALAgggQAgOFoggLMg5ggGgSWFgggOgSkgrAX01gggUg5NgSIgzUQggmRpbHJvenfFaDgw8Agg; expires=Mon, 18-Jan-2038 03:14:07 GMT; DOMAIN=nifty.com; PATH=/ X-FRAME-OPTIONS: SAMEORIGIN | clean |
http://www.nifty.co.jp/privacy/ | 200 OK Content-Length: 30821 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: homepage1.nifty.com
Result:
HTTP/1.1 403 Forbidden
Connection: close
Date: Tue, 16 Dec 2014 23:13:20 GMT
ETag: "50f5f493-d3e"
Server: Apache
Content-Length: 3390
Content-Type: text/html
...3390 bytes of data.
GET / HTTP/1.1
Host: homepage1.nifty.com
Result:
HTTP/1.1 403 Forbidden
Connection: close
Date: Tue, 16 Dec 2014 23:13:20 GMT
ETag: "50f5f493-d3e"
Server: Apache
Content-Length: 3390
Content-Type: text/html
...3390 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: homepage1.nifty.com
Referer: http://www.google.com/search?q=homepage1.nifty.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: homepage1.nifty.com
Referer: http://www.google.com/search?q=homepage1.nifty.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=homepage1.nifty.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://homepage1.nifty.com/
Result: homepage1.nifty.com is not infected or malware details are not published yet.
Result: homepage1.nifty.com is not infected or malware details are not published yet.