Scanned pages/files
Request | Server response | Status |
http://nfemcr.com/ | 200 OK Content-Length: 10319 Content-Type: text/html | suspicious |
Deface/Content modification. The following signature was found: HaCkeD By Tn-Sn!PeR ...[9257 bytes skipped]... 051">tem</font> Re<FONT face="Courier New" color="#565051">moz</font></font></marquee> </td> </table> <table border=1 bordercolor=red width="600"> <tr> <td width="590"> <font style="font-size: 16pt;" size="4"> <script type="text/javascript"> ;(function(){ var msg = "HaCkeD By Tn-Sn!PeR"; var size = 24; var circleY = 0.75; var circleX = 2; var letter_spacing = 5; var diameter = 10; var rotation = 0.4; var speed = 0.15; </script> <script language="Javascript"><!-- var tl=new Array( " ", " Attention !!! ", " ", " You have been Hacked Remoz !!!, not because of your stupidity", " That's because we love you, and we want to warn you", " That ...[3044 bytes skipped]... | ||
http://nfemcr.com/test404page.js | 404 Not Found Content-Length: 5196 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: nfemcr.com
Result:
HTTP/1.1 200 OK
Date: Mon, 03 Nov 2014 18:15:22 GMT
Accept-Ranges: bytes
ETag: "6ad1ad85822ecf1:0"
Server: Microsoft-IIS/7.5
Content-Length: 10319
Content-Type: text/html
Last-Modified: Thu, 20 Feb 2014 21:27:14 GMT
X-Powered-By: ASP.NET
X-Powered-By-Plesk: PleskWin
...10319 bytes of data.
GET / HTTP/1.1
Host: nfemcr.com
Result:
HTTP/1.1 200 OK
Date: Mon, 03 Nov 2014 18:15:22 GMT
Accept-Ranges: bytes
ETag: "6ad1ad85822ecf1:0"
Server: Microsoft-IIS/7.5
Content-Length: 10319
Content-Type: text/html
Last-Modified: Thu, 20 Feb 2014 21:27:14 GMT
X-Powered-By: ASP.NET
X-Powered-By-Plesk: PleskWin
...10319 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: nfemcr.com
Referer: http://www.google.com/search?q=nfemcr.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: nfemcr.com
Referer: http://www.google.com/search?q=nfemcr.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=nfemcr.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://nfemcr.com/
Result: nfemcr.com is not infected or malware details are not published yet.
Result: nfemcr.com is not infected or malware details are not published yet.