Scanned pages/files
Request | Server response | Status |
http://novagon.com/ | 200 OK Content-Length: 7539 Content-Type: text/html | suspicious |
Deface/Content modification. The following signature was found: // Hacked By : Scriptkiddie ...[328 bytes skipped]... eewall.com/mmc_uploads/1780-nice-white-wallpaper.jpg); margin-left: 0px; margin-top: 0px; margin-right: 0px; margin-bottom: 0px; background-position:right top; background-repeat:no-repeat; background-size:110% } .style1 { font-family: Arial, Helvetica, sans-serif; font-size: 12px; } </style> <script type="text/javascript"> // Hacked By : Scriptkiddie TypingText = function(element, interval, cursor, finishedCallback) { if((typeof document.getElementById == "undefined") || (typeof element.innerHTML == "undefined")) { this.running = true; return; } this.element = element; this.finishedCallback = (finishedCallback ? finishedCallback : function() { return; }); this.interval = (typeof interval == "undefined" ? 100 : interval); this.origText = this.eleme ...[7785 bytes skipped]... | ||
http://novagon.com/test404page.js | 404 Not Found Content-Length: 1041 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: novagon.com
Result:
HTTP/1.1 200 OK
Cache-Control: private
Date: Sun, 12 Jul 2015 15:39:14 GMT
Server: Microsoft-IIS/6.0
Content-Length: 7539
Content-Type: text/html; charset=utf-8
MicrosoftOfficeWebServer: 5.0_Pub
Set-Cookie: cookiesession1=1ROT8C0SJ2XDW3PJT1YOE22SKCXS9QJB;Path=/;HttpOnly
X-AspNet-Version: XXXXXXXXXX
X-Powered-By: PleskWin
X-Powered-By: ASP.NET
...7539 bytes of data.
GET / HTTP/1.1
Host: novagon.com
Result:
HTTP/1.1 200 OK
Cache-Control: private
Date: Sun, 12 Jul 2015 15:39:14 GMT
Server: Microsoft-IIS/6.0
Content-Length: 7539
Content-Type: text/html; charset=utf-8
MicrosoftOfficeWebServer: 5.0_Pub
Set-Cookie: cookiesession1=1ROT8C0SJ2XDW3PJT1YOE22SKCXS9QJB;Path=/;HttpOnly
X-AspNet-Version: XXXXXXXXXX
X-Powered-By: PleskWin
X-Powered-By: ASP.NET
...7539 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: novagon.com
Referer: http://www.google.com/search?q=novagon.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: novagon.com
Referer: http://www.google.com/search?q=novagon.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=novagon.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://novagon.com/
Result: novagon.com is not infected or malware details are not published yet.
Result: novagon.com is not infected or malware details are not published yet.