Scanned pages/files
Request | Server response | Status |
http://yofee2u.com/ | 200 OK Content-Length: 2761 Content-Type: text/html | suspicious |
Deface/Content modification. The following signature was found: Hacked By ByTe <html> <head> <link rel="shortcut icon" href="http://s1307.hizliresim.com/1c/n/qk7kn.png"/> <title>Hacked By ByTe</title> </head> <body bgcolor="black"> <center><br><br> <img src="http://i.hizliresim.com/AAB3pB.png"> <sup> </script><style type="text/css"> <!-- .ahgcrewstyle { color: #F00; } .ahg { color: #0F0; } --> </style> </head> <link rel="shortcut icon" hr ...[2999 bytes skipped]... | ||
http://scmplayer.net/script.js | 403 Forbidden Content-Length: 5154 Content-Type: text/html | clean |
http://scmplayer.net/cdn-cgi/scripts/zepto.min.js | 200 OK Content-Length: 24975 Content-Type: application/javascript | clean |
http://scmplayer.net/cdn-cgi/scripts/cf.common.js | 200 OK Content-Length: 4408 Content-Type: application/javascript | clean |
http://scmplayer.net/cdn-cgi/scripts/cf.challenge.js | 200 OK Content-Length: 15290 Content-Type: application/javascript | clean |
http://scmplayer.net/test404page.js | 403 Forbidden Content-Length: 5154 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: yofee2u.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Thu, 16 Apr 2015 10:07:52 GMT
Server: nginx/1.6.3
Content-Type: text/html
GET / HTTP/1.1
Host: yofee2u.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Thu, 16 Apr 2015 10:07:52 GMT
Server: nginx/1.6.3
Content-Type: text/html
Second query (visit from search engine):
GET / HTTP/1.1
Host: yofee2u.com
Referer: http://www.google.com/search?q=yofee2u.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: yofee2u.com
Referer: http://www.google.com/search?q=yofee2u.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=yofee2u.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://yofee2u.com/
Result: yofee2u.com is not infected or malware details are not published yet.
Result: yofee2u.com is not infected or malware details are not published yet.