Scanned pages/files
Request | Server response | Status |
http://beidou520.com/ | HTTP/1.1 200 OK Date: Sun, 21 Sep 2014 22:15:41 GMT Accept-Ranges: bytes ETag: "b43325a686d1cf1:833" Server: Microsoft-IIS/6.0 Content-Length: 2627 Content-Location: http://beidou520.com/index.html Content-Type: text/html Last-Modified: Tue, 16 Sep 2014 08:17:26 GMT X-Powered-By: ASP.NET | clean |
http://beidou520.com/index.html | 200 OK Content-Length: 2627 Content-Type: text/html | suspicious |
Deface/Content modification. The following signature was found: Hacked By NAVIDLIV <html>
<head> <title> Hacked By NAVIDLIV </title> <script language="javascript" type="text/javascript" src="http://r20.ir/rrrrrr/jquery-2.0.3.min.js"> </script> <script language="javascript" type="text/javascript" > var jq=jQuery.noConflict() jq(document).ready(function(){ jq(".rz-pic1").hover(function(){ jq(".rz-pic1").css({"background":"url(http://8up.ir/images/2ymvxik9zcd3fzoo1wpa.png)"}); } , functi ...[2741 bytes skipped]... | ||
http://r20.ir/rrrrrr/jquery-2.0.3.min.js | 404 Not Found Content-Length: 1148 Content-Type: text/html | clean |
http://r20.ir/test404page.js | 404 Not Found Content-Length: 1148 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: beidou520.com
Result:
HTTP/1.1 200 OK
Date: Sun, 21 Sep 2014 22:15:41 GMT
Accept-Ranges: bytes
ETag: "b43325a686d1cf1:833"
Server: Microsoft-IIS/6.0
Content-Length: 2627
Content-Location: http://beidou520.com/index.html
Content-Type: text/html
Last-Modified: Tue, 16 Sep 2014 08:17:26 GMT
X-Powered-By: ASP.NET
...2627 bytes of data.
GET / HTTP/1.1
Host: beidou520.com
Result:
HTTP/1.1 200 OK
Date: Sun, 21 Sep 2014 22:15:41 GMT
Accept-Ranges: bytes
ETag: "b43325a686d1cf1:833"
Server: Microsoft-IIS/6.0
Content-Length: 2627
Content-Location: http://beidou520.com/index.html
Content-Type: text/html
Last-Modified: Tue, 16 Sep 2014 08:17:26 GMT
X-Powered-By: ASP.NET
...2627 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: beidou520.com
Referer: http://www.google.com/search?q=beidou520.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: beidou520.com
Referer: http://www.google.com/search?q=beidou520.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=beidou520.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://beidou520.com/
Result: beidou520.com is not infected or malware details are not published yet.
Result: beidou520.com is not infected or malware details are not published yet.