Scanned pages/files
Request | Server response | Status |
http://www.blog-bani.ru/ | HTTP/1.1 301 Moved Permanently Cache-Control: max-age=1209600 Connection: close Date: Thu, 19 Mar 2015 06:13:11 GMT Location: http://blog-bani.ru/ Server: nginx/1.6.2 Content-Length: 228 Content-Type: text/html; charset=iso-8859-1 Expires: Thu, 02 Apr 2015 06:13:11 GMT | clean |
http://blog-bani.ru/ | 200 OK Content-Length: 617 Content-Type: text/html | suspicious |
Deface/Content modification. The following signature was found: hacked. Notified by HolaKo,hacked by holako <html><META NAME='Description' CONTENT='hacked. Notified by HolaKo,hacked by holako'> <META NAME='Keywords' CONTENT='HolaKo,hacked,defaced,hacker,hacked by HolaKo,hacking ,defaced,defacement,hacking, HolaKo,defacer'> <title>Hacked By HolaKo</title> <style>h2 { color: white; text-align: center;}</style> <BODY BGCOLOR='black'> <div style='text-align: center;'><img border='0px' align='middle' src='http://www9.0zz0.com/2015/03/03/17/949089589.png' height='400' width='900' title='1337' alt='1337' /><pre> <b><h2>Hacked By HolaKo</h2> <h2>Free Palestine !</h2> <h2>Contact : v0v@outlook.com</h2> </pre> </div> </html> | ||
http://blog-bani.ru/test404page.js | 200 OK Content-Length: 617 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: blog-bani.ru
Result:
HTTP/1.1 200 OK
Connection: close
Date: Thu, 19 Mar 2015 06:13:12 GMT
Server: nginx/1.6.2
Content-Length: 617
Content-Type: text/html; charset=UTF-8
X-Powered-By: PHP/5.3.29
...617 bytes of data.
GET / HTTP/1.1
Host: blog-bani.ru
Result:
HTTP/1.1 200 OK
Connection: close
Date: Thu, 19 Mar 2015 06:13:12 GMT
Server: nginx/1.6.2
Content-Length: 617
Content-Type: text/html; charset=UTF-8
X-Powered-By: PHP/5.3.29
...617 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: blog-bani.ru
Referer: http://www.google.com/search?q=blog-bani.ru
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: blog-bani.ru
Referer: http://www.google.com/search?q=blog-bani.ru
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=blog-bani.ru
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://blog-bani.ru/
Result: blog-bani.ru is not infected or malware details are not published yet.
Result: blog-bani.ru is not infected or malware details are not published yet.