Scanned pages/files
| Request | Server response | Status |
http://canoefzh.com/ | 200 OK Content-Length: 97464 Content-Type: text/html | suspicious |
Deface/Content modification. The following signature was found: nd-color: white+ADsAIgA+ACY-nbsp+ADsAPA-title+AD4-Hacked By Laakel En Person+ADw-/title+AD4APA-link ...[171 bytes skipped]... g="zh-CN"> <![endif]--> <!--[if !(IE 7) | !(IE 8) ]><!--> <html lang="zh-CN"> <!--<![endif]--> <head> <meta charset="UTF-7" /> <meta name="viewport" content="width=device-width" /> <title>+ADw-/title+AD4 +ADw-html+AD4APA-head+AD4APA-/head+AD4APA-body style+AD0AIg-background-color: white+ADsAIgA+ACY-nbsp+ADsAPA-title+AD4-Hacked By Laakel En Person+ADw-/title+AD4APA-link href+AD0AIg-http://fonts.googleapis.com/css?family+AD0-Share+ACs-Tech+ACs-Mono+ACI rel+AD0AIg-stylesheet+ACI type+AD0AIg-text/css+ACIAPgA8-link href+AD0AIg-http://fonts.googleapis.com/css?family+AD0-Geo+ACI rel+AD0AIg-std ylesheet+ACI type+AD0AIg-text/css+ACIAPgA8ACE--- twitter fin --+AD4APA-center+AD4 +ADw-img src+AD0AIg-http://www.akhbarelyoum.dz/ar/images/aiHa+AF8-alchbab+AF8-hafdhoua+AF8-Ala+AF8-amana+AF8-alchHdaa.jpg+ACI + ...[102503 bytes skipped]... | ||
http://canoefzh.com/wp-includes/js/jquery/jquery.js?ver=1.11.1 | 200 OK Content-Length: 95807 Content-Type: application/javascript | clean |
http://canoefzh.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.2.1 | 200 OK Content-Length: 7200 Content-Type: application/javascript | clean |
http://canoefzh.com/wp-content/themes/twentytwelve/js/navigation.js?ver=1.0 | 200 OK Content-Length: 863 Content-Type: application/javascript | clean |
http://canoefzh.com/?p=235 | 200 OK Content-Length: 56157 Content-Type: text/html | clean |
http://canoefzh.com/wp-includes/js/comment-reply.min.js?ver=4.1.8 | 200 OK Content-Length: 757 Content-Type: application/javascript | clean |
http://canoefzh.com/?cat=7 | 200 OK Content-Length: 97254 Content-Type: text/html | clean |
http://canoefzh.com/?author=1 | 200 OK Content-Length: 103614 Content-Type: text/html | clean |
http://canoefzh.com/?author=1&paged=2 | 200 OK Content-Length: 76313 Content-Type: text/html | clean |
http://canoefzh.com/?author=1&paged=3 | 200 OK Content-Length: 73926 Content-Type: text/html | clean |
http://canoefzh.com/?author=1&paged=4 | 200 OK Content-Length: 72598 Content-Type: text/html | clean |
http://canoefzh.com/?author=1&paged=5 | 200 OK Content-Length: 54974 Content-Type: text/html | clean |
http://canoefzh.com/?p=16 | 200 OK Content-Length: 63746 Content-Type: text/html | clean |
http://canoefzh.com/?cat=5 | 200 OK Content-Length: 77011 Content-Type: text/html | clean |
http://canoefzh.com/?p=195 | 200 OK Content-Length: 66740 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: canoefzh.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Thu, 03 Dec 2015 15:21:36 GMT
Via: 1.0 localhost (squid/3.1.20)
Server: Apache/2.2.27 (Unix) mod_ssl/2.2.27 OpenSSL/1.0.1e-fips mod_bwlimited/1.4 mod_perl/2.0.8 Perl/v5.10.1
Content-Type: text/html; charset=UTF-7
X-Cache: MISS from localhost
X-Cache-Lookup: MISS from localhost:80
X-Pingback: http://canoefzh.com/xmlrpc.php
X-Powered-By: PHP/5.3.29
GET / HTTP/1.1
Host: canoefzh.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Thu, 03 Dec 2015 15:21:36 GMT
Via: 1.0 localhost (squid/3.1.20)
Server: Apache/2.2.27 (Unix) mod_ssl/2.2.27 OpenSSL/1.0.1e-fips mod_bwlimited/1.4 mod_perl/2.0.8 Perl/v5.10.1
Content-Type: text/html; charset=UTF-7
X-Cache: MISS from localhost
X-Cache-Lookup: MISS from localhost:80
X-Pingback: http://canoefzh.com/xmlrpc.php
X-Powered-By: PHP/5.3.29
Second query (visit from search engine):
GET / HTTP/1.1
Host: canoefzh.com
Referer: http://www.google.com/search?q=canoefzh.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: canoefzh.com
Referer: http://www.google.com/search?q=canoefzh.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=canoefzh.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://canoefzh.com/
Result: canoefzh.com is not infected or malware details are not published yet.
Result: canoefzh.com is not infected or malware details are not published yet.