Scanned pages/files
Request | Server response | Status |
http://dobeli.com/ | 200 OK Content-Length: 1499 Content-Type: text/html | suspicious |
Deface/Content modification. The following signature was found: hacked by ./Coco <!--[Handoko Fuji]-->
<title>hacked by ./Coco</title> <link rel="SHORTCUT ICON" href="https://encrypted-tbn1.gstatic.com/imagesâ¦"> <meta content='hacked ./Coco' name='description'/> <meta content='hacked by ./Coco' name='keywords'/> <meta content='Handoko Fuji' name='Abstract'/> <br> <embed src="HTTP://www.youtube.com/v/25-lY12SyJY&autoplay=1" type="APPLICATION/x-shockwave-flash"wmode="transparent" wid ...[1506 bytes skipped]... | ||
http://dobeli.com/test404page.js | 200 OK Content-Length: 1499 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: dobeli.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Sat, 20 Jun 2015 08:39:01 GMT
Server: LiteSpeed
Vary: User-Agent
Content-Length: 1499
Content-Type: text/html
X-Powered-By: PHP/5.3.16
...1499 bytes of data.
GET / HTTP/1.1
Host: dobeli.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Sat, 20 Jun 2015 08:39:01 GMT
Server: LiteSpeed
Vary: User-Agent
Content-Length: 1499
Content-Type: text/html
X-Powered-By: PHP/5.3.16
...1499 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: dobeli.com
Referer: http://www.google.com/search?q=dobeli.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: dobeli.com
Referer: http://www.google.com/search?q=dobeli.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=dobeli.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://dobeli.com/
Result: dobeli.com is not infected or malware details are not published yet.
Result: dobeli.com is not infected or malware details are not published yet.