Scanned pages/files
Request | Server response | Status |
http://dobro.club/ | 200 OK Content-Length: 238056 Content-Type: text/html | suspicious |
Deface/Content modification. The following signature was found: Hacked By Mr-Hk / Fallega ...[11516 bytes skipped]... t;/table></div>');}} </script> <script> var clickw=270; var clickh=70; var clickb=2; var clickc="#FFFFFF"; var clickbg="black"; // Background color var clickt="Hacked By Mr-Hk / Fallega<p>Click Here To Continue</p> "; var clickFont="font-family:Tahoma,arial,helvetica; font-size:10pt; font-weight:bold; color:Red"; // The font style of the text new initReveal(0,'black','black',1,1,'lime','lime',3,10,true); </script><div id="revealDiv1" style="z-index: 100; display: none; position: absolute; top: -369px; left: 0px; background: none ...[230578 bytes skipped]... | ||
http://dobro.club/test404page.js | 200 OK Content-Length: 238056 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: dobro.club
Result:
HTTP/1.1 200 OK
Cache-Control: max-age=1
Connection: close
Date: Wed, 08 Jul 2015 02:21:07 GMT
Server: Apache/2.2.25 (FreeBSD) PHP/5.4.19 mod_ssl/2.2.25 OpenSSL/1.0.1j
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Expires: Wed, 08 Jul 2015 02:21:08 GMT
X-Powered-By: PHP/5.4.19
GET / HTTP/1.1
Host: dobro.club
Result:
HTTP/1.1 200 OK
Cache-Control: max-age=1
Connection: close
Date: Wed, 08 Jul 2015 02:21:07 GMT
Server: Apache/2.2.25 (FreeBSD) PHP/5.4.19 mod_ssl/2.2.25 OpenSSL/1.0.1j
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Expires: Wed, 08 Jul 2015 02:21:08 GMT
X-Powered-By: PHP/5.4.19
Second query (visit from search engine):
GET / HTTP/1.1
Host: dobro.club
Referer: http://www.google.com/search?q=dobro.club
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: dobro.club
Referer: http://www.google.com/search?q=dobro.club
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=dobro.club
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://dobro.club/
Result: dobro.club is not infected or malware details are not published yet.
Result: dobro.club is not infected or malware details are not published yet.