Scanned pages/files
Request | Server response | Status |
http://dsfortu.ru/ | 200 OK Content-Length: 2816 Content-Type: text/html | suspicious |
Deface/Content modification. The following signature was found: Hacked By Must@f@ <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> <title>Hacked By Must@f@</title> </head> <body background="http://n1310.hizliresim.com/1g/u/tx75q.jpg"> <center> <img src="http://n1310.hizliresim.com/1g/u/tx74u.gif" width="250" height="222" longdesc="sdp7v1.gif" /><img src="http://t1310.hizliresim.com/1g/u/tx76g.jpg" width="500" height="452" longdesc="http://t1310.hizliresim.com/1g/u/tx76g.jpg" /> <img src="http://n1310.hizliresi ...[2847 bytes skipped]... | ||
http://dsfortu.ru/test404page.js | 404 Not Found Content-Length: 212 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: dsfortu.ru
Result:
HTTP/1.1 200 OK
Connection: close
Date: Tue, 04 Aug 2015 06:50:16 GMT
Accept-Ranges: bytes
ETag: "527d6fcb-b00"
Server: nginx/1.4.1
Content-Length: 2816
Content-Type: text/html; charset=windows-1251
Last-Modified: Fri, 08 Nov 2013 23:12:11 GMT
...2816 bytes of data.
GET / HTTP/1.1
Host: dsfortu.ru
Result:
HTTP/1.1 200 OK
Connection: close
Date: Tue, 04 Aug 2015 06:50:16 GMT
Accept-Ranges: bytes
ETag: "527d6fcb-b00"
Server: nginx/1.4.1
Content-Length: 2816
Content-Type: text/html; charset=windows-1251
Last-Modified: Fri, 08 Nov 2013 23:12:11 GMT
...2816 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: dsfortu.ru
Referer: http://www.google.com/search?q=dsfortu.ru
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: dsfortu.ru
Referer: http://www.google.com/search?q=dsfortu.ru
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=dsfortu.ru
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://dsfortu.ru/
Result: dsfortu.ru is not infected or malware details are not published yet.
Result: dsfortu.ru is not infected or malware details are not published yet.