Scanned pages/files
Request | Server response | Status |
http://france-signature.fr/ | 200 OK Content-Length: 19494 Content-Type: text/html | suspicious |
Deface/Content modification. The following signature was found: Hacked By Middle East Cyber Army ...[416 bytes skipped]... :rdfs="http://www.w3.org/2000/01/rdf-schema#" xmlns:sioc="http://rdfs.org/sioc/ns#" xmlns:sioct="http://rdfs.org/sioc/types#" xmlns:skos="http://www.w3.org/2004/02/skos/core#" xmlns:xsd="http://www.w3.org/2001/XMLSchema#"> <head profile="http://www.w3.org/1999/xhtml/vocab"> <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> <meta content="Hacked By Middle East Cyber Army" about="/ru/node/756" property="dc:title" /> <link rel="shortlink" href="/ru/node/756" /> <link rel="canonical" href="/ru/node/756" /> <meta name="Generator" content="Drupal 7 (http://drupal.org)" /> <title>Hacked By Middle East Cyber Army | Hacked By Middle East Cyber Army</title> <link type="text/css" rel="stylesheet" href="http://france-signature.fr/sites/default/files/css/css_OJ6HpQz2KT-P1lu4C3LuyS4lqi ...[21364 bytes skipped]... | ||
http://france-signature.fr/sites/default/files/js/js_OUYbOVdgpVsXOdB2zFglWtxDbaBrvQlNhLOq45JrbmE.js | 200 OK Content-Length: 94896 Content-Type: application/javascript | clean |
http://france-signature.fr/sites/default/files/js/js_VWe_15q4Ef6kJmYmg7RdzNY_Q_M_hjYxPXY4WzYFVEw.js | 200 OK Content-Length: 7768 Content-Type: application/javascript | clean |
http://france-signature.fr/ru | 200 OK Content-Length: 19494 Content-Type: text/html | clean |
http://france-signature.fr/ru/news | 200 OK Content-Length: 11030 Content-Type: text/html | clean |
http://france-signature.fr/ru/ | 200 OK Content-Length: 19494 Content-Type: text/html | clean |
http://france-signature.fr/test404page.js | 404 Not Found Content-Length: 19592 Content-Type: text/html | clean |
http://france-signature.fr/ru/node/756 | 200 OK Content-Length: 19596 Content-Type: text/html | clean |
http://france-signature.fr/ru/node/ | 200 OK Content-Length: 10894 Content-Type: text/html | clean |
http://france-signature.fr/ru/167-novost-1 | 200 OK Content-Length: 5243 Content-Type: text/html | clean |
http://france-signature.fr/ru/29-novost-5 | 200 OK Content-Length: 4942 Content-Type: text/html | clean |
http://france-signature.fr/fr/28-fr-perevod | 200 OK Content-Length: 4769 Content-Type: text/html | clean |
http://france-signature.fr/sites/default/files/js/js_oUz_h0Pd_Wdgf9WcNGmJvWvnUcSRNIXqhLtkSep4W48.js | 200 OK Content-Length: 3298 Content-Type: application/javascript | clean |
http://france-signature.fr/fr/ | 200 OK Content-Length: 19455 Content-Type: text/html | clean |
http://france-signature.fr/fr | 200 OK Content-Length: 19455 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: france-signature.fr
Result:
HTTP/1.1 200 OK
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Mon, 19 Jan 2015 00:44:29 GMT
ETag: "1421628268"
Server: nginx/1.6.1
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Expires: Sun, 19 Nov 1978 05:00:00 GMT
Last-Modified: Mon, 19 Jan 2015 00:44:28 +0000
Link: </ru/node/756>; rel="shortlink",</ru/node/756>; rel="canonical"
Set-Cookie: SESSc5e6afec79a41ffc0bb210573728d1dd=QLX-eCeln7PBXKBzopF22Z6SIrUlVybTjyD7IC0Jg1g; expires=Wed, 11 Feb 2015 04:17:49 GMT; path=/; HttpOnly
X-Drupal-Cache: MISS
X-Generator: Drupal 7 (http://drupal.org)
X-Powered-By: PHP/5.2.6-1+lenny13
GET / HTTP/1.1
Host: france-signature.fr
Result:
HTTP/1.1 200 OK
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Mon, 19 Jan 2015 00:44:29 GMT
ETag: "1421628268"
Server: nginx/1.6.1
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Expires: Sun, 19 Nov 1978 05:00:00 GMT
Last-Modified: Mon, 19 Jan 2015 00:44:28 +0000
Link: </ru/node/756>; rel="shortlink",</ru/node/756>; rel="canonical"
Set-Cookie: SESSc5e6afec79a41ffc0bb210573728d1dd=QLX-eCeln7PBXKBzopF22Z6SIrUlVybTjyD7IC0Jg1g; expires=Wed, 11 Feb 2015 04:17:49 GMT; path=/; HttpOnly
X-Drupal-Cache: MISS
X-Generator: Drupal 7 (http://drupal.org)
X-Powered-By: PHP/5.2.6-1+lenny13
Second query (visit from search engine):
GET / HTTP/1.1
Host: france-signature.fr
Referer: http://www.google.com/search?q=france-signature.fr
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: france-signature.fr
Referer: http://www.google.com/search?q=france-signature.fr
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=france-signature.fr
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://france-signature.fr/
Result: france-signature.fr is not infected or malware details are not published yet.
Result: france-signature.fr is not infected or malware details are not published yet.