Scanned pages/files
Request | Server response | Status |
http://geely.su/ | 200 OK Content-Length: 17719 Content-Type: text/html | suspicious |
Deface/Content modification. The following signature was found: !-- Hacked By Dr.SHA6H <Script Language='Javascript'>
<!-- Hacked By Dr.SHA6H ' Free Syrian H4ck3r --> <!-- Twitter : https://www.Twitter.com/DrSHA67 --> <!-- Facebook : https://www.Facebook.com/Dr.SHA67 --> <!-- document.write(unescape('%3C%68%74%6D%6C%20%78%6D%6C%6E%73%3A%76%3D%22%75%72%6E%3A%73%63%68%65%6D%61%73%2D%6D%69%63%72%6F%73%6F%66%74%2D%63%6F%6D%3A%76%6D%6C%22%20%78%6D%6C%6E%73%3A%6F%3D%22%75%72%6E%3A%73%63%68%65%6D%61%73%2D%6D%69%63%72%6F%73%6F%66 ...[17283 bytes skipped]... | ||
http://geely.su/test404page.js | 200 OK Content-Length: 17719 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: geely.su
Result:
HTTP/1.1 200 OK
Connection: close
Date: Tue, 30 Dec 2014 16:29:22 GMT
Server: nginx
Content-Type: text/html
X-Powered-By: PHP/5.2.17
GET / HTTP/1.1
Host: geely.su
Result:
HTTP/1.1 200 OK
Connection: close
Date: Tue, 30 Dec 2014 16:29:22 GMT
Server: nginx
Content-Type: text/html
X-Powered-By: PHP/5.2.17
Second query (visit from search engine):
GET / HTTP/1.1
Host: geely.su
Referer: http://www.google.com/search?q=geely.su
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: geely.su
Referer: http://www.google.com/search?q=geely.su
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=geely.su
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://geely.su/
Result: geely.su is not infected or malware details are not published yet.
Result: geely.su is not infected or malware details are not published yet.