Malicious/Suspicious Redirects
Request | Server response | Status |
URL: http://geniestudy.com/ (imitation of visitor from search engine) GET / HTTP/1.1 Host: geniestudy.com Referer: http://www.google.com/search?q=redirect+check1 | HTTP/1.1 301 Moved Permanently Connection: close Date: Fri, 24 Oct 2014 17:13:58 GMT Location: http://mdrightnow2014.com/ Server: Apache/2.2.27 (CentOS) Content-Length: 314 Content-Type: text/html; charset=iso-8859-1 | suspicious |
URL: http://mdrightnow2014.com/ (imitation of visitor from search engine) GET / HTTP/1.1 Host: mdrightnow2014.com Referer: http://www.google.com/search?q=redirect+check2 | HTTP/1.1 302 Found Connection: close Date: Fri, 24 Oct 2014 17:15:39 GMT Location: http://onlinedrugsassist.com Server: nginx/1.6.2 Vary: Accept-Encoding,User-Agent Content-Length: 0 Content-Type: text/html; charset=UTF-8 X-Powered-By: PHP/5.3.3 | suspicious |
Scanned pages/files
Request | Server response | Status |
http://geniestudy.com/ | 200 OK Content-Length: 1621 Content-Type: text/html | suspicious |
Hidden iFrame found. size: 1x1 src: http://www.youtube.com/embed/pwo01rjknie?rel=0&autoplay=1 <iframe width="1" height="1" src="http://www.youtube.com/embed/pwo01rjknie?rel=0&autoplay=1" frameborder="0" allowfullscreen> Deface/Content modification. The following signature was found: Hacked by Intifada! <head>
<meta http-equiv="Content-Type" content="text/HTML; charset=utf-8"/> <link href="http://img1.loadtr.com/b-297820-b%C3%BCy%C3%BCk_filistin_bayra%C4%9F%C4%B1.jpg" rel="shortcut icon"> <title>Hacked by Intifada!</title> <center> <body background="http://android.mobile-review.com/image/materials/wallpapers-10/big/10-wall02.jpg"> </center> <link href="http://fonts.googleapis.com/css?family=Orbitron:700" rel="stylesheet" type="text/css"> <style>body{font-family:orbitron;}</style> <script type="text/javascript">/* CloudFlare analytics upgrade */ </script&g ...[1390 bytes skipped]... | ||
http://geniestudy.com/test404page.js | HTTP/1.1 302 Found Connection: close Date: Fri, 24 Oct 2014 17:13:59 GMT Location: http://mdrightnow2014.com/ Server: Apache/2.2.27 (CentOS) Content-Length: 290 Content-Type: text/html; charset=iso-8859-1 | clean |
http://mdrightnow2014.com/ | HTTP/1.1 302 Found Connection: close Date: Fri, 24 Oct 2014 17:15:42 GMT Location: http://onlinedrugsassist.com Server: nginx/1.6.2 Vary: Accept-Encoding,User-Agent Content-Length: 0 Content-Type: text/html; charset=UTF-8 X-Powered-By: PHP/5.3.3 | clean |
http://onlinedrugsassist.com/ | 403 Forbidden Content-Length: 168 Content-Type: text/html | clean |
http://onlinedrugsassist.com/test404page.js | 403 Forbidden Content-Length: 168 Content-Type: text/html | clean |
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=geniestudy.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://geniestudy.com/
Result: geniestudy.com is not infected or malware details are not published yet.
Result: geniestudy.com is not infected or malware details are not published yet.