Scanned pages/files
Request | Server response | Status |
http://www.gescommodity.com/ | 200 OK Content-Length: 16180 Content-Type: text/html | clean |
http://www.gescommodity.com/jqnjs/jquery-1.6.2.js | 200 OK Content-Length: 236202 Content-Type: application/javascript | clean |
http://www.gescommodity.com/jqnjs/jquery.Scroller-1.0.min.js | 200 OK Content-Length: 4087 Content-Type: application/javascript | clean |
http://www.statcounter.com/counter/counter.js | 200 OK Content-Length: 9028 Content-Type: application/x-javascript | clean |
http://www.gescommodity.com/pages-L2/gesaust.html | 200 OK Content-Length: 50301 Content-Type: text/html | clean |
http://www.gescommodity.com/pages-L2/../jqnjs/prototype.js | 200 OK Content-Length: 163312 Content-Type: application/javascript | clean |
http://www.gescommodity.com/pages-L2/../jqnjs/scriptaculous.js?load=effects,builder | 200 OK Content-Length: 2931 Content-Type: application/javascript | clean |
http://www.gescommodity.com/pages-L2/../jqnjs/lightbox.js | 200 OK Content-Length: 18518 Content-Type: application/javascript | clean |
http://www.gescommodity.com/pages-L2/../index.html | 200 OK Content-Length: 16180 Content-Type: text/html | clean |
http://www.gescommodity.com/pages-L2/../jqnjs/jquery-1.6.2.js | 200 OK Content-Length: 236202 Content-Type: application/javascript | clean |
http://www.gescommodity.com/pages-L2/../jqnjs/jquery.Scroller-1.0.min.js | 200 OK Content-Length: 4087 Content-Type: application/javascript | clean |
http://www.gescommodity.com/pages-L2/geshkong.html | 200 OK Content-Length: 23460 Content-Type: text/html | clean |
http://www.gescommodity.com/pages-L2/../images/Alex | 200 OK Content-Length: 7261 Content-Type: text/plain | clean |
http://www.gescommodity.com/test404page.js | 200 OK Content-Length: 21583 Content-Type: text/html | suspicious |
Deface/Content modification. The following signature was found: Hacked By Original Mosta ...[220 bytes skipped]... tp://schemas.microsoft.com/office/2004/12/omml"> <head> <meta http-equiv=Content-Type content="text/html; charset=windows-1252"> <meta name=ProgId content=Word.Document> <meta name=Generator content="Microsoft Word 11"> <meta name=Originator content="Microsoft Word 11"> <link rel=File-List href="index_fichiers/filelist.xml"> <title>Hacked By Original Mosta</title> <!--[if gte mso 9]><xml> <o:DocumentProperties> <o:Author>GSI</o:Author> <o:Template>Normal</o:Template> <o:LastAuthor>ECP Home</o:LastAuthor> <o:Revision>17</o:Revision> <o:TotalTime>8</o:TotalTime> <o:Created>2012-02-18T11:35:00Z</o:Created> <o:LastSaved>2012-02-29T10:42:00Z</o:LastSaved> ...[24797 bytes skipped]... | ||
http://www.gescommodity.com/pages-L2/../images/ImpExp.jpg | 200 OK Content-Length: 10865 Content-Type: image/jpeg | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: gescommodity.com
Result:
GET / HTTP/1.1
Host: gescommodity.com
Result:
Second query (visit from search engine):
GET / HTTP/1.1
Host: gescommodity.com
Referer: http://www.google.com/search?q=gescommodity.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: gescommodity.com
Referer: http://www.google.com/search?q=gescommodity.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=gescommodity.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://gescommodity.com/
Result: gescommodity.com is not infected or malware details are not published yet.
Result: gescommodity.com is not infected or malware details are not published yet.