Scanned pages/files
| Request | Server response | Status |
http://internationalblogs.info/ | 200 OK Content-Length: 1311 Content-Type: text/html | clean |
http://internationalblogs.info/kenya/ | 200 OK Content-Length: 1566 Content-Type: text/html | suspicious |
Deface/Content modification. The following signature was found: Hacked By JOK3R ...[354 bytes skipped]... .gif" rel="icon" type="image/x-icon"> <link href="http://carolinediana.com/wp-includes/jok3r.css" rel="stylesheet" type="text/css"> <style>body{cursor:url("http://zone-h.com/archive/notifier=jok3r"),auto;}html{display:table;height:100%;width:100%;}body{display:table-row;}body{display:table-cell;vertical-align:middle;text-align:center;}a:link{text-decoration:none;}</style> <title>Hacked By JOK3R</title> </head><body background="http://s3.picofile.com/file/8210460776/x.gif" bgcolor="#FFFFFF"> <p> <img src="http://s6.picofile.com/file/8196943584/ss.gif" height="300" border="0" width="400"></p> <p> </p> <p> <font style="color:green;text-shadow:0px 1px 5px #000;" face="Iceland" size="6">Iranian Defacer 2012 - 2016 </font><br> <font face="Ice ...[715 bytes skipped]... | ||
http://internationalblogs.info/test404page.js | 404 Not Found Content-Length: 331 Content-Type: text/html | clean |
http://internationalblogs.info/croatia | HTTP/1.1 301 Moved Permanently Connection: close Date: Sat, 19 Dec 2015 15:26:33 GMT Location: http://internationalblogs.info/croatia/ Server: Apache/2.4.10 (Unix) OpenSSL/0.9.8e-fips-rhel5 mod_bwlimited/1.4 Content-Length: 247 Content-Type: text/html; charset=iso-8859-1 | clean |
http://internationalblogs.info/croatia/ | 200 OK Content-Length: 1566 Content-Type: text/html | clean |
http://internationalblogs.info/serbia/index.php | HTTP/1.1 301 Moved Permanently Connection: close Date: Sat, 19 Dec 2015 15:26:34 GMT Location: http://internationalblogs.info/serbia/ Server: Apache/2.4.10 (Unix) OpenSSL/0.9.8e-fips-rhel5 mod_bwlimited/1.4 Content-Length: 0 Content-Type: text/html; charset=UTF-8 X-Pingback: http://internationalblogs.info/serbia/xmlrpc.php X-Powered-By: PHP/5.4.37 | clean |
http://internationalblogs.info/serbia/ | 200 OK Content-Length: 1566 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: internationalblogs.info
Result:
HTTP/1.1 200 OK
Connection: close
Date: Sat, 19 Dec 2015 15:26:31 GMT
Accept-Ranges: bytes
ETag: "7fc5b0-51f-516e595cb3e00"
Server: Apache/2.4.10 (Unix) OpenSSL/0.9.8e-fips-rhel5 mod_bwlimited/1.4
Content-Length: 1311
Content-Type: text/html
Last-Modified: Mon, 25 May 2015 10:36:40 GMT
...1311 bytes of data.
GET / HTTP/1.1
Host: internationalblogs.info
Result:
HTTP/1.1 200 OK
Connection: close
Date: Sat, 19 Dec 2015 15:26:31 GMT
Accept-Ranges: bytes
ETag: "7fc5b0-51f-516e595cb3e00"
Server: Apache/2.4.10 (Unix) OpenSSL/0.9.8e-fips-rhel5 mod_bwlimited/1.4
Content-Length: 1311
Content-Type: text/html
Last-Modified: Mon, 25 May 2015 10:36:40 GMT
...1311 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: internationalblogs.info
Referer: http://www.google.com/search?q=internationalblogs.info
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: internationalblogs.info
Referer: http://www.google.com/search?q=internationalblogs.info
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=internationalblogs.info
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://internationalblogs.info/
Result: internationalblogs.info is not infected or malware details are not published yet.
Result: internationalblogs.info is not infected or malware details are not published yet.