Malicious/Suspicious Redirects
| Request | Server response | Status |
URL: http://notesforschool.com/ (imitation of visitor from search engine) GET / HTTP/1.1 Host: notesforschool.com Referer: http://www.google.com/search?q=redirect+check1 | HTTP/1.1 302 Found Connection: close Date: Fri, 28 Nov 2014 02:06:04 GMT Location: http://goo.gl/AJwPg Server: nginx/1.6.2 Content-Length: 271 Content-Type: text/html; charset=iso-8859-1 | malicious |
URL: http://goo.gl/AJwPg (imitation of visitor from search engine) GET /AJwPg HTTP/1.1 Host: goo.gl Referer: http://www.google.com/search?q=redirect+check2 | HTTP/1.1 301 Moved Permanently Cache-Control: no-cache, no-store, max-age=0, must-revalidate Connection: close Date: Fri, 28 Nov 2014 02:06:04 GMT Pragma: no-cache Location: http://hth33hd1vscvxc2.ru/ Server: GSE Content-Type: text/html; charset=UTF-8 Expires: Fri, 01 Jan 1990 00:00:00 GMT Alternate-Protocol: 80:quic,p=0.02 X-Content-Type-Options: nosniff X-Frame-Options: SAMEORIGIN X-XSS-Protection: 1; mode=block | malicious |
Scanned pages/files
| Request | Server response | Status |
http://notesforschool.com/ | 200 OK Content-Length: 7116 Content-Type: text/html | suspicious |
Deface/Content modification. The following signature was found: HACKED By XUGURX <html>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Language" content="tr"> <meta http-equiv="Content-Type" content="text/html; charset=WINDOWS-1254"> <title>HACKED By XUGURX </title> </head> <body bgcolor=black> <p align="center"> </p> <p align="center"> </p> <p align="center"> <img src="http://img88.imageshack.us/img88/1586/46693600.jpg"></p> <p align="center"><font color="#666666" size="5" face="Verdana"><strong>hacked by xugurx</strong></font></p> ...[7624 bytes skipped]... | ||
http://notesforschool.com/js/index.html | 200 OK Content-Length: 14794 Content-Type: text/html | clean |
http://notesforschool.com/js/jquery.min.js | 200 OK Content-Length: 72326 Content-Type: application/javascript | clean |
http://notesforschool.com/js/cookie.min.js | 200 OK Content-Length: 830 Content-Type: application/javascript | clean |
http://notesforschool.com/js/cufon-yui.js | 200 OK Content-Length: 18264 Content-Type: application/javascript | clean |
http://notesforschool.com/js/europe.js | 200 OK Content-Length: 42662 Content-Type: application/javascript | clean |
http://notesforschool.com/js/js.js | 200 OK Content-Length: 1326 Content-Type: application/javascript | clean |
http://notesforschool.com/js/jquery.placeholder.js | 200 OK Content-Length: 1847 Content-Type: application/javascript | clean |
http://notesforschool.com//yandex.st/share/share.js/ | 404 Not Found Content-Length: 12839 Content-Type: text/html | clean |
http://code.jquery.com/jquery-1.9.1.js | 200 OK Content-Length: 268381 Content-Type: application/x-javascript | clean |
http://suspended.hostgator.com/js/simple-expand.min.js | 200 OK Content-Length: 2782 Content-Type: application/javascript | clean |
http://notesforschool.com/test404page.js | 404 Not Found Content-Length: 12839 Content-Type: text/html | clean |
http://notesforschool.com/js/ | 200 OK Content-Length: 14794 Content-Type: text/html | clean |
http://notesforschool.com/js/Blagoveshensk/index.html | 200 OK Content-Length: 17073 Content-Type: text/html | clean |
http://notesforschool.com/js/Blagoveshensk/ | 200 OK Content-Length: 17073 Content-Type: text/html | clean |
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=notesforschool.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://notesforschool.com/
Result: notesforschool.com is not infected or malware details are not published yet.
Result: notesforschool.com is not infected or malware details are not published yet.