Scanned pages/files
| Request | Server response | Status |
http://rhuangonzaga.com/ | 200 OK Content-Length: 7034 Content-Type: text/html | suspicious |
Deface/Content modification. The following signature was found: Hacked By Team System Dz <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" xmlns:v="urn:schemas-microsoft-com:vml" xmlns:o="urn:schemas-microsoft-com:office:office"> <head> <meta http-equiv="Content-Language" content="ar-dz"/> <meta http-equiv="Content-Type" content="text/html; charset=utf-8"/> <title>Hacked By Team System Dz</title> <meta name="keywords" content="Hacked By Team System Dz"/> <meta name="description" content="Hacked By Team System Dz"/> <script type="text/javascript"> //<![CDATA[ try{if (!window.CloudFlare) {var CloudFlare=[{verbose:0,p:0,byc:0,owlid:"cf",bag2:1,mirage2:0,oracle:0,paths:{cloudflare:"/cdn-cgi/nexp/dok3v=1613a3a185/"},atok:"8348665ab0c99e3aa4b83bc54d9ac081",petok:"d9afe85 ...[7418 bytes skipped]... | ||
http://rhuangonzaga.com/cdn-cgi/l/email-protection | 200 OK Content-Length: 4159 Content-Type: text/html | clean |
http://rhuangonzaga.com/cdn-cgi/scripts/zepto.min.js | 200 OK Content-Length: 24975 Content-Type: application/javascript | clean |
http://rhuangonzaga.com/cdn-cgi/scripts/cf.common.js | 200 OK Content-Length: 4408 Content-Type: application/javascript | clean |
http://rhuangonzaga.com//www.cloudflare.com/sign-up/ | 404 Not Found Content-Length: 927 Content-Type: text/html | clean |
http://rhuangonzaga.com/test404page.js | 404 Not Found Content-Length: 914 Content-Type: text/html | clean |
http://rhuangonzaga.com/cdn-cgi/l/ | 404 Not Found Content-Length: 910 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: rhuangonzaga.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Tue, 14 Jul 2015 21:18:10 GMT
Server: cloudflare-nginx
Vary: Accept-Encoding,User-Agent
Content-Type: text/html
Last-Modified: Sat, 04 Jul 2015 08:05:16 GMT
CF-RAY: 20604232c16b0aea-WAW
Set-Cookie: __cfduid=d33684252a8c3685f98a1f7fee45130501436908690; expires=Wed, 13-Jul-16 21:18:10 GMT; path=/; domain=.rhuangonzaga.com; HttpOnly
GET / HTTP/1.1
Host: rhuangonzaga.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Tue, 14 Jul 2015 21:18:10 GMT
Server: cloudflare-nginx
Vary: Accept-Encoding,User-Agent
Content-Type: text/html
Last-Modified: Sat, 04 Jul 2015 08:05:16 GMT
CF-RAY: 20604232c16b0aea-WAW
Set-Cookie: __cfduid=d33684252a8c3685f98a1f7fee45130501436908690; expires=Wed, 13-Jul-16 21:18:10 GMT; path=/; domain=.rhuangonzaga.com; HttpOnly
Second query (visit from search engine):
GET / HTTP/1.1
Host: rhuangonzaga.com
Referer: http://www.google.com/search?q=rhuangonzaga.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: rhuangonzaga.com
Referer: http://www.google.com/search?q=rhuangonzaga.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=rhuangonzaga.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://rhuangonzaga.com/
Result: rhuangonzaga.com is not infected or malware details are not published yet.
Result: rhuangonzaga.com is not infected or malware details are not published yet.