Scanned pages/files
Request | Server response | Status |
http://www.selecta.me/ | HTTP/1.1 301 Moved Permanently Connection: close Date: Tue, 21 Oct 2014 00:22:29 GMT Location: http://selecta.me/mine/ Server: Apache/2.2.27 (Unix) Content-Length: 309 Content-Type: text/html; charset=iso-8859-1 | clean |
http://selecta.me/mine/ | 200 OK Content-Length: 8635 Content-Type: text/html | suspicious |
Deface/Content modification. The following signature was found: Hacked By ...[5065 bytes skipped]... y background="http://m-h-a-c-k-e-r.persiangig.com/Black.Hack3r/back.jpg"> <center> <div id="con"> <center><img border="0" src="http://m-h-a-c-k-e-r.persiangig.com/Black.Hack3r/IR.gif"/></center> <font size="3" face="Denk One" color=Black>[ In The Name Of ALLAH ]</font><br></br> <font size="6" face="Denk One" color=Blue>Hacked By </font><font size="6" face="Denk One" color=Black>KurD_HaCK3R </font><br> <font size="6" face="Denk One" color=Black>I</font> <font size="6" face="Denk One" color=Red>ranian_</font> <font size="6" face="Denk One" color=Black>D</font> <font size="6" face="Denk One" color=Red>ark_</font> <font size="6" face="Denk One" color=Black>C</font> <font size="6" ...[4386 bytes skipped]... | ||
http://m-h-a-c-k-e-r.persiangig.com/Black.Hack3r/ghatarat-shabnam.js | 200 OK Content-Length: 1213 Content-Type: application/x-javascript | clean |
http://www.selecta.me/test404page.js | 404 Not Found Content-Length: 290 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: selecta.me
Result:
GET / HTTP/1.1
Host: selecta.me
Result:
Second query (visit from search engine):
GET / HTTP/1.1
Host: selecta.me
Referer: http://www.google.com/search?q=selecta.me
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: selecta.me
Referer: http://www.google.com/search?q=selecta.me
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=selecta.me
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://selecta.me/
Result: selecta.me is not infected or malware details are not published yet.
Result: selecta.me is not infected or malware details are not published yet.