Scanned pages/files
Request | Server response | Status |
http://seoprom.com.ua/ | 200 OK Content-Length: 734 Content-Type: text/html | suspicious |
Deface/Content modification. The following signature was found: HACKED BY Private User for 19.05.2015 <html> <head><title>HACKED BY Private User for 19.05.2015</title></head> <body bgcolor="#000000"> <marquee><b><font size="145"> <font color="#FFFFFF">HACKED BY Private User for <font color="#FF0000">19.05.2015</b></marquee> <a href="http://www.uploadmusic.org"><object type="application/x-shockwave-flash" width="0" height="0"data="http://www.uploadmusic.org/musicplayer.swf? song_url=ht ...[405 bytes skipped]... | ||
http://seoprom.com.ua/test404page.js | 404 Not Found Content-Length: 1148 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: seoprom.com.ua
Result:
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Thu, 18 Jun 2015 10:01:00 GMT
Pragma: no-cache
Accept-Ranges: bytes
Server: LiteSpeed
Content-Length: 734
Content-Type: text/html
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Set-Cookie: PHPSESSID=40737676185fcf7b2b1e1c1d69d26518; path=/
Set-Cookie: dle_user_id=deleted; expires=Wed, 18-Jun-2014 10:00:59 GMT; path=/; domain=.seoprom.com.ua; httponly
Set-Cookie: dle_password=deleted; expires=Wed, 18-Jun-2014 10:00:59 GMT; path=/; domain=.seoprom.com.ua; httponly
Set-Cookie: dle_hash=deleted; expires=Wed, 18-Jun-2014 10:00:59 GMT; path=/; domain=.seoprom.com.ua; httponly
X-Powered-By: PHP/5.2.17
...734 bytes of data.
GET / HTTP/1.1
Host: seoprom.com.ua
Result:
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Thu, 18 Jun 2015 10:01:00 GMT
Pragma: no-cache
Accept-Ranges: bytes
Server: LiteSpeed
Content-Length: 734
Content-Type: text/html
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Set-Cookie: PHPSESSID=40737676185fcf7b2b1e1c1d69d26518; path=/
Set-Cookie: dle_user_id=deleted; expires=Wed, 18-Jun-2014 10:00:59 GMT; path=/; domain=.seoprom.com.ua; httponly
Set-Cookie: dle_password=deleted; expires=Wed, 18-Jun-2014 10:00:59 GMT; path=/; domain=.seoprom.com.ua; httponly
Set-Cookie: dle_hash=deleted; expires=Wed, 18-Jun-2014 10:00:59 GMT; path=/; domain=.seoprom.com.ua; httponly
X-Powered-By: PHP/5.2.17
...734 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: seoprom.com.ua
Referer: http://www.google.com/search?q=seoprom.com.ua
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: seoprom.com.ua
Referer: http://www.google.com/search?q=seoprom.com.ua
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=seoprom.com.ua
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://seoprom.com.ua/
Result: seoprom.com.ua is not infected or malware details are not published yet.
Result: seoprom.com.ua is not infected or malware details are not published yet.