Scanned pages/files
| Request | Server response | Status |
http://sozila.com/ | HTTP/1.1 301 Moved Permanently Connection: close Date: Tue, 21 Jul 2015 21:15:06 GMT Location: http://www.sozila.com/ Server: Apache/2.2.22 (Debian) Content-Length: 306 Content-Type: text/html; charset=iso-8859-1 | clean |
http://www.sozila.com/ | 200 OK Content-Length: 93788 Content-Type: text/html | suspicious |
Deface/Content modification. The following signature was found: Hacked by HellStorm ...[83754 bytes skipped]... s="pr_fr_table_info" border="0" cellspacing="0" cellpadding="5" width="180"> <tr> <td width="30%"><a href="profile.php?id=153139"><img src="new_img/1/5/3/1/3/9/153139.jpg" border="0"></a> </td> <td valign="top"><span><a href="profile.php?id=153139"><strong>Hacked by HellStorm</strong></a>, offline, Plovdiv, 36</span></td> </tr> </table> </div> </div> <div style="clear:left"></div> <div class="hor_blue_sep_s" style="margin:0px"></div> <div class="profile_links_new_small" style="float:right"><span><a href="celebrity.php"> ...[26843 bytes skipped]... | ||
http://www.sozila.com/common/funcs.js?3 | 200 OK Content-Length: 14076 Content-Type: application/javascript | clean |
http://sozila.com/common/majax.js?2 | HTTP/1.1 301 Moved Permanently Connection: close Date: Tue, 21 Jul 2015 21:15:12 GMT Location: http://www.sozila.com/common/majax.js?2 Server: Apache/2.2.22 (Debian) Content-Length: 323 Content-Type: text/html; charset=iso-8859-1 | clean |
http://www.sozila.com/common/majax.js?2 | 200 OK Content-Length: 7168 Content-Type: application/javascript | clean |
http://connect.facebook.net/en_US/all.js | 200 OK Content-Length: 170024 Content-Type: application/x-javascript | clean |
http://edge.quantserve.com/quant.js | 200 OK Content-Length: 7874 Content-Type: application/x-javascript | clean |
http://sozila.com/forgottenpass.php | HTTP/1.1 301 Moved Permanently Connection: close Date: Tue, 21 Jul 2015 21:15:13 GMT Location: http://www.sozila.com/forgottenpass.php Server: Apache/2.2.22 (Debian) Content-Length: 323 Content-Type: text/html; charset=iso-8859-1 | clean |
http://www.sozila.com/forgottenpass.php | 200 OK Content-Length: 19195 Content-Type: text/html | clean |
http://www.sozila.com/register.php | 200 OK Content-Length: 15695 Content-Type: text/html | clean |
http://www.sozila.com/common/funcs.js | 200 OK Content-Length: 14076 Content-Type: application/javascript | clean |
http://www.sozila.com/common/majax.js | 200 OK Content-Length: 7168 Content-Type: application/javascript | clean |
http://www.sozila.com/common/motranslator/motranslatorUTF8.js | 200 OK Content-Length: 9879 Content-Type: application/javascript | clean |
http://www.sozila.com/search.php?online_m=1 | 200 OK Content-Length: 91828 Content-Type: text/html | clean |
http://www.sozila.com/new.php | 200 OK Content-Length: 25381 Content-Type: text/html | clean |
http://www.sozila.com/random.php?sex=1 | 200 OK Content-Length: 48797 Content-Type: text/html | clean |
http://www.sozila.com/random.php | 200 OK Content-Length: 53996 Content-Type: text/html | clean |
http://www.sozila.com/rating.php | 200 OK Content-Length: 79038 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: sozila.com
Result:
HTTP/1.1 301 Moved Permanently
Connection: close
Date: Tue, 21 Jul 2015 21:15:06 GMT
Location: http://www.sozila.com/
Server: Apache/2.2.22 (Debian)
Content-Length: 306
Content-Type: text/html; charset=iso-8859-1
...306 bytes of data.
GET / HTTP/1.1
Host: sozila.com
Result:
HTTP/1.1 301 Moved Permanently
Connection: close
Date: Tue, 21 Jul 2015 21:15:06 GMT
Location: http://www.sozila.com/
Server: Apache/2.2.22 (Debian)
Content-Length: 306
Content-Type: text/html; charset=iso-8859-1
...306 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: sozila.com
Referer: http://www.google.com/search?q=sozila.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: sozila.com
Referer: http://www.google.com/search?q=sozila.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=sozila.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://sozila.com/
Result: sozila.com is not infected or malware details are not published yet.
Result: sozila.com is not infected or malware details are not published yet.