Scanned pages/files
Request | Server response | Status |
http://volgamed.com/ | 200 OK Content-Length: 433 Content-Type: text/html | suspicious |
Deface/Content modification. The following signature was found: Hacked By ~ Yunus Incredibl <title>Hacked By ~ Yunus Incredibl</title><style>body {font-family: Comic Sans MS, cursive, sans-serif;background-color: #000000;}h1{color:white; text-shadow:0 0 60px black; font-size:50px;}</style><center><br><br><br><br><br><br><br><h1>Hacked By ~ Yunus Incredibl</h1></center><embed src='https://youtube.googleapis.com/v/PDoYXseuSLw&autoplay=1&loop=1' type='application/x-shockwave-flash' wmode='transparent' height='1' width='1'> | ||
http://volgamed.com/test404page.js | 404 Not Found Content-Length: 212 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: volgamed.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Mon, 31 Mar 2014 05:04:09 GMT
Accept-Ranges: bytes
ETag: "48e01b-1b1-4f5d598308b40"
Server: nginx/1.4.1
Content-Length: 433
Content-Type: text/html; charset=utf-8
Last-Modified: Sun, 30 Mar 2014 16:40:37 GMT
...433 bytes of data.
GET / HTTP/1.1
Host: volgamed.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Mon, 31 Mar 2014 05:04:09 GMT
Accept-Ranges: bytes
ETag: "48e01b-1b1-4f5d598308b40"
Server: nginx/1.4.1
Content-Length: 433
Content-Type: text/html; charset=utf-8
Last-Modified: Sun, 30 Mar 2014 16:40:37 GMT
...433 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: volgamed.com
Referer: http://www.google.com/search?q=volgamed.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: volgamed.com
Referer: http://www.google.com/search?q=volgamed.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=volgamed.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://volgamed.com/
Result: volgamed.com is not infected or malware details are not published yet.
Result: volgamed.com is not infected or malware details are not published yet.