Scanned pages/files
Request | Server response | Status |
http://weselnerabaty.com/ | 200 OK Content-Length: 689 Content-Type: text/html | suspicious |
Deface/Content modification. The following signature was found: HackeD By A.O.R <html>
<head oncontextmenu="return false;" onkeydown="return false;" onmousedown="return false;"> <title>HackeD By A.O.R</title> </head> <body oncontextmenu="return false;" onkeydown="return false;" onmousedown="return false;" style="background-color: black;"> <center> <br> <font style="arial" size="10" color="red" ">ARMIES OF REPRESSION</font> <br> <br> <br> <img src="http://im85.gulfup.com/oPFl2x.png"> <br><br> <br> ...[322 bytes skipped]... | ||
http://weselnerabaty.com/test404page.js | 404 Not Found Content-Length: 212 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: weselnerabaty.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Sun, 08 Mar 2015 04:43:09 GMT
Server: Apache
Content-Type: text/html
GET / HTTP/1.1
Host: weselnerabaty.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Sun, 08 Mar 2015 04:43:09 GMT
Server: Apache
Content-Type: text/html
Second query (visit from search engine):
GET / HTTP/1.1
Host: weselnerabaty.com
Referer: http://www.google.com/search?q=weselnerabaty.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: weselnerabaty.com
Referer: http://www.google.com/search?q=weselnerabaty.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=weselnerabaty.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://weselnerabaty.com/
Result: weselnerabaty.com is not infected or malware details are not published yet.
Result: weselnerabaty.com is not infected or malware details are not published yet.