Scanned pages/files
| Request | Server response | Status |
http://advancemas.com/ | 200 OK Content-Length: 8487 Content-Type: text/html | suspicious |
Deface/Content modification. The following signature was found: Hacked By 7codeCrew <html>
<meta charset="utf-8"> <head> <link rel="shortcut icon" href="http://upload.wikimedia.org/wikipedia/commons/e/ed/Animated-Flag-Malaysia.gif"> <title>Hacked By 7codeCrew</title> <style type="text/css"> body { background: url(https://m.ak.fbcdn.net/sphotos-h.ak/hphotos-ak-xpa1/v/t34.0-12/s843x403/10822291_623814784407093_88872475_n.jpg?efg=eyJpIjoiYiJ9&oh=10d10a7db8b491d2e8bfce4c11ba7396&oe=54A8E59A&__gda__=1420369762_69679476e503be13ba4746c1b86b9765) no-repeat center center fixed; -webkit-background-size: cover; -moz-background-size: co ...[9407 bytes skipped]... | ||
http://advancemas.com/frefx/np.asp?lv_acheter-tong-lv/ | 200 OK Content-Length: 11177 Content-Type: text/html | clean |
http://js.ssmarque.fr/fr/zh01.js | 200 OK Content-Length: 806 Content-Type: application/javascript | clean |
http://advancemas.com/frefx/np.asp?ray-ban_lunettes-ray-ban-vue-zone/ | 200 OK Content-Length: 10317 Content-Type: text/html | clean |
http://js.ssmarque.fr/fr/ray-ban01.js | 200 OK Content-Length: 806 Content-Type: application/javascript | clean |
http://advancemas.com/frefx/np.asp?ray-ban_lunettes-de-soleil-ray-ban-pas-cher-femme-2014/ | 200 OK Content-Length: 12940 Content-Type: text/html | clean |
http://advancemas.com/frefx/np.asp?ray-ban_lunettes-soleil-ray-ban-aviator-mirror-green/ | 200 OK Content-Length: 11538 Content-Type: text/html | clean |
http://advancemas.com/frefx/np.asp?mlb_casquette-snapback-mlb-brooklyn-dodgers/ | 200 OK Content-Length: 10088 Content-Type: text/html | clean |
http://js.ssmarque.fr/fr/mlb01.js | 200 OK Content-Length: 806 Content-Type: application/javascript | clean |
http://advancemas.com/frefx/np.asp?supra_supra-cable/ | 200 OK Content-Length: 7839 Content-Type: text/html | clean |
http://js.ssmarque.fr/fr/xiezi.js | 200 OK Content-Length: 812 Content-Type: application/javascript | clean |
http://advancemas.com/frefx/np.asp?bomb_casquette-bombee-lacoste/ | 200 OK Content-Length: 9458 Content-Type: text/html | clean |
http://js.ssmarque.fr/fr/bomb01.js | 200 OK Content-Length: 806 Content-Type: application/javascript | clean |
http://advancemas.com/frefx/np.asp?balenciaga_sac-balenciaga-city-giant/ | 200 OK Content-Length: 8428 Content-Type: text/html | clean |
http://advancemas.com/frefx/np.asp?balenciaga_sac-balenciaga-giant-pompon/ | 200 OK Content-Length: 10254 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: advancemas.com
Result:
HTTP/1.1 200 OK
Date: Sat, 21 Mar 2015 11:06:11 GMT
Accept-Ranges: bytes
ETag: "de5d4e8873fd01:0"
Server: Microsoft-IIS/7.0
Content-Length: 8487
Content-Type: text/html
Last-Modified: Tue, 03 Feb 2015 07:57:18 GMT
X-Powered-By: ASP.NET
...8487 bytes of data.
GET / HTTP/1.1
Host: advancemas.com
Result:
HTTP/1.1 200 OK
Date: Sat, 21 Mar 2015 11:06:11 GMT
Accept-Ranges: bytes
ETag: "de5d4e8873fd01:0"
Server: Microsoft-IIS/7.0
Content-Length: 8487
Content-Type: text/html
Last-Modified: Tue, 03 Feb 2015 07:57:18 GMT
X-Powered-By: ASP.NET
...8487 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: advancemas.com
Referer: http://www.google.com/search?q=advancemas.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: advancemas.com
Referer: http://www.google.com/search?q=advancemas.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=advancemas.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://advancemas.com/
Result: advancemas.com is not infected or malware details are not published yet.
Result: advancemas.com is not infected or malware details are not published yet.