Scanned pages/files
Request | Server response | Status |
http://allforextrading.info/ | 200 OK Content-Length: 1029 Content-Type: text/html | suspicious |
Deface/Content modification. The following signature was found: Hacked By Ehsan Gomnam ...[492 bytes skipped]... family:"Comic Sans MS",Arial; text-align:center; color:#fff; overflow-x:hidden; } h1{ margin-top:10%;font:60px comic sans ms;text-align:center;text-shadow:0 1px 3px;color:#fff } .wrapper{ padding:10px; width:100%; background:rgba(0,0,0,.60) } </style> </head> <body> <div class="wrapper"> <h1>Hacked By Ehsan Gomnam</h1> <h2>Your security is Low !</h2> <h3>I Love You [H]</h3> <marquee>Fr : Vahid Khan , Black_Want3d </marquee> <embed src="http://godfather7.persiangig.com/MeLoDiC/Flash/07/07-05.swf" width="30" height="30" wmode="transparent" type="application/x-shockwave-flash"> </div> </body> </html> | ||
http://allforextrading.info/test404page.js | 200 OK Content-Length: 1029 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: allforextrading.info
Result:
HTTP/1.1 200 OK
Connection: close
Date: Mon, 27 Oct 2014 09:39:32 GMT
Server: Apache/2.2.29 (Unix) mod_ssl/2.2.29 OpenSSL/1.0.1e-fips DAV/2 mod_jk/1.2.37 mod_bwlimited/1.4 mod_qos/11.5
Content-Type: text/html
X-Powered-By: PHP/5.3.29
GET / HTTP/1.1
Host: allforextrading.info
Result:
HTTP/1.1 200 OK
Connection: close
Date: Mon, 27 Oct 2014 09:39:32 GMT
Server: Apache/2.2.29 (Unix) mod_ssl/2.2.29 OpenSSL/1.0.1e-fips DAV/2 mod_jk/1.2.37 mod_bwlimited/1.4 mod_qos/11.5
Content-Type: text/html
X-Powered-By: PHP/5.3.29
Second query (visit from search engine):
GET / HTTP/1.1
Host: allforextrading.info
Referer: http://www.google.com/search?q=allforextrading.info
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: allforextrading.info
Referer: http://www.google.com/search?q=allforextrading.info
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=allforextrading.info
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://allforextrading.info/
Result: allforextrading.info is not infected or malware details are not published yet.
Result: allforextrading.info is not infected or malware details are not published yet.