Scanned pages/files
Request | Server response | Status |
http://almawa.ws/ | 200 OK Content-Length: 2760 Content-Type: text/html | suspicious |
Deface/Content modification. The following signature was found: Hacked By Lion.HacKeR <!-- saved from url=(0031)http://www.adladvocacia.com.br/ -->
<html><head><meta http-equiv="Content-Type" content="text/html; charset=windows-1252">
<title>Hacked By Lion.HacKeR</title>
<!-- Y Id -->
<!-- twitter fin -->
<style type="text/css"></style></head><body><center>
<img src="./Hacked By Lion.HacKeR_files/Xwb70r.jpg" border="0" width="320" height="320">
<!-- musica inicio -->
<div align="center">
<font face="Berlin Sans FB"> <!-- musica fin --></font><font style="text-shadow: 0px 1px 7px #000" colo ...[2646 bytes skipped]... | ||
http://almawa.ws/test404page.js | 404 Not Found Content-Length: 390 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: almawa.ws
Result:
HTTP/1.1 200 OK
Connection: close
Date: Mon, 12 Jan 2015 23:54:30 GMT
Server: Dimofinf Hosting
Vary: Accept-Encoding
Content-Type: text/html
Set-Cookie: dimguest=1421106869-g-1; expires=Tue, 12-Jan-2016 23:54:29 GMT; path=/; HttpOnly
X-Cache: HIT from Backend
X-Powered-By: PHP/5.3.29
GET / HTTP/1.1
Host: almawa.ws
Result:
HTTP/1.1 200 OK
Connection: close
Date: Mon, 12 Jan 2015 23:54:30 GMT
Server: Dimofinf Hosting
Vary: Accept-Encoding
Content-Type: text/html
Set-Cookie: dimguest=1421106869-g-1; expires=Tue, 12-Jan-2016 23:54:29 GMT; path=/; HttpOnly
X-Cache: HIT from Backend
X-Powered-By: PHP/5.3.29
Second query (visit from search engine):
GET / HTTP/1.1
Host: almawa.ws
Referer: http://www.google.com/search?q=almawa.ws
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: almawa.ws
Referer: http://www.google.com/search?q=almawa.ws
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=almawa.ws
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://almawa.ws/
Result: almawa.ws is not infected or malware details are not published yet.
Result: almawa.ws is not infected or malware details are not published yet.