Scanned pages/files
Request | Server response | Status |
http://amichelsen.com/ | 200 OK Content-Length: 12805 Content-Type: text/html | suspicious |
Deface/Content modification. The following signature was found: hacked by hasani_farhad ...[3225 bytes skipped]... location.href='contact.php'"> <img src="menu_txt.php?text=CONTACT" height="14" width="166" border="0"> </div> <div class="menu_sub"> <img src="imgs/spacer.gif" height="7" width="166" border="0"> </div> <div class="news" style="background: #FFFFFF;"> <p>Jul 2011: <br /> </p> <p>Nov 2006: <b>hacked by hasani_farhad</b><br /> hasani_farhad@yahoo.com hacked by hasani_farhad [ http://www.irsecteam.org ] Greetz to:|YoSeF__HaCkeR| LinX86 | goldhat | armoon | alimp5 | alireza666| EnDLeSs | Shahram Black Hat | | R@DIK@L | 8aT H4cK3r | ÂHOt0N | Unique Saboteur | shell7x | Mosi.Pro | poya21 |& all Iran security members*} !!| [ we love iran ] [ members ] </p> <p>Jul 2006: <b&g ...[10589 bytes skipped]... | ||
http://amichelsen.com/js/am.js | 200 OK Content-Length: 2388 Content-Type: application/javascript | clean |
http://amichelsen.com/test404page.js | 404 Not Found Content-Length: 212 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: amichelsen.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Tue, 14 Jul 2015 05:57:05 GMT
Via: 1.1 varnish
Accept-Ranges: bytes
Age: 0
Server: Apache
Vary: Accept-Encoding
Content-Length: 12805
Content-Type: text/html; charset=UTF-8
X-Powered-By: PHP/5.6.11
X-Varnish: 2148330027
...12805 bytes of data.
GET / HTTP/1.1
Host: amichelsen.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Tue, 14 Jul 2015 05:57:05 GMT
Via: 1.1 varnish
Accept-Ranges: bytes
Age: 0
Server: Apache
Vary: Accept-Encoding
Content-Length: 12805
Content-Type: text/html; charset=UTF-8
X-Powered-By: PHP/5.6.11
X-Varnish: 2148330027
...12805 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: amichelsen.com
Referer: http://www.google.com/search?q=amichelsen.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: amichelsen.com
Referer: http://www.google.com/search?q=amichelsen.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=amichelsen.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://amichelsen.com/
Result: amichelsen.com is not infected or malware details are not published yet.
Result: amichelsen.com is not infected or malware details are not published yet.