Scanned pages/files
Request | Server response | Status |
http://ansumane.com/ | 200 OK Content-Length: 11099 Content-Type: text/html | suspicious |
Deface/Content modification. The following signature was found: Hacked by FrOzEn HeArt ...[2896 bytes skipped]... s&&twttr.events.bind("tweet",function(a){if(a){var b;if(a.target&&a.target.nodeName=="IFRAME")a:{if(a=a.target.src){a=a.split("#")[0].match(/[^?=&]+=([^&]*)?/g);b=0;for(var c;c=a[b];++b)if(c.indexOf("url")===0){b=unescape(c.split("=")[1]);break a}}b=void 0}_gaq.push(["_trackSocial","twitter","tweet",b])}})})})(window); /* ]]> */ </script> </head> <title>Hacked by FrOzEn HeArt</title> <p align="center"> <font color="00FF00" size="10">Hacked </font> <font color="FFFFFF" size="10">By </font> <font color="00FF00" size="10">FrOzEn HeArt</font> <br> <br> <br> <link rel="SHORTCUT ICON" href="http://singwal.com/images/pak_flag/Pakistani_Flag.gif"> <body alink="gray" bgcolor="black" vlink="gray" link="gray" text="gray"> <center ...[9723 bytes skipped]... | ||
http://ansumane.com/test404page.js | 404 Not Found Content-Length: 331 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: ansumane.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Sat, 08 Nov 2014 19:57:42 GMT
Server: Apache
Vary: Accept-Encoding
Content-Length: 11099
Content-Type: text/html
...11099 bytes of data.
GET / HTTP/1.1
Host: ansumane.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Sat, 08 Nov 2014 19:57:42 GMT
Server: Apache
Vary: Accept-Encoding
Content-Length: 11099
Content-Type: text/html
...11099 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: ansumane.com
Referer: http://www.google.com/search?q=ansumane.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: ansumane.com
Referer: http://www.google.com/search?q=ansumane.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=ansumane.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://ansumane.com/
Result: ansumane.com is not infected or malware details are not published yet.
Result: ansumane.com is not infected or malware details are not published yet.