Scanned pages/files
Request | Server response | Status |
http://ascon.co.za/ | 200 OK Content-Length: 859 Content-Type: text/html | suspicious |
Deface/Content modification. The following signature was found: Hacked by PhantomGhost <html>
<head> <link href='http://fonts.googleapis.com/css?family=Iceland' rel='stylesheet' type='text/css'> <title>PhantomGhost Hackers</title> <meta name="description" content="Hacked by PhantomGhost" /> </head> <body BGCOLOR="white"><br> <center><img src="http://upload.wikimedia.org/wikipedia/commons/thumb/a/a6/Anonymous_emblem.svg/1024px-Anonymous_emblem.svg.png" height="400""><center><br/> <font face="Iceland" size="5" color="black">4prili666h05T - ./dutchm4n - SambelColek - Grim_reaper - MR.WWW - TheBlackMonster - Isal Dot ID - LMF21 - vBalzumedang4 ...[328 bytes skipped]... | ||
http://ascon.co.za/test404page.js | 200 OK Content-Length: 859 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: ascon.co.za
Result:
HTTP/1.1 200 OK
Cache-Control: max-age=1
Connection: close
Date: Fri, 27 Mar 2015 23:27:12 GMT
Server: Apache
Vary: Accept-Encoding,User-Agent
Content-Type: text/html
Expires: Fri, 27 Mar 2015 23:27:13 GMT
GET / HTTP/1.1
Host: ascon.co.za
Result:
HTTP/1.1 200 OK
Cache-Control: max-age=1
Connection: close
Date: Fri, 27 Mar 2015 23:27:12 GMT
Server: Apache
Vary: Accept-Encoding,User-Agent
Content-Type: text/html
Expires: Fri, 27 Mar 2015 23:27:13 GMT
Second query (visit from search engine):
GET / HTTP/1.1
Host: ascon.co.za
Referer: http://www.google.com/search?q=ascon.co.za
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: ascon.co.za
Referer: http://www.google.com/search?q=ascon.co.za
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=ascon.co.za
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://ascon.co.za/
Result: ascon.co.za is not infected or malware details are not published yet.
Result: ascon.co.za is not infected or malware details are not published yet.