Scanned pages/files
Request | Server response | Status |
http://www.auction-script.com/ | HTTP/1.1 302 Found Connection: close Date: Thu, 25 Jun 2015 04:59:02 GMT Location: http://www.auction-script.com/maintenance.html Server: Apache Content-Length: 230 Content-Type: text/html; charset=iso-8859-1 | clean |
http://www.auction-script.com/maintenance.html | 200 OK Content-Length: 1563 Content-Type: text/html | suspicious |
Deface/Content modification. The following signature was found: is site and another site on this server have been hacked by iframe injection. ...[1049 bytes skipped]... ;div id="menuleft"></div> <div id="menuright"></div> </div><!--End main navigation menu--> <div class="clear-fix" id="wrapper"> <!--The following division is your main content division--> <div id="single-column"> <h1>Maintenance</h1> <h2>Hacking Attemps</h2> <p class="justify">This site and another site on this server have been hacked by iframe injection.<br><br>We will be down for a period to clean things up.<br><br>If you know me, you know how to get in touch with me ;)</p> <div id="footer"> <div id="footer-left"></div><div id="footer-right"></div> <div id="footer-content"> <div id="footer-navigation"> </div><!--End footer-navigation--> </div><!--End footer-conten ...[52 bytes skipped]... | ||
http://www.auction-script.com/test404page.js | HTTP/1.1 302 Found Connection: close Date: Thu, 25 Jun 2015 04:59:03 GMT Location: http://www.auction-script.com/maintenance.html Server: Apache Content-Length: 230 Content-Type: text/html; charset=iso-8859-1 | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: auction-script.com
Result:
GET / HTTP/1.1
Host: auction-script.com
Result:
Second query (visit from search engine):
GET / HTTP/1.1
Host: auction-script.com
Referer: http://www.google.com/search?q=auction-script.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: auction-script.com
Referer: http://www.google.com/search?q=auction-script.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=auction-script.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://auction-script.com/
Result: auction-script.com is not infected or malware details are not published yet.
Result: auction-script.com is not infected or malware details are not published yet.