Scanned pages/files
Request | Server response | Status |
http://balamsoft.org/ | 200 OK Content-Length: 525 Content-Type: text/html | suspicious |
Deface/Content modification. The following signature was found: Hacked by T0NS1 <html> <head> <title>Hacked by T0NS1 </title> </head> <body> <center> <h1> Hacked by T0NS1</h1> <img src="http://www.worldflags.me/Flags/Tunisia_Flag.gif"> <br><br><br> #Ton Si <br><br> # Fuck Admin #www.facebook.com/trafiquant3200 <br><br><br> # Greetz to : All Tunisian Hackers , Except Fuck'n Lamers and Haters !<br> <embed src="http://www.youtube.com/v/Se5eR3U0mJs?rel=0&autoplay=1" type="application/x-shockwave-flash" wmode="transparent" width="1" height="1"></embed> </center> </body> </html> | ||
http://balamsoft.org/test404page.js | 404 Not Found Content-Length: 394 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: balamsoft.org
Result:
HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Jul 2014 17:40:16 GMT
Server: Apache
Content-Length: 525
Content-Type: text/html
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Set-Cookie: 366e5feca7fae365da997f3abb41a3f6=03808c6331b2648c9fe69aa29e25641a; path=/
X-Powered-By: PHP/5.2.17
...525 bytes of data.
GET / HTTP/1.1
Host: balamsoft.org
Result:
HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Jul 2014 17:40:16 GMT
Server: Apache
Content-Length: 525
Content-Type: text/html
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Set-Cookie: 366e5feca7fae365da997f3abb41a3f6=03808c6331b2648c9fe69aa29e25641a; path=/
X-Powered-By: PHP/5.2.17
...525 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: balamsoft.org
Referer: http://www.google.com/search?q=balamsoft.org
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: balamsoft.org
Referer: http://www.google.com/search?q=balamsoft.org
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=balamsoft.org
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://balamsoft.org/
Result: balamsoft.org is not infected or malware details are not published yet.
Result: balamsoft.org is not infected or malware details are not published yet.