Scanned pages/files
| Request | Server response | Status |
http://bmoreheadshots.com/ | 200 OK Content-Length: 3253 Content-Type: text/html | suspicious |
Deface/Content modification. The following signature was found: hacked by DIM4DDIN3 ...[228 bytes skipped]... ;/head><body bgcolor="#FFFFFF"><a href="http://www.cursors-4u.com/cursor/2010/12/17/oxygen-black-working.html" target="_blank" title="Oxygen Black - Working"><img src="http://cur.cursors-4u.net/cursor.png" border="0" alt="Oxygen Black - Working" style="position:absolute; top: 0px; right: 0px;"></a> <meta http-equiv="X-UA-Compatible" content="IE=edge"> <title>hacked by DIM4DDIN3</title> <link rel="shortcut icon" href="http://www.e-monsite.com/s/2008/06/24/bouabssa/33144229flag-dz-gif.gif"> <style type="text/css">body, a, a:hover {cursor: url(http://hellox.persiangig.com/DefacePage/negro.cur), progress;}</style> <title>hacked by DIM4DDIN3</title> <style> <!-- SPAN.SpellE { } SPAN.SpellE { } SPAN.SpellE { } SPAN.Spell ...[3132 bytes skipped]... | ||
http://bmoreheadshots.com/test404page.js | 404 Not Found Content-Length: 399 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: bmoreheadshots.com
Result:
HTTP/1.1 200 OK
Cache-Control: max-age=86400
Connection: close
Date: Thu, 08 Oct 2015 20:59:24 GMT
Accept-Ranges: bytes
ETag: "68b804c-cb5-4e8dcf255c8c0"
Server: Apache
Content-Length: 3253
Content-Type: text/html
Expires: Fri, 09 Oct 2015 20:59:24 GMT
Last-Modified: Wed, 16 Oct 2013 14:59:23 GMT
...3253 bytes of data.
GET / HTTP/1.1
Host: bmoreheadshots.com
Result:
HTTP/1.1 200 OK
Cache-Control: max-age=86400
Connection: close
Date: Thu, 08 Oct 2015 20:59:24 GMT
Accept-Ranges: bytes
ETag: "68b804c-cb5-4e8dcf255c8c0"
Server: Apache
Content-Length: 3253
Content-Type: text/html
Expires: Fri, 09 Oct 2015 20:59:24 GMT
Last-Modified: Wed, 16 Oct 2013 14:59:23 GMT
...3253 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: bmoreheadshots.com
Referer: http://www.google.com/search?q=bmoreheadshots.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: bmoreheadshots.com
Referer: http://www.google.com/search?q=bmoreheadshots.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=bmoreheadshots.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://bmoreheadshots.com/
Result: bmoreheadshots.com is not infected or malware details are not published yet.
Result: bmoreheadshots.com is not infected or malware details are not published yet.