Scanned pages/files
| Request | Server response | Status |
http://budsabaresort.com/ | 200 OK Content-Length: 6029 Content-Type: text/html | suspicious |
Deface/Content modification. The following signature was found: Hacked by peyman siyahi ...[1397 bytes skipped]... >')}}catch(a){}; //]]> </script><script type="text/javascript" src="cloudflare.min.js"></script><script type="text/javascript" src="cloudflare.min.js"></script> <script type="text/javascript"> //<![CDATA[ window.__CF=window.__CF||{};window.__CF.AJS={"dnschanger_detector":{"fix_url":null}}; //]]> </script> <title>Hacked by peyman siyahi</title> <style type="text/css"> <!-- body,td,th { color: #ECE9D8; } body { background-color: #000000; } a:link { color: #ECE9D8; text-decoration: none; } a:visited { text-decoration: none; } a:hover { text-decoration: none; color: #FF0000; } a:active { text-decoration: none; } .style1 {font-family: "Courier New", Courier, monospace} | ||
http://budsabaresort.com/cloudflare.min.js | 404 Not Found Content-Length: 334 Content-Type: text/html | clean |
http://budsabaresort.com/test404page.js | 404 Not Found Content-Length: 331 Content-Type: text/html | clean |
http://budsabaresort.com/233,232 | 404 Not Found Content-Length: 324 Content-Type: text/html | clean |
http://budsabaresort.com/mle.cgi | 404 Not Found Content-Length: 324 Content-Type: text/html | clean |
http://budsabaresort.com/e.php | 404 Not Found Content-Length: 322 Content-Type: text/html | clean |
http://budsabaresort.com/mle(1).cgi | 404 Not Found Content-Length: 327 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: budsabaresort.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Wed, 20 Aug 2014 20:04:12 GMT
Accept-Ranges: bytes
ETag: "178d-50113b0a16a44"
Server: Apache
Vary: Accept-Encoding,User-Agent
Content-Length: 6029
Content-Type: text/html
Last-Modified: Wed, 20 Aug 2014 18:22:42 GMT
...6029 bytes of data.
GET / HTTP/1.1
Host: budsabaresort.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Wed, 20 Aug 2014 20:04:12 GMT
Accept-Ranges: bytes
ETag: "178d-50113b0a16a44"
Server: Apache
Vary: Accept-Encoding,User-Agent
Content-Length: 6029
Content-Type: text/html
Last-Modified: Wed, 20 Aug 2014 18:22:42 GMT
...6029 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: budsabaresort.com
Referer: http://www.google.com/search?q=budsabaresort.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: budsabaresort.com
Referer: http://www.google.com/search?q=budsabaresort.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=budsabaresort.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://budsabaresort.com/
Result: budsabaresort.com is not infected or malware details are not published yet.
Result: budsabaresort.com is not infected or malware details are not published yet.