Scanned pages/files
Request | Server response | Status |
http://casanovillo.com/ | 200 OK Content-Length: 1791 Content-Type: text/html | suspicious |
Deface/Content modification. The following signature was found: Hacked By ...[638 bytes skipped]... br/><font face="monospace" color="Red" size="6" id="ss"> <b><h3>إسباÙÙا إرØÙÙ : سبتة ÙÙ ÙÙÙÙØ© ٠غربÙتاÙ<br> Go out spain : Ceuta and Melilla Moroccan Cities<br> Ve por España: Ceuta y Melilla de Marruecos las ciudades </h3></b></font> <font face="monospace" color="white" size="5"> <b> </p> <b>Hacked By <a href="https://www.facebook.com/MghribyTaaaaalMoot" target="_blank" id="link" onclick="return confirm('Welcome In My page On Facebook!!');"><font color="#000BFF"><br>Mr.Data && GHOST07v </font></b></a><br><br> </font> </b><br> <p align="center"><object width="425" height="355" autostart="true"><param name="movie" value=" http://www.youtube.com/v/9NbZWBCKzCM&autoplay=1 ...[748 bytes skipped]... | ||
http://casanovillo.com/test404page.js | 404 Not Found Content-Length: 1363 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: casanovillo.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Wed, 20 Aug 2014 03:23:23 GMT
Accept-Ranges: bytes
ETag: "20f5f784-6ff-4feaab467f285"
Server: Apache
Content-Length: 1791
Content-Type: text/html
Last-Modified: Mon, 21 Jul 2014 02:17:11 GMT
...1791 bytes of data.
GET / HTTP/1.1
Host: casanovillo.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Wed, 20 Aug 2014 03:23:23 GMT
Accept-Ranges: bytes
ETag: "20f5f784-6ff-4feaab467f285"
Server: Apache
Content-Length: 1791
Content-Type: text/html
Last-Modified: Mon, 21 Jul 2014 02:17:11 GMT
...1791 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: casanovillo.com
Referer: http://www.google.com/search?q=casanovillo.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: casanovillo.com
Referer: http://www.google.com/search?q=casanovillo.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=casanovillo.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://casanovillo.com/
Result: casanovillo.com is not infected or malware details are not published yet.
Result: casanovillo.com is not infected or malware details are not published yet.