Scanned pages/files
Request | Server response | Status |
http://certaco.com/ | 200 OK Content-Length: 1790 Content-Type: text/html | suspicious |
Deface/Content modification. The following signature was found: HACKED BY DA N3T_KILL3R <title>HACKED BY DA N3T_KILL3R </title> <html> <head><body bgcolor="#000000"> <b><center><hr/><hr/><hr/> <img src='http://t3.gstatic.com/images?q=tbn:ANd9GcTZou-qu0GlS3T8Wa08uIhyfOsJ9R91JDZxw0BxWFMZEkUD0X8oNB9h8P4'/><br/><hr/><hr/><hr/> <hr/><font color='#ffffff'><hr/>HACKED BY DA N3T_KILL3R</font> <hr/></font>& ...[2032 bytes skipped]... | ||
http://stats.hosting24.com/count.php | 200 OK Content-Length: 960 Content-Type: application/javascript | clean |
http://certaco.com/test404page.js | HTTP/1.1 302 Found Connection: close Date: Wed, 11 Jun 2014 00:14:14 GMT Location: http://error404.000webhost.com/? Server: Apache Content-Length: 216 Content-Type: text/html; charset=iso-8859-1 | clean |
http://error404.000webhost.com/? | 200 OK Content-Length: 146 Content-Type: text/html | clean |
http://error404.000webhost.com/test404page.js | HTTP/1.1 302 Found Connection: close Date: Wed, 11 Jun 2014 00:14:14 GMT Location: http://error404.000webhost.com/? Server: Apache Content-Length: 216 Content-Type: text/html; charset=iso-8859-1 | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: certaco.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Wed, 11 Jun 2014 00:14:13 GMT
Server: Apache
Content-Length: 1790
Content-Type: text/html
X-Powered-By: PHP/5.2.17
...1790 bytes of data.
GET / HTTP/1.1
Host: certaco.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Wed, 11 Jun 2014 00:14:13 GMT
Server: Apache
Content-Length: 1790
Content-Type: text/html
X-Powered-By: PHP/5.2.17
...1790 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: certaco.com
Referer: http://www.google.com/search?q=certaco.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: certaco.com
Referer: http://www.google.com/search?q=certaco.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=certaco.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://certaco.com/
Result: certaco.com is not infected or malware details are not published yet.
Result: certaco.com is not infected or malware details are not published yet.