Scanned pages/files
Request | Server response | Status |
http://chocolat-lait.com/ | 200 OK Content-Length: 1538 Content-Type: text/html | suspicious |
Deface/Content modification. The following signature was found: ::::HACKED BY NIGHTMARE:::: <html>
<head><title>::::HACKED BY NIGHTMARE::::</title></head> <body bgcolor="black"> <object data="http://www.fbvideo.16mb.com/files/player_mp3.swf" width="0" height="0" type="application/x-shockwave-flash"> <param value="#ffffff" name="bgcolor"><br /> <param value="mp3=http://www.fbvideo.16mb.com/files/bgmusic.MP3&loop=1&autoplay=1&volume=125" name="FlashVars"> </object> ...[1613 bytes skipped]... | ||
http://h1.flashvortex.com/display.php?id=2_1377525381_32797_364_0_486_91_9_1_79 | 200 OK Content-Length: 829 Content-Type: text/html | clean |
http://h1.flashvortex.com/test404page.js | 404 Not Found Content-Length: 212 Content-Type: text/html | clean |
http://static.websimages.com/static/global/js/webs/usersites/escort.js | 200 OK Content-Length: 9010 Content-Type: application/javascript | clean |
http://jk.revolvermaps.com/2/1.js?i=az7x3hrcm5c&s=220&m=0&v=false&r=false&b=000000&n=false&c=ff0000 | 200 OK Content-Length: 2146 Content-Type: application/javascript | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: chocolat-lait.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Thu, 20 Aug 2015 00:49:33 GMT
Server: Apache
Content-Type: text/html
X-Powered-By: PHP/5.2.17
GET / HTTP/1.1
Host: chocolat-lait.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Thu, 20 Aug 2015 00:49:33 GMT
Server: Apache
Content-Type: text/html
X-Powered-By: PHP/5.2.17
Second query (visit from search engine):
GET / HTTP/1.1
Host: chocolat-lait.com
Referer: http://www.google.com/search?q=chocolat-lait.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: chocolat-lait.com
Referer: http://www.google.com/search?q=chocolat-lait.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=chocolat-lait.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://chocolat-lait.com/
Result: chocolat-lait.com is not infected or malware details are not published yet.
Result: chocolat-lait.com is not infected or malware details are not published yet.