Scanned pages/files
Request | Server response | Status |
http://clivenorth.co.uk/ | 200 OK Content-Length: 4856 Content-Type: text/html | suspicious |
Deface/Content modification. The following signature was found: Hacked By PhantomGhost ...[4114 bytes skipped]... t;center><img src="http://i1281.photobucket.com/albums/a516/wiracandra48/944720_644711015541904_2021478366_n_zps296002ac.jpg" border="0" alt=" photo 944720_644711015541904_2021478366_n_zps296002ac.jpg"/></a> <style type="text/css"> body {background-color:#000000;} #q {font: 35px Chiller;color:#ff0000;} </style> <td align=center> <div id="q">Hacked By PhantomGhost </div> </td> <center><img src="http://2.bp.blogspot.com/--6f6OW876bE/UYALx2fH_TI/AAAAAAAAE5I/oEldxdYRdJk/s1600/dangdut.gif" height="200" weight="200"/></center> </table> <body bgcolor="black" oncontextmenu="return false;" onkeydown="return false;" onmousedown="return false;" onselectstart="return false" ondragstart="return false"><center> <script language="JavaScript"> } scrollM ...[562 bytes skipped]... | ||
http://tuyulz-blogspot.googlecode.com/files/Anti%20Klik.js | 403 Forbidden Content-Length: 2157 Content-Type: text/html | clean |
http://tuyulz-blogspot.googlecode.com//www.google.com/ | 404 Not Found Content-Length: 1425 Content-Type: text/html | clean |
http://tuyulz-blogspot.googlecode.com/test404page.js | 404 Not Found Content-Length: 1439 Content-Type: text/html | clean |
http://cayunkatel.googlecode.com/files/rainbows.js | 200 OK Content-Length: 2042 Content-Type: text/plain | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: clivenorth.co.uk
Result:
HTTP/1.1 200 OK
Connection: close
Date: Wed, 31 Dec 2014 05:07:23 GMT
Accept-Ranges: bytes
Server: Apache
Content-Length: 4856
Content-Type: text/html
Last-Modified: Sat, 27 Dec 2014 12:19:16 GMT
...4856 bytes of data.
GET / HTTP/1.1
Host: clivenorth.co.uk
Result:
HTTP/1.1 200 OK
Connection: close
Date: Wed, 31 Dec 2014 05:07:23 GMT
Accept-Ranges: bytes
Server: Apache
Content-Length: 4856
Content-Type: text/html
Last-Modified: Sat, 27 Dec 2014 12:19:16 GMT
...4856 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: clivenorth.co.uk
Referer: http://www.google.com/search?q=clivenorth.co.uk
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: clivenorth.co.uk
Referer: http://www.google.com/search?q=clivenorth.co.uk
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=clivenorth.co.uk
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://clivenorth.co.uk/
Result: clivenorth.co.uk is not infected or malware details are not published yet.
Result: clivenorth.co.uk is not infected or malware details are not published yet.