Scanned pages/files
Request | Server response | Status |
http://davmar38.com/ | 200 OK Content-Length: 2757 Content-Type: text/html | suspicious |
Deface/Content modification. The following signature was found: [!] HaCkEd By farsawi.x [!] ...[305 bytes skipped]... /> <link href="http://fonts.googleapis.com/css?family=Iceland" rel="stylesheet" type="text/css"> <style>body{cursor:url("http://www.madleets.com/elhacker.cur"),auto;}html{display:table;height:100%;width:100%;}body{display:table-row;}body{display:table-cell;vertical-align:middle;text-align:center;}a:link{text-decoration:none;}</style> <title>[!] HaCkEd By farsawi.x [!]</title> </head> <body style="background-image: url(http://i1004.photobucket.com/albums/af163/imnu11/openbg.gif); background-color: rgb(255, 255, 255);"> <p> <br> </p> <p> </p> <p> <font style="text-shadow: rgb(0, 0, 0) 0px 1px 5px;" color="#00ffff" face="Iceland" size="6"><span style="color: rgb(51 ...[2385 bytes skipped]... | ||
http://davmar38.com/test404page.js | 404 Not Found Content-Length: 460 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: davmar38.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Tue, 30 Jun 2015 22:26:01 GMT
Server: Apache/2.2.29 (Unix) mod_ssl/2.2.29 OpenSSL/1.0.1e-fips mod_bwlimited/1.4
Content-Type: text/html
X-Powered-By: PHP/5.4.35
GET / HTTP/1.1
Host: davmar38.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Tue, 30 Jun 2015 22:26:01 GMT
Server: Apache/2.2.29 (Unix) mod_ssl/2.2.29 OpenSSL/1.0.1e-fips mod_bwlimited/1.4
Content-Type: text/html
X-Powered-By: PHP/5.4.35
Second query (visit from search engine):
GET / HTTP/1.1
Host: davmar38.com
Referer: http://www.google.com/search?q=davmar38.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: davmar38.com
Referer: http://www.google.com/search?q=davmar38.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=davmar38.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://davmar38.com/
Result: davmar38.com is not infected or malware details are not published yet.
Result: davmar38.com is not infected or malware details are not published yet.