Scanned pages/files
Request | Server response | Status |
http://del-gado-lereveamerindien.com/ | 200 OK Content-Length: 7909 Content-Type: text/html | suspicious |
Deface/Content modification. The following signature was found: hacked by silo by by mc_katliam (KURDISH hackers)...! ...[8236 bytes skipped]... else top2 += num3 * -1; if(Math.floor(top2) != -1) document.getElementById(target).style.top = Math.floor(top2); document.getElementById(target).style.top = Math.floor(top2 + 1); setTimeout("fly3('"+target+"',"+lef2+","+num2+","+top2+","+num3+")",50) } } stfly() </SCRIPT> <BODY oncontextmenu="return false;" bgColor=black onunload="alert('hacked by silo by by mc_katliam (KURDISH hackers)...!');" text=#00ff00 vLink=#ff0000 aLink=#00ffff link=#ffff00 bgColor=#000000 onload=writetext();> <embed type="application/x-shockwave-flash" src="http://www.youtube.com/v/GbsfinvpuSU&autoplay=1" width="0" height="0" style="" id="swf_u028099_13" name="swf_u028099_13" bgcolor="#FFFFFF" quality="high" scale="scale" allowfullscreen="true" allowscriptaccess="never" salign="tl" wmode="opaque" fla ...[59 bytes skipped]... | ||
http://del-gado-lereveamerindien.com/test404page.js | 404 Not Found Content-Length: 212 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: del-gado-lereveamerindien.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Sat, 21 Mar 2015 07:16:12 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: text/html
Set-Cookie: 60gpBAK=R1224197954; path=/; expires=Sat, 21-Mar-2015 08:21:10 GMT
Set-Cookie: 60gp=R2337387425; path=/; expires=Sat, 21-Mar-2015 08:21:10 GMT
X-Powered-By: PHP/5.2.17
GET / HTTP/1.1
Host: del-gado-lereveamerindien.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Sat, 21 Mar 2015 07:16:12 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: text/html
Set-Cookie: 60gpBAK=R1224197954; path=/; expires=Sat, 21-Mar-2015 08:21:10 GMT
Set-Cookie: 60gp=R2337387425; path=/; expires=Sat, 21-Mar-2015 08:21:10 GMT
X-Powered-By: PHP/5.2.17
Second query (visit from search engine):
GET / HTTP/1.1
Host: del-gado-lereveamerindien.com
Referer: http://www.google.com/search?q=del-gado-lereveamerindien.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: del-gado-lereveamerindien.com
Referer: http://www.google.com/search?q=del-gado-lereveamerindien.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=del-gado-lereveamerindien.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://del-gado-lereveamerindien.com/
Result: del-gado-lereveamerindien.com is not infected or malware details are not published yet.
Result: del-gado-lereveamerindien.com is not infected or malware details are not published yet.