Scanned pages/files
Request | Server response | Status |
http://deltabeautyware.com/ | 200 OK Content-Length: 55685 Content-Type: text/html | suspicious |
Deface/Content modification. The following signature was found: Hacked By BHA ...[48535 bytes skipped]... t"> <!-- page about begin here --> <div style="display: block;" class="box left" id="about"> <div style="overflow: hidden; padding: 0px; width: 570px;" class="box-content"> <div style="width: 570px; height: 390px;" class="jspContainer"><div style="padding: 0px 30px; top: 0px; width: 510px;" class="jspPane"><h3>Hacked By BHA</h3><p class="sub">Hacking For The Freedom</p><p> </p><p> Group : BL4CK H4T AR3A</p><p> Country : Myanmar</p><p> Hacker Type : BL4CK Hat Hacker</p><p>We are || Sql inject0r || mr.Rh!n0 || Bl4ck Jump3r || BL4CK-K!ll3R || Myanmar Hax0r || Z3r0 sp@c3 || X~Gh0st || Mr.B14nk || Script Injector || BL4CK G!ANT || </p></div></div></div> </div> <!-- page about end ...[11816 bytes skipped]... | ||
http://deltabeautyware.com/index_files/jquery-1.js | 200 OK Content-Length: 91669 Content-Type: application/javascript | clean |
http://deltabeautyware.com/index_files/cufon-yui.js | 200 OK Content-Length: 18258 Content-Type: application/javascript | clean |
http://deltabeautyware.com/index_files/Yanone_Kaffeesatz_400-700.js | 200 OK Content-Length: 54966 Content-Type: application/javascript | clean |
http://deltabeautyware.com/index_files/jquery_003.js | 200 OK Content-Length: 24867 Content-Type: application/javascript | clean |
http://deltabeautyware.com/index_files/jquery_008.js | 200 OK Content-Length: 27151 Content-Type: application/javascript | clean |
http://deltabeautyware.com/index_files/jquery_004.js | 200 OK Content-Length: 6297 Content-Type: application/javascript | clean |
http://deltabeautyware.com/index_files/jquery_002.js | 200 OK Content-Length: 4824 Content-Type: application/javascript | clean |
http://deltabeautyware.com/index_files/jquery.js | 200 OK Content-Length: 2235 Content-Type: application/javascript | clean |
http://deltabeautyware.com/index_files/jquery_007.js | 200 OK Content-Length: 44500 Content-Type: application/javascript | clean |
http://deltabeautyware.com/index_files/jquery_005.js | 200 OK Content-Length: 4866 Content-Type: application/javascript | clean |
http://deltabeautyware.com/index_files/jquery_006.js | 200 OK Content-Length: 3104 Content-Type: application/javascript | clean |
http://deltabeautyware.com/index_files/custom.js | 200 OK Content-Length: 8192 Content-Type: application/javascript | clean |
http://deltabeautyware.com/index_files/2084472262-widgets.js | 200 OK Content-Length: 85005 Content-Type: application/javascript | clean |
http://deltabeautyware.com/test404page.js | 404 Not Found Content-Length: 495 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: deltabeautyware.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Sun, 12 Oct 2014 09:13:28 GMT
Server: Apache/2.2.26 (Unix) mod_ssl/2.2.26 OpenSSL/1.0.1e-fips mod_bwlimited/1.4 mod_perl/2.0.6 Perl/v5.10.1
Content-Type: text/html
X-Powered-By: PHP/5.3.27
GET / HTTP/1.1
Host: deltabeautyware.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Sun, 12 Oct 2014 09:13:28 GMT
Server: Apache/2.2.26 (Unix) mod_ssl/2.2.26 OpenSSL/1.0.1e-fips mod_bwlimited/1.4 mod_perl/2.0.6 Perl/v5.10.1
Content-Type: text/html
X-Powered-By: PHP/5.3.27
Second query (visit from search engine):
GET / HTTP/1.1
Host: deltabeautyware.com
Referer: http://www.google.com/search?q=deltabeautyware.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: deltabeautyware.com
Referer: http://www.google.com/search?q=deltabeautyware.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=deltabeautyware.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://deltabeautyware.com/
Result: deltabeautyware.com is not infected or malware details are not published yet.
Result: deltabeautyware.com is not infected or malware details are not published yet.