Scanned pages/files
Request | Server response | Status |
http://dimitrihorta.net/ | 200 OK Content-Length: 1604 Content-Type: text/html | suspicious |
Deface/Content modification. The following signature was found: HACKED BY : HESSAM-X ...[222 bytes skipped]... <meta http-equiv="Content-Type" content="text/html; charset=windows-1252"> <title>H A C K E D</title> </head> <body bgcolor="#000000" text="#FFFFFF"> <p align="center"><b><font style="font-size: 70pt" face="Impact"> <font color="#FF0000">H</font> A C K E D !<br> </font><font color="#FF0000" size="2" face="Tahoma">HACKED BY : HESSAM-X</font></b></p> <p align="center"><font size="2" face="Tahoma">we are :<b> f0rk_z ; s3rv3r_h4ck3r ; Hessam-x</b></font></p> <p align="center"><font size="7" face="Impact, Haettenschweiler, Verdana"> <strong><font color="#ffffff" size="1" face="Tahoma">Pay your Debt! - </font><font size="1" face="Tahoma">o</font><font color="#ffffff" size="1" face="Tahoma"> ...[1000 bytes skipped]... | ||
http://dimitrihorta.net/test404page.js | 404 Not Found Content-Length: 962 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: dimitrihorta.net
Result:
HTTP/1.1 200 OK
Connection: close
Date: Wed, 17 Dec 2014 01:32:15 GMT
ETag: W/"25d6039-644-50a3ae9f3c040"
Server: cloudflare-nginx
Vary: Accept-Encoding
Content-Type: text/html
Last-Modified: Mon, 15 Dec 2014 05:57:13 GMT
CF-RAY: 199f5da6c46c0ae4-WAW
Set-Cookie: __cfduid=ddecda022b39d44c4320cb5a9af97b6601418779935; expires=Thu, 17-Dec-15 01:32:15 GMT; path=/; domain=.dimitrihorta.net; HttpOnly
X-Powered-By: PleskLin
GET / HTTP/1.1
Host: dimitrihorta.net
Result:
HTTP/1.1 200 OK
Connection: close
Date: Wed, 17 Dec 2014 01:32:15 GMT
ETag: W/"25d6039-644-50a3ae9f3c040"
Server: cloudflare-nginx
Vary: Accept-Encoding
Content-Type: text/html
Last-Modified: Mon, 15 Dec 2014 05:57:13 GMT
CF-RAY: 199f5da6c46c0ae4-WAW
Set-Cookie: __cfduid=ddecda022b39d44c4320cb5a9af97b6601418779935; expires=Thu, 17-Dec-15 01:32:15 GMT; path=/; domain=.dimitrihorta.net; HttpOnly
X-Powered-By: PleskLin
Second query (visit from search engine):
GET / HTTP/1.1
Host: dimitrihorta.net
Referer: http://www.google.com/search?q=dimitrihorta.net
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: dimitrihorta.net
Referer: http://www.google.com/search?q=dimitrihorta.net
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=dimitrihorta.net
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://dimitrihorta.net/
Result: dimitrihorta.net is not infected or malware details are not published yet.
Result: dimitrihorta.net is not infected or malware details are not published yet.