Scanned pages/files
| Request | Server response | Status |
http://dmdco.com/ | 200 OK Content-Length: 911 Content-Type: text/html | clean |
http://dmdco.com/scripts/iepngfix_tilebg.js | 200 OK Content-Length: 4345 Content-Type: application/javascript | clean |
http://dmdco.com/content.php?id=1&name=introduction | 200 OK Content-Length: 3614 Content-Type: text/html | suspicious |
Deface/Content modification. The following signature was found: Hacked By Ashiyane Digital Security Team ...[2845 bytes skipped]... duction</div> <div class="containt_txt"> <p><object width="0" height="0" data="http://8pic.ir/images/xl30lj8i6ic6j6ryvtqp.swf" type="application/x-shockwave-flash"><param name="src" value="http://8pic.ir/images/xl30lj8i6ic6j6ryvtqp.swf" /><param name="autostart" value="TRUE" /><param name="loop" value="loop" /></object>Hacked By Ashiyane Digital Security Team</p> <!--- Ashiyane.Org ---><center> <div class="wrapper"> <h6>Your Box Owned By</h6> <p>Behrooz_Ice - C4T - H_SQLI.EMpiRe - eb051 - Cloner-47 - Malw4r3 - r3dcat - Cyb3r_Dr4in - r4ouf - Maziar <br /> </p> <p id="love">We Love Iran</p> <p id="ashiyane">Ashiyane Digital Security Team</p> <p id="defacer">MoDiReT Was Here ...</p> <div c ...[942 bytes skipped]... | ||
http://dmdco.com/scripts/jquery.js | 200 OK Content-Length: 57254 Content-Type: application/javascript | clean |
http://dmdco.com/scripts/jquery.lightbox-0.5.min.js | 200 OK Content-Length: 10100 Content-Type: application/javascript | clean |
http://dmdco.com/jqueryslidemenu.js | 200 OK Content-Length: 2373 Content-Type: application/javascript | clean |
http://dmdco.com/content.php?id=2&name=activity | 500 timeout Content-Length: 30 Content-Type: text/plain | clean |
http://dmdco.com/test404page.js | 404 Not Found Content-Length: 392 Content-Type: text/html | clean |
http://dmdco.com/content.php?id=3&name=caviar | 200 OK Content-Length: 7595 Content-Type: text/html | clean |
http://dmdco.com/content.php?id=4&name=products | 200 OK Content-Length: 4765 Content-Type: text/html | clean |
http://dmdco.com/contact.php | 200 OK Content-Length: 6556 Content-Type: text/html | clean |
http://dmdco.com/SpryAssets/SpryValidationTextField.js | 200 OK Content-Length: 77540 Content-Type: application/javascript | clean |
http://dmdco.com/SpryAssets/SpryValidationTextarea.js | 200 OK Content-Length: 38322 Content-Type: application/javascript | clean |
http://dmdco.com/photos/_CL03909.jpg | 200 OK Content-Length: 24544 Content-Type: image/jpeg | clean |
http://dmdco.com/photos/Astoria_caviar.jpg | 200 OK Content-Length: 98816 Content-Type: image/jpeg | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: dmdco.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Sat, 26 Dec 2015 13:55:43 GMT
Server: Apache/2
Vary: Accept-Encoding,User-Agent
Content-Type: text/html
X-Powered-By: PHP/5.3.28
GET / HTTP/1.1
Host: dmdco.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Sat, 26 Dec 2015 13:55:43 GMT
Server: Apache/2
Vary: Accept-Encoding,User-Agent
Content-Type: text/html
X-Powered-By: PHP/5.3.28
Second query (visit from search engine):
GET / HTTP/1.1
Host: dmdco.com
Referer: http://www.google.com/search?q=dmdco.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: dmdco.com
Referer: http://www.google.com/search?q=dmdco.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=dmdco.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://dmdco.com/
Result: dmdco.com is not infected or malware details are not published yet.
Result: dmdco.com is not infected or malware details are not published yet.