Scanned pages/files
Request | Server response | Status |
http://doubledomme.com/ | HTTP/1.1 301 Moved Permanently Connection: close Date: Wed, 17 Sep 2014 00:50:43 GMT Location: http://www.doubledomme.com/ Server: Apache/1.3.42 Ben-SSL/1.60 (Unix) mod_gzip/1.3.26.1a mod_fastcgi/2.4.6 mod_throttle/3.1.2 Chili!Soft-ASP/3.6.2 FrontPage/5.0.2.2635 mod_perl/1.31 PHP/4.4.9 Content-Type: text/html; charset=iso-8859-1 | clean |
http://www.doubledomme.com/ | 200 OK Content-Length: 8305 Content-Type: text/html | suspicious |
Deface/Content modification. The following signature was found: HACKED BY MURKHO MANOB ...[2737 bytes skipped]... t-family: Aclonica; font-size: 57px; border: 1px none rgb(0, 0, 0); padding: 5px; border-spacing: 6px; width: 957px; height: 67px; text-align: center; position: relative; margin: 0px auto; overflow: hidden; word-wrap: break-word; letter-spacing: normal; line-height: normal; font-weight: normal; color: rgb(255, 0, 0); text-shadow: rgb(32, 247, 47) 3px -3px 3px; background-color: transparent;" data-editortype="HTML">HACKED BY MURKHO MANOB</div></div><div id="p1060imageShadow" data-pnelnatrbt="Default 5" data-layertype="image" data-pnelayernumber="1060" data-layeropacity=".80" data-layerfilter="80" data-type="MVBDRW" style="opacity: 1; padding: 2px; margin: 0px; zoom: 1; visibility: visible; border: 1px solid transparent; position: absolute; top: 149px; left: -646.5px; width: 1287px; height: 701px; z-index: 1060; overflow: visible; line-height: normal; background-color: transparent;" data-pn ...[5191 bytes skipped]... | ||
http://www.doubledomme.com/test404page.js | 404 Not Found Content-Length: 75 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: doubledomme.com
Result:
HTTP/1.1 301 Moved Permanently
Connection: close
Date: Wed, 17 Sep 2014 00:50:43 GMT
Location: http://www.doubledomme.com/
Server: Apache/1.3.42 Ben-SSL/1.60 (Unix) mod_gzip/1.3.26.1a mod_fastcgi/2.4.6 mod_throttle/3.1.2 Chili!Soft-ASP/3.6.2 FrontPage/5.0.2.2635 mod_perl/1.31 PHP/4.4.9
Content-Type: text/html; charset=iso-8859-1
GET / HTTP/1.1
Host: doubledomme.com
Result:
HTTP/1.1 301 Moved Permanently
Connection: close
Date: Wed, 17 Sep 2014 00:50:43 GMT
Location: http://www.doubledomme.com/
Server: Apache/1.3.42 Ben-SSL/1.60 (Unix) mod_gzip/1.3.26.1a mod_fastcgi/2.4.6 mod_throttle/3.1.2 Chili!Soft-ASP/3.6.2 FrontPage/5.0.2.2635 mod_perl/1.31 PHP/4.4.9
Content-Type: text/html; charset=iso-8859-1
Second query (visit from search engine):
GET / HTTP/1.1
Host: doubledomme.com
Referer: http://www.google.com/search?q=doubledomme.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: doubledomme.com
Referer: http://www.google.com/search?q=doubledomme.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=doubledomme.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://doubledomme.com/
Result: doubledomme.com is not infected or malware details are not published yet.
Result: doubledomme.com is not infected or malware details are not published yet.