Scanned pages/files
Request | Server response | Status |
http://falcons-ksa.com/ | 200 OK Content-Length: 8461 Content-Type: text/html | clean |
http://falcons-ksa.com/Scripts/AC_RunActiveContent.js | 200 OK Content-Length: 8321 Content-Type: application/x-javascript | clean |
http://falcons-ksa.com/aboutus.html | 200 OK Content-Length: 10138 Content-Type: text/html | clean |
http://falcons-ksa.com/services.html | 200 OK Content-Length: 15449 Content-Type: text/html | clean |
http://falcons-ksa.com/clients.php | 200 OK Content-Length: 10180 Content-Type: text/html | suspicious |
Deface/Content modification. The following signature was found: Hacked By Hexlook ...[6303 bytes skipped]... adding="1" cellspacing="1" bgcolor="#EBEBEB"> <tr> <th width="96%" bgcolor="#B5B5B5" class="style8" scope="col"><div align="left"><strong>Client Details</strong></div></th> </tr> <tr> <td align="left" bgcolor="#FFFFFF"><span class="style10">Hacked By Hexlook</span></td> </tr> <tr> <td align="left" bgcolor="#FFFFFF"><span class="style10">SAUDI TECHINT LTD.</span></td> </tr> <tr> <td align="left" bgcolor="#FFFFFF"><span class="style10">ABDULLAH H. AL-SHUWAYER SONS CO.</span></td> &l ...[5379 bytes skipped]... | ||
http://falcons-ksa.com/clients.php?PageNo=2 | 200 OK Content-Length: 9289 Content-Type: text/html | clean |
http://falcons-ksa.com/clients.php?PageNo=1 | 200 OK Content-Length: 10180 Content-Type: text/html | clean |
http://falcons-ksa.com/jobs.php | 200 OK Content-Length: 10822 Content-Type: text/html | clean |
http://falcons-ksa.com/applyforjob.php?jid=Hacked By Hexlook | 200 OK Content-Length: 15509 Content-Type: text/html | clean |
http://falcons-ksa.com/contact.html | 200 OK Content-Length: 8599 Content-Type: text/html | clean |
http://falcons-ksa.com/test404page.js | 404 Not Found Content-Length: 5211 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: falcons-ksa.com
Result:
HTTP/1.1 200 OK
Date: Thu, 21 Aug 2014 10:56:47 GMT
Accept-Ranges: bytes
ETag: "4dccf671c91fce1:0"
Server: Microsoft-IIS/7.5
Content-Length: 8461
Content-Type: text/html
Last-Modified: Wed, 13 Mar 2013 09:02:10 GMT
X-Powered-By: ASP.NET
X-Powered-By-Plesk: PleskWin
...8461 bytes of data.
GET / HTTP/1.1
Host: falcons-ksa.com
Result:
HTTP/1.1 200 OK
Date: Thu, 21 Aug 2014 10:56:47 GMT
Accept-Ranges: bytes
ETag: "4dccf671c91fce1:0"
Server: Microsoft-IIS/7.5
Content-Length: 8461
Content-Type: text/html
Last-Modified: Wed, 13 Mar 2013 09:02:10 GMT
X-Powered-By: ASP.NET
X-Powered-By-Plesk: PleskWin
...8461 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: falcons-ksa.com
Referer: http://www.google.com/search?q=falcons-ksa.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: falcons-ksa.com
Referer: http://www.google.com/search?q=falcons-ksa.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=falcons-ksa.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://falcons-ksa.com/
Result: falcons-ksa.com is not infected or malware details are not published yet.
Result: falcons-ksa.com is not infected or malware details are not published yet.