Scanned pages/files
Request | Server response | Status |
http://firedamagecolumbus.com/ | 200 OK Content-Length: 4261 Content-Type: text/html | suspicious |
Deface/Content modification. The following signature was found: HACKED BY BALA SNIPER ...[213 bytes skipped]... -media.net\']);_gaq.push([\'_setAllowLinker\',true]);_gaq.push([\'_trackPageview\']);(function(){var ga=document.createElement(\'script\');ga.type=\'text/javascript\';ga.async=true;ga.src=\'http://www.google-analytics.com/ga.js\';var s=document.getElementsByTagName(\'script\')[0];s.parentNode.insertBefore(ga,s);})();}</script></body></html> <meta charset=\"utf-8\"/> <title>HACKED BY BALA SNIPER </title> <meta name=\"description\" content=\"HACKED BY BALA SNIPER\"> <META NAME=\"description\" CONTENT=\"Xvirus Team\"> <META NAME=\"keywords\" CONTENT=\"Hacker Kurdistan\"> <META NAME=\"robot\" CONTENT=\"index,follow\"> <META NAME=\"copyright\" CONTENT=\"Copyright 2015\"> <META NAME=\"author\" CONTENT=\"no-c0de\"> <META NAME=\"language\" CONTENT=\"English\"> <META N ...[4098 bytes skipped]... | ||
http://firedamagecolumbus.com/test404page.js | 200 OK Content-Length: 4261 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: firedamagecolumbus.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Thu, 26 Nov 2015 21:53:30 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: text/html
GET / HTTP/1.1
Host: firedamagecolumbus.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Thu, 26 Nov 2015 21:53:30 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: text/html
Second query (visit from search engine):
GET / HTTP/1.1
Host: firedamagecolumbus.com
Referer: http://www.google.com/search?q=firedamagecolumbus.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: firedamagecolumbus.com
Referer: http://www.google.com/search?q=firedamagecolumbus.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=firedamagecolumbus.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://firedamagecolumbus.com/
Result: firedamagecolumbus.com is not infected or malware details are not published yet.
Result: firedamagecolumbus.com is not infected or malware details are not published yet.