Scanned pages/files
Request | Server response | Status |
http://galaxyvoucher.com/ | 200 OK Content-Length: 3358 Content-Type: text/html | suspicious |
Deface/Content modification. The following signature was found: Hacked By ./H4715 - Pasuruan Hacker Team <style type="text/css">img{opacity:0.5;-webkit-transition:all 250ms ease;-moz-transition:all 250ms ease;-o- transition:all 250ms ease;transition:all 250ms ease;}img:hover{opacity:1;}textarea{resize:none;}</style> <body bgcolor='black'> <center> <title>Hacked By ./H4715 - Pasuruan Hacker Team </title> <HEAD> <meta name="description" content="./H471 - Pasuruan Hacker Team"> <meta name="keywords" content="Hacked by./H471,Hacked by ./H471 , ./H471, ./H471 hacker, Hacked by , Pasuruan Hacker Team"> <a href="https://www.facebook.com/pages/Pasuruan-Hacker-Team/585476431465848" target="_blank"><img id="hantu" style="width:70px;z-index:9; ...[3307 bytes skipped]... | ||
http://galaxyvoucher.com/test404page.js | 200 OK Content-Length: 3358 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: galaxyvoucher.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Mon, 28 Jul 2014 23:07:14 GMT
Server: nginx/1.6.0
Content-Type: text/html
GET / HTTP/1.1
Host: galaxyvoucher.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Mon, 28 Jul 2014 23:07:14 GMT
Server: nginx/1.6.0
Content-Type: text/html
Second query (visit from search engine):
GET / HTTP/1.1
Host: galaxyvoucher.com
Referer: http://www.google.com/search?q=galaxyvoucher.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: galaxyvoucher.com
Referer: http://www.google.com/search?q=galaxyvoucher.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=galaxyvoucher.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://galaxyvoucher.com/
Result: galaxyvoucher.com is not infected or malware details are not published yet.
Result: galaxyvoucher.com is not infected or malware details are not published yet.