Scanned pages/files
Request | Server response | Status |
http://generatenow.com/ | 200 OK Content-Length: 5379 Content-Type: text/html | suspicious |
Deface/Content modification. The following signature was found: Hacked by Moroccan wolf ...[1146 bytes skipped]... k.com/hackblack.team?fref=ts;width=245&colorscheme=light&show_faces=true&connections=9&stream=false&header=false&height=270" scrolling="no" frameborder="0" scrolling="no" style="border: medium none; overflow: hidden; height: 270px; width: 245px;background:#fff;"></iframe></div></div> <html> <title>Hacked by Moroccan wolf</title> <script language="JavaScript"> <!--// //Scrolling Status Bar putmsg="==Hacked by Moroccan wolf =="; letchar2="+==o0o==+"; letchar1="+==o0o==+";ultimo1=letchar1.length-1; ultimo2=letchar2.length-1; ultimo2=letchar2.length-1; tiempo=setTimeout("stat_scroll()",.1); function stat_scroll() { aux1=letchar1.charAt(ultimo1-1); letchar1=aux1+letchar1.substring(0,ultimo1-1); aux2=letchar2 ...[4113 bytes skipped]... | ||
http://generatenow.com/test404page.js | 404 Not Found Content-Length: 293 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: generatenow.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Sun, 02 Nov 2014 15:49:36 GMT
Server: Apache/2.2.22 (Debian)
Vary: Accept-Encoding
Content-Length: 5379
Content-Type: text/html
X-Powered-By: PHP/5.4.4-14+deb7u14
...5379 bytes of data.
GET / HTTP/1.1
Host: generatenow.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Sun, 02 Nov 2014 15:49:36 GMT
Server: Apache/2.2.22 (Debian)
Vary: Accept-Encoding
Content-Length: 5379
Content-Type: text/html
X-Powered-By: PHP/5.4.4-14+deb7u14
...5379 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: generatenow.com
Referer: http://www.google.com/search?q=generatenow.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: generatenow.com
Referer: http://www.google.com/search?q=generatenow.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=generatenow.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://generatenow.com/
Result: generatenow.com is not infected or malware details are not published yet.
Result: generatenow.com is not infected or malware details are not published yet.