Scanned pages/files
Request | Server response | Status |
http://gofunben.com/ | 200 OK Content-Length: 7919 Content-Type: text/html | suspicious |
Deface/Content modification. The following signature was found: HaCKeD By PaWL ...[1647 bytes skipped]... bkit-animation-iteration-count: 2;}</style> <style> .style4 { font-size: 30px; text-shadow: 0 0 15px #fff, 0 0 20px #fff, 0 0 30px #fff, 0 0 40px #fff ; } </style> <meta name="keywords" content=" HaCKeD By PaWL"> <meta name="description" content="HaCKeD By PaWL"> <link rel="SHORTCUT ICON" href="http://defaced.com.nu/dir/images/zombie-icon.gif"> <style> .shakeimage{ position:relative } </style> ...[7337 bytes skipped]... | ||
http://gofunben.com/test404page.js | 404 Not Found Content-Length: 39 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: gofunben.com
Result:
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Fri, 05 Sep 2014 00:49:35 GMT
Pragma: no-cache
Server: Apache/2.0.52 (Red Hat)
Content-Length: 7919
Content-Type: text/html
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Set-Cookie: PHPSESSID=ce474f6781ff7240a5cff5546c083623; path=/
X-Powered-By: PHP/5.2.2
...7919 bytes of data.
GET / HTTP/1.1
Host: gofunben.com
Result:
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Fri, 05 Sep 2014 00:49:35 GMT
Pragma: no-cache
Server: Apache/2.0.52 (Red Hat)
Content-Length: 7919
Content-Type: text/html
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Set-Cookie: PHPSESSID=ce474f6781ff7240a5cff5546c083623; path=/
X-Powered-By: PHP/5.2.2
...7919 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: gofunben.com
Referer: http://www.google.com/search?q=gofunben.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: gofunben.com
Referer: http://www.google.com/search?q=gofunben.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=gofunben.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://gofunben.com/
Result: gofunben.com is not infected or malware details are not published yet.
Result: gofunben.com is not infected or malware details are not published yet.