Scanned pages/files
| Request | Server response | Status |
http://gs-construction.com/ | 200 OK Content-Length: 3032 Content-Type: text/html | clean |
http://gs-construction.com/smooth-gallery-2/scripts/mootools.v1.11.js | 200 OK Content-Length: 34840 Content-Type: text/javascript | clean |
http://gs-construction.com/smooth-gallery-2/scripts/jd.gallery.js | 200 OK Content-Length: 24743 Content-Type: text/javascript | clean |
http://gs-construction.com/portfolio/index.php | 200 OK Content-Length: 2051 Content-Type: text/html | clean |
http://gs-construction.com/portfolio/../smooth-gallery-2/scripts/mootools.v1.11.js | 200 OK Content-Length: 34840 Content-Type: text/javascript | clean |
http://gs-construction.com/portfolio/../js/nav.js | 200 OK Content-Length: 1346 Content-Type: text/javascript | clean |
http://gs-construction.com/portfolio/../js/portfolio_main.js | 200 OK Content-Length: 4097 Content-Type: text/javascript | clean |
http://gs-construction.com/breaking-ground/index.html | 200 OK Content-Length: 2077 Content-Type: text/html | clean |
http://gs-construction.com/breaking-ground/../smooth-gallery-2/scripts/mootools.v1.11.js | 200 OK Content-Length: 34840 Content-Type: text/javascript | clean |
http://gs-construction.com/breaking-ground/../js/nav.js | 200 OK Content-Length: 1346 Content-Type: text/javascript | clean |
http://gs-construction.com/resources/index.html | 200 OK Content-Length: 1921 Content-Type: text/html | suspicious |
Deface/Content modification. The following signature was found: Hacked By d2mysilent ...[1377 bytes skipped]... t;Company Info</a></li> <li><a href="/contact/index.html">Contact Us</a></li> </div> <div id="top_bar_left"></div> <div id="center"> <div id="rsc_content"> <h1>Resources</h1> <div id="downloads" class="text_page_section"> <h3>Hacked By d2mysilent</h3> <ul> </ul> <div class="accent"></div> </div> <div id="links" class="text_page_section"> <h3>Hacked By d2mysilent</h3> <ul> </ul> <div class="accent"></div> ...[295 bytes skipped]... | ||
http://gs-construction.com/resources/../smooth-gallery-2/scripts/mootools.v1.11.js | 200 OK Content-Length: 34840 Content-Type: text/javascript | clean |
http://gs-construction.com/resources/../js/nav.js | 200 OK Content-Length: 1346 Content-Type: text/javascript | clean |
http://gs-construction.com/company-info/index.html | 200 OK Content-Length: 1947 Content-Type: text/html | clean |
http://gs-construction.com/company-info/../smooth-gallery-2/scripts/mootools.v1.11.js | 200 OK Content-Length: 34840 Content-Type: text/javascript | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: gs-construction.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Tue, 02 Jun 2015 00:46:02 GMT
Server: Apache
Content-Length: 3032
Content-Type: text/html
X-Powered-By: PleskLin
...3032 bytes of data.
GET / HTTP/1.1
Host: gs-construction.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Tue, 02 Jun 2015 00:46:02 GMT
Server: Apache
Content-Length: 3032
Content-Type: text/html
X-Powered-By: PleskLin
...3032 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: gs-construction.com
Referer: http://www.google.com/search?q=gs-construction.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: gs-construction.com
Referer: http://www.google.com/search?q=gs-construction.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=gs-construction.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://gs-construction.com/
Result: gs-construction.com is not infected or malware details are not published yet.
Result: gs-construction.com is not infected or malware details are not published yet.