Scanned pages/files
Request | Server response | Status |
http://gunhelmet.com/ | HTTP/1.1 301 Moved Permanently Connection: close Date: Fri, 19 Dec 2014 08:57:23 GMT Location: http://www.gunhelmet.com/ Server: Apache Vary: Accept-Encoding Content-Length: 233 Content-Type: text/html; charset=iso-8859-1 | clean |
http://www.gunhelmet.com/ | 200 OK Content-Length: 1263 Content-Type: text/html | suspicious |
Deface/Content modification. The following signature was found: Hacked by Venture ...[83 bytes skipped]... <font color="RED" face="gothic" size="5"> <embed src="https://www.youtube.com/v/FX2R66LXLIU&autoplay=1" type="application/x-shockwave-flash" wmode="transparent" width="1" height="1"></embed> <link rel="shortcut icon" href="http://2.bp.blogspot.com/-2PIMF0CttcM/UgK3ioH2g0I/AAAAAAAACYQ/qEm1unbaJOE/s1600/BGHH.png" type="image/x-icon" /> <title> Hacked by Venture </title></head> <body background="http://www.madtomatoe.com/wp-content/uploads/2010/11/matrix-animated-image.gif"></body> <center><h1 style=color:red;>Do Some security Improvements On your Website </h1><h2 style=color:green;>its not my fault that your website was <h2 style=color:white;> H@cked By V3N7UR3 </h4> </h1><h2 style=color:Blue;>***** "-" Bangladesh Grey Hat Hackers "-" ***** ...[504 bytes skipped]... | ||
http://www.gunhelmet.com/test404page.js | 404 Not Found Content-Length: 331 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: gunhelmet.com
Result:
HTTP/1.1 301 Moved Permanently
Connection: close
Date: Fri, 19 Dec 2014 08:57:23 GMT
Location: http://www.gunhelmet.com/
Server: Apache
Vary: Accept-Encoding
Content-Length: 233
Content-Type: text/html; charset=iso-8859-1
...233 bytes of data.
GET / HTTP/1.1
Host: gunhelmet.com
Result:
HTTP/1.1 301 Moved Permanently
Connection: close
Date: Fri, 19 Dec 2014 08:57:23 GMT
Location: http://www.gunhelmet.com/
Server: Apache
Vary: Accept-Encoding
Content-Length: 233
Content-Type: text/html; charset=iso-8859-1
...233 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: gunhelmet.com
Referer: http://www.google.com/search?q=gunhelmet.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: gunhelmet.com
Referer: http://www.google.com/search?q=gunhelmet.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=gunhelmet.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://gunhelmet.com/
Result: gunhelmet.com is not infected or malware details are not published yet.
Result: gunhelmet.com is not infected or malware details are not published yet.