Scanned pages/files
| Request | Server response | Status |
http://hiltonhomes.ca/ | 200 OK Content-Length: 1904 Content-Type: text/html | suspicious |
Deface/Content modification. The following signature was found: haCked by Eitaro Attacker <html>
<head> <title>\!/ Eitaro Attacker \!/</title> <meta name="description" content="[Eitaro Attacker]"> <meta name="keywords" content="haCked by Eitaro Attacker"> <link rel="SHORTCUT ICON" href="http://goo.gl/fxSiWg"/> <link href='http://fonts.googleapis.com/css?family=Ubuntu+Mono:400,700' rel='stylesheet' type='text/css'> <meta content="http://82.145.48.106/~index/qwerty.png" property="og:image" /> </script> <style type="text/css"> BODY { background: url(http://3.bp.blogspot.com/-zTZCutcM6u4/Uhh_3bn7wvI/AAAAAAAAB2c ...[1742 bytes skipped]... | ||
http://hiltonhomes.ca/test404page.js | HTTP/1.1 404 Not Found Connection: close Date: Mon, 29 Sep 2014 13:44:36 GMT Accept-Ranges: bytes Server: Apache Content-Length: 124 Content-Type: text/html | clean |
http://templates.doteasy.com/errorpages/error404/ | 200 OK Content-Length: 10599 Content-Type: text/html | clean |
http://ajax.googleapis.com/ajax/libs/jquery/1.8.2/jquery.min.js | 200 OK Content-Length: 93435 Content-Type: text/javascript | clean |
http://hiltonhomes.ca/js/selectBox/jquery.selectBox.min.js | HTTP/1.1 404 Not Found Connection: close Date: Mon, 29 Sep 2014 13:44:37 GMT Accept-Ranges: bytes Server: Apache Content-Length: 124 Content-Type: text/html | clean |
http://templates.doteasy.com/test404page.js | 404 Not Found Content-Length: 1245 Content-Type: text/html | clean |
http://hiltonhomes.ca/js/jquery.watermark.min.js | HTTP/1.1 404 Not Found Connection: close Date: Mon, 29 Sep 2014 13:44:38 GMT Accept-Ranges: bytes Server: Apache Content-Length: 124 Content-Type: text/html | clean |
http://hiltonhomes.ca/js/fancybox/jquery.fancybox.js | HTTP/1.1 404 Not Found Connection: close Date: Mon, 29 Sep 2014 13:44:39 GMT Accept-Ranges: bytes Server: Apache Content-Length: 124 Content-Type: text/html | clean |
http://hiltonhomes.ca/js/fancybox/helpers/jquery.fancybox-media.js | HTTP/1.1 404 Not Found Connection: close Date: Mon, 29 Sep 2014 13:44:39 GMT Accept-Ranges: bytes Server: Apache Content-Length: 124 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: hiltonhomes.ca
Result:
HTTP/1.1 200 OK
Cache-Control: no-cache
Connection: close
Date: Mon, 29 Sep 2014 13:44:34 GMT
Pragma: no-cache
Server: Apache
Content-Length: 1904
Content-Type: text/html; charset=utf-8
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Set-Cookie: c9f180052c406a398a878c236e8508f8=6917ca21f7f32b06d4bd28bf547df433; path=/
X-Powered-By: PHP/5.3.28
...1904 bytes of data.
GET / HTTP/1.1
Host: hiltonhomes.ca
Result:
HTTP/1.1 200 OK
Cache-Control: no-cache
Connection: close
Date: Mon, 29 Sep 2014 13:44:34 GMT
Pragma: no-cache
Server: Apache
Content-Length: 1904
Content-Type: text/html; charset=utf-8
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Set-Cookie: c9f180052c406a398a878c236e8508f8=6917ca21f7f32b06d4bd28bf547df433; path=/
X-Powered-By: PHP/5.3.28
...1904 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: hiltonhomes.ca
Referer: http://www.google.com/search?q=hiltonhomes.ca
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: hiltonhomes.ca
Referer: http://www.google.com/search?q=hiltonhomes.ca
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=hiltonhomes.ca
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://hiltonhomes.ca/
Result: hiltonhomes.ca is not infected or malware details are not published yet.
Result: hiltonhomes.ca is not infected or malware details are not published yet.