Scanned pages/files
Request | Server response | Status |
http://ibach-koop.de/ | 200 OK Content-Length: 302674 Content-Type: text/html | suspicious |
Deface/Content modification. The following signature was found: Hacked By EvLaT ...[53518 bytes skipped]... nd:url(//www.ibach-haus.com/wp-content/plugins/revslider/rs-plugin/css/../assets/loader.gif) no-repeat 10px 10px;background-color:#fff;margin:-22px -22px;top:50%;left:50%;z-index:10000;position:absolute;width:44px;height:44px;border-radius:3px;-moz-border-radius:3px;-webkit-border-radius:3px}<body style='color: transparent;background-color: black'><center><h1><b style='color: white'><center>Hacked By EvLaT<br>EvLaT-DARKWAR2<p style='color: transparent'>html{min-width:910px}html.responsive{min-width:0}.boxed#top{margin:0 auto;overflow:visible}.container{position:relative;width:100%;margin:0 auto;padding:0 50px;clear:both}.inner-container{position:relative;height:100%;width:100%}.container_wrap{clear:both;position:relative;border-top-style:solid;border-top-width:1px}.unit,.units{float:left;display:inline;margin-left:50px;position:relative;z-index:1;min-height:1px}.ro ...[249299 bytes skipped]... | ||
http://ibach-koop.de/test404page.js | 404 Not Found Content-Length: 302744 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: ibach-koop.de
Result:
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Thu, 08 Oct 2015 12:52:24 GMT
Pragma: no-cache
Server: Apache/2.2.31 (Unix)
Vary: User-Agent,Accept-Encoding
Content-Type: text/html; charset=UTF-8
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Link: <http://www.ibach-haus.com/>; rel=shortlink
Set-Cookie: PHPSESSID=ulev8vks87n7qo50r5ro8288a5; path=/
X-Pingback: http://www.ibach-haus.com/xmlrpc.php
X-Powered-By: W3 Total Cache/0.9.4.1
X-UA-Compatible: IE=edge,chrome=1
GET / HTTP/1.1
Host: ibach-koop.de
Result:
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Thu, 08 Oct 2015 12:52:24 GMT
Pragma: no-cache
Server: Apache/2.2.31 (Unix)
Vary: User-Agent,Accept-Encoding
Content-Type: text/html; charset=UTF-8
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Link: <http://www.ibach-haus.com/>; rel=shortlink
Set-Cookie: PHPSESSID=ulev8vks87n7qo50r5ro8288a5; path=/
X-Pingback: http://www.ibach-haus.com/xmlrpc.php
X-Powered-By: W3 Total Cache/0.9.4.1
X-UA-Compatible: IE=edge,chrome=1
Second query (visit from search engine):
GET / HTTP/1.1
Host: ibach-koop.de
Referer: http://www.google.com/search?q=ibach-koop.de
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: ibach-koop.de
Referer: http://www.google.com/search?q=ibach-koop.de
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=ibach-koop.de
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://ibach-koop.de/
Result: ibach-koop.de is not infected or malware details are not published yet.
Result: ibach-koop.de is not infected or malware details are not published yet.