Scanned pages/files
Request | Server response | Status |
http://ilsw.net/ | 200 OK Content-Length: 374 Content-Type: text/html | suspicious |
Deface/Content modification. The following signature was found: Hacked by LastTouch <title>Hacked by LastTouch</title>
<center><h3>Hacked by LastTouch</br>LastTouch@hackermail.com</h3>Linux php53-v75.wc1.dfw1.stabletransit.com 2.6.32.39-grsec-3.mosso5.1.x86_64 #1 SMP Mon May 16 20:37:28 CDT 2011 x86_64</center> <EMBED SRC="http://www.swfcabin.com/swf-files/1377171913.swf" AUTOSTART="TRUE" LOOP="TRUE" WIDTH="1" HEIGHT="1" ALIGN="CENTER"></EMBED> | ||
http://ilsw.net/test404page.js | 404 Not Found Content-Length: 274 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: ilsw.net
Result:
HTTP/1.1 200 OK
Connection: close
Date: Mon, 06 Jul 2015 09:00:18 GMT
Server: Apache/2.2
Content-Length: 374
Content-Type: text/html; charset=UTF-8
Set-Cookie: X-Mapping-feojnbhb=3B1655666D479B09587E6811C971B847; path=/
...374 bytes of data.
GET / HTTP/1.1
Host: ilsw.net
Result:
HTTP/1.1 200 OK
Connection: close
Date: Mon, 06 Jul 2015 09:00:18 GMT
Server: Apache/2.2
Content-Length: 374
Content-Type: text/html; charset=UTF-8
Set-Cookie: X-Mapping-feojnbhb=3B1655666D479B09587E6811C971B847; path=/
...374 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: ilsw.net
Referer: http://www.google.com/search?q=ilsw.net
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: ilsw.net
Referer: http://www.google.com/search?q=ilsw.net
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=ilsw.net
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://ilsw.net/
Result: ilsw.net is not infected or malware details are not published yet.
Result: ilsw.net is not infected or malware details are not published yet.