Scanned pages/files
Request | Server response | Status |
http://investasicondotel.com/ | 200 OK Content-Length: 1588 Content-Type: text/html | suspicious |
Hidden iFrame found. size: 1x1 src: http://www.youtube.com/v/ym8jjy4fy-m?version=3&autoplay=1&loop=1&playlist=hio1fhy_3hm <iframe width="1" height="1" src="http://www.youtube.com/v/ym8jjy4fy-m?version=3&autoplay=1&loop=1&playlist=hio1fhy_3hm" frameborder="0" allowfullscreen> Deface/Content modification. The following signature was found: Hacked By ph@ntom~l@dy7 <html>
<head> <title>ph@ntom~l@dy7</title> <link rel="SHORTCUT ICON" href="https://scontent-a-sin.xx.fbcdn.net/hphotos-xfa1/v/t1.0-9/10626595_617041318410500_2528166039057785471_n.png?oh=5c73ff2fe756a05b3b7eecafbe046063&oe=549BC06A"> <meta content='Hacked By ph@ntom~l@dy7' name='description'/> <meta content='Hacked By ph@ntom~l@dy7' name='keywords'/> <meta content='Hacked By ph@ntom~l@dy7' name='Abstract'/> </head> <style type="text/css"> body {background:black; color:#FFFFFF; text-decoration:none; font-family:Concert One; font-size:16px;} img {opacity:0.5;} img:hover {opacity:1;} a {text-decoration:none; color:#FFFFFF;} a: ...[1158 bytes skipped]... | ||
http://investasicondotel.com/test404page.js | 404 Not Found Content-Length: 331 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: investasicondotel.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Sat, 22 Nov 2014 04:18:04 GMT
Server: Apache
Content-Type: text/html
X-Powered-By: PHP/5.3.27
GET / HTTP/1.1
Host: investasicondotel.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Sat, 22 Nov 2014 04:18:04 GMT
Server: Apache
Content-Type: text/html
X-Powered-By: PHP/5.3.27
Second query (visit from search engine):
GET / HTTP/1.1
Host: investasicondotel.com
Referer: http://www.google.com/search?q=investasicondotel.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: investasicondotel.com
Referer: http://www.google.com/search?q=investasicondotel.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=investasicondotel.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://investasicondotel.com/
Result: investasicondotel.com is not infected or malware details are not published yet.
Result: investasicondotel.com is not infected or malware details are not published yet.