Scanned pages/files
Request | Server response | Status |
http://malawimakeup.com/ | 200 OK Content-Length: 4096 Content-Type: text/html | suspicious |
Deface/Content modification. The following signature was found: Hacked By Team 187 <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd"> <html><head> <meta http-equiv="Content-Language" content="en-us"> <meta http-equiv="Content-Type" content="text/html; charset=windows-1252"><title>Hacked By Team 187</title> </head><body style="background-color: rgb(255, 255, 255); color: rgb(255, 255, 255);"> <center> <p align="center" dir="ltr"> <img src="http://store2.up-00.com/2015-05/1432946631481.png" border="0" height="219" width="207"></p> <p align="center" dir="ltr"><b><span lang="ar-sa"> <font face="Times New Roman" size="4"><font color="#80 ...[4884 bytes skipped]... | ||
http://malawimakeup.com/test404page.js | 404 Not Found Content-Length: 464 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: malawimakeup.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Thu, 11 Jun 2015 06:25:59 GMT
Server: Apache/2.2.29 (Unix) mod_ssl/2.2.29 OpenSSL/1.0.1e-fips mod_bwlimited/1.4
Content-Type: text/html; charset=UTF-8
X-Powered-By: PHP/5.4.38
GET / HTTP/1.1
Host: malawimakeup.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Thu, 11 Jun 2015 06:25:59 GMT
Server: Apache/2.2.29 (Unix) mod_ssl/2.2.29 OpenSSL/1.0.1e-fips mod_bwlimited/1.4
Content-Type: text/html; charset=UTF-8
X-Powered-By: PHP/5.4.38
Second query (visit from search engine):
GET / HTTP/1.1
Host: malawimakeup.com
Referer: http://www.google.com/search?q=malawimakeup.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: malawimakeup.com
Referer: http://www.google.com/search?q=malawimakeup.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=malawimakeup.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://malawimakeup.com/
Result: malawimakeup.com is not infected or malware details are not published yet.
Result: malawimakeup.com is not infected or malware details are not published yet.