Scanned pages/files
| Request | Server response | Status |
http://mannenmassages.nl/ | 200 OK Content-Length: 596 Content-Type: text/html | suspicious |
Deface/Content modification. The following signature was found: Hacked by Said-Verde-Rosso <center><img src="http://zonehmirrors.org/defaced/2014/11/27/www.fssm.ucam.ac.ma/www9.0zz0.com/2012/03/15/19/237440624.gif" width="900" height="450"><p><br>
<style>body{overflow:hidden;background-color:black}#q{font:40px impact;color:white;position:absolute;left:0;right:0;top:43%}</style><title>Hacked by Said-Verde-Rosso </title><center><div id=q>Hacked by Said-Verde-Rosso<br>Algerian Hacker<br> <a target="_blank" href="https://www.facebook.com/said.dz.hacker"> <img border="0" src="http://www.wata.cc/up/2015/04/images/w-4b09ddaa79.png" width="46" height="51"> <p align="center"> <br> | ||
http://mannenmassages.nl/test404page.js | 200 OK Content-Length: 3892 Content-Type: text/html | clean |
http://www.google-analytics.com/ga.js | 200 OK Content-Length: 43082 Content-Type: text/javascript | clean |
http://mannenmassages.nl//cdn.ad-score.com/adscore.js/ | 200 OK Content-Length: 3892 Content-Type: text/html | clean |
http://mannenmassages.nl//ext1.engageya.com/widget/inject_spark/inj_sprk_starter.js?pid=LTEsMTQyNTU5LDk0NjA4LDU0OTcx&subid=1263_20586&appname=unisales/ | 200 OK Content-Length: 3892 Content-Type: text/html | clean |
http://ext1-api.engageya.com/gas-api/feed.json?cb=inj_sprk_callback&format=json&action=paid&url=http%3A%2F%2Fwww.gbza.edu.sk%2F&count=22&is_xpath=0&min_count=2&lang=en-US&cs=windows-1252&pid=LTEsMTQyNTU5LDk0NjA4LDU0OTcx&subid=1263_20586&title=&kwrds= | 200 OK Content-Length: 1412 | clean |
http://ext1-api.engageya.com/test404page.js | 400 Bad Request Content-Length: 0 | clean |
http://code.jquery.com/jquery-latest.min.js | 200 OK Content-Length: 95786 Content-Type: application/javascript | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: mannenmassages.nl
Result:
HTTP/1.1 200 OK
Connection: close
Date: Tue, 24 Nov 2015 11:53:34 GMT
Accept-Ranges: bytes
Server: nginx/1.8.0
Vary: Accept-Encoding,User-Agent
Content-Length: 596
Content-Type: text/html
Last-Modified: Fri, 20 Nov 2015 12:27:35 GMT
...596 bytes of data.
GET / HTTP/1.1
Host: mannenmassages.nl
Result:
HTTP/1.1 200 OK
Connection: close
Date: Tue, 24 Nov 2015 11:53:34 GMT
Accept-Ranges: bytes
Server: nginx/1.8.0
Vary: Accept-Encoding,User-Agent
Content-Length: 596
Content-Type: text/html
Last-Modified: Fri, 20 Nov 2015 12:27:35 GMT
...596 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: mannenmassages.nl
Referer: http://www.google.com/search?q=mannenmassages.nl
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: mannenmassages.nl
Referer: http://www.google.com/search?q=mannenmassages.nl
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=mannenmassages.nl
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://mannenmassages.nl/
Result: mannenmassages.nl is not infected or malware details are not published yet.
Result: mannenmassages.nl is not infected or malware details are not published yet.