Scanned pages/files
Request | Server response | Status |
http://marriageinvitationcards.net/ | 200 OK Content-Length: 7687 Content-Type: text/html | suspicious |
Deface/Content modification. The following signature was found: Hacked By PhantomGhost <head> <meta http-equiv="Content-Language" content="en-us"> <title>Hacked By PhantomGhost</title> <script>var numraindrops="150";var speed="5";var rainsize="2";var wind="left";var genxgallery="";function tb5_makeArray(n){this.length=n;return this.length;} tb5_messages=new tb5_makeArray(2);tb5_messages[0]="Hacked by";tb5_messages[1]="PhantomGhost";tb5_rptType='infinite';tb5_rptNbr=10;tb5_speed=50;tb5_delay=2000;var tb5_counter=1;var tb5_currMsg=0;var tb5_stsmsg="";function tb5_shuffle(arr){var k ...[8019 bytes skipped]... | ||
http://marriageinvitationcards.net/test404page.js | 500 timeout Content-Length: 30 Content-Type: text/plain | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: marriageinvitationcards.net
Result:
HTTP/1.1 200 OK
Connection: close
Date: Mon, 22 Sep 2014 09:31:30 GMT
Accept-Ranges: bytes
Server: Apache
Vary: Accept-Encoding
Content-Length: 7687
Content-Type: text/html
Last-Modified: Sun, 01 Jun 2014 14:19:06 GMT
...7687 bytes of data.
GET / HTTP/1.1
Host: marriageinvitationcards.net
Result:
HTTP/1.1 200 OK
Connection: close
Date: Mon, 22 Sep 2014 09:31:30 GMT
Accept-Ranges: bytes
Server: Apache
Vary: Accept-Encoding
Content-Length: 7687
Content-Type: text/html
Last-Modified: Sun, 01 Jun 2014 14:19:06 GMT
...7687 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: marriageinvitationcards.net
Referer: http://www.google.com/search?q=marriageinvitationcards.net
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: marriageinvitationcards.net
Referer: http://www.google.com/search?q=marriageinvitationcards.net
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=marriageinvitationcards.net
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://marriageinvitationcards.net/
Result: marriageinvitationcards.net is not infected or malware details are not published yet.
Result: marriageinvitationcards.net is not infected or malware details are not published yet.