Scanned pages/files
Request | Server response | Status |
http://maven-prints.com/ | 200 OK Content-Length: 26140 Content-Type: text/html | suspicious |
Deface/Content modification. The following signature was found: Hacked by Gantengers <embed src="http://divine-music.info/musicfiles/Avenged Sevenfold - Dear God.swf " autostart=true loop=true width=0 height=0 align="CENTER"></embed>
<html><head> <LINK rel="SHORTCUT ICON" href="http://www.paper-machinery.com/flags/Indonesia.gif"> <meta http-equiv="content-type" content="text/html; charset=windows-1250"> <meta name="Hacked by Gantengers" content="Hacked by Gantengers"> <title> C****** Nc was Here</title> </head> <body oncontextmenu="return false" onmousedown="return false" onselectstart="return false" onkeypress="return false" background="data:image/jpeg;base64,/9j/4AAQSkZJRgABAQAAAQABAAD/2wCEAAkGBggGAgkIBwgKCQkKAgoCAgICAg4HCAUKExAVFBMQEhIXGyYeFxkjGRISHy8gIycpLCwsFR4xNTAqNSYrLCkBCQoKBQUFDQUFDSkYEhgpKSkpKSkpKSkpKSkpKSkp ...[35291 bytes skipped]... | ||
http://maven-prints.com/test404page.js | 200 OK Content-Length: 26140 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: maven-prints.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Thu, 11 Dec 2014 06:02:04 GMT
Server: Zeus/4.3
Content-Type: text/html
Set-Cookie: X-Mapping-dccahcdn=7C28C31D365C846154629FBDBE6E68AF; path=/
GET / HTTP/1.1
Host: maven-prints.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Thu, 11 Dec 2014 06:02:04 GMT
Server: Zeus/4.3
Content-Type: text/html
Set-Cookie: X-Mapping-dccahcdn=7C28C31D365C846154629FBDBE6E68AF; path=/
Second query (visit from search engine):
GET / HTTP/1.1
Host: maven-prints.com
Referer: http://www.google.com/search?q=maven-prints.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: maven-prints.com
Referer: http://www.google.com/search?q=maven-prints.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=maven-prints.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://maven-prints.com/
Result: maven-prints.com is not infected or malware details are not published yet.
Result: maven-prints.com is not infected or malware details are not published yet.