Scanned pages/files
Request | Server response | Status |
http://millerservices.biz/ | HTTP/1.1 200 OK Connection: close Date: Tue, 07 Apr 2015 01:02:12 GMT Accept-Ranges: bytes ETag: "81-4c8e5b1ea21cb" Server: Apache/2.4.7 (Ubuntu) Vary: Accept-Encoding Content-Length: 129 Content-Type: text/html Last-Modified: Tue, 04 Sep 2012 19:59:24 GMT | clean |
http://email.millerservices.biz/shop | HTTP/1.1 301 Moved Permanently Connection: close Date: Tue, 07 Apr 2015 01:02:12 GMT Location: http://email.millerservices.biz/shop/ Server: Apache/2.4.7 (Ubuntu) Content-Length: 334 Content-Type: text/html; charset=iso-8859-1 | clean |
http://email.millerservices.biz/shop/ | 200 OK Content-Length: 2569 Content-Type: text/html | suspicious |
Deface/Content modification. The following signature was found: Hacked By TurkeySecurity <TITLE>Hacked By TurkeySecurity</TITLE> </head>
<BODY style="background:url(http://i.hizliresim.com/ZLm6oa.jpg) center no-repeat;"> <body text="#FFFFFF" bgcolor="#000000"><p align="center"><br><font size="10" face="Verdana" color="#FF0000"></font><img src="http://i.hizliresim.com/PvA1M9.png" width="300" height="333" align="center"><br><font size="1" face="Verdana"><b>TurkeySec ...[2857 bytes skipped]... | ||
http://email.millerservices.biz/test404page.js | 404 Not Found Content-Length: 301 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: millerservices.biz
Result:
HTTP/1.1 200 OK
Connection: close
Date: Tue, 07 Apr 2015 01:02:12 GMT
Accept-Ranges: bytes
ETag: "81-4c8e5b1ea21cb"
Server: Apache/2.4.7 (Ubuntu)
Vary: Accept-Encoding
Content-Length: 129
Content-Type: text/html
Last-Modified: Tue, 04 Sep 2012 19:59:24 GMT
...129 bytes of data.
GET / HTTP/1.1
Host: millerservices.biz
Result:
HTTP/1.1 200 OK
Connection: close
Date: Tue, 07 Apr 2015 01:02:12 GMT
Accept-Ranges: bytes
ETag: "81-4c8e5b1ea21cb"
Server: Apache/2.4.7 (Ubuntu)
Vary: Accept-Encoding
Content-Length: 129
Content-Type: text/html
Last-Modified: Tue, 04 Sep 2012 19:59:24 GMT
...129 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: millerservices.biz
Referer: http://www.google.com/search?q=millerservices.biz
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: millerservices.biz
Referer: http://www.google.com/search?q=millerservices.biz
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=millerservices.biz
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://millerservices.biz/
Result: millerservices.biz is not infected or malware details are not published yet.
Result: millerservices.biz is not infected or malware details are not published yet.