Scanned pages/files
Request | Server response | Status |
http://nammi.ru/ | 200 OK Content-Length: 625 Content-Type: text/html | suspicious |
Deface/Content modification. The following signature was found: hacked. Notified by HolaKo,hacked by holako <html><META NAME='Description' CONTENT='hacked. Notified by HolaKo,hacked by holako'>
<META NAME='Keywords' CONTENT='HolaKo,hacked,defaced,hacker,hacked by HolaKo,hacking ,defaced,defacement,hacking, HolaKo,defacer'> <title>Hacked By HolaKo</title> <style>h2 { color: white; text-align: center;}</style> <BODY BGCOLOR='black'> <div style='text-align: center;'><img border='0px' align='middle' src='http://www9.0zz0.com/2015/03/03/17/949089589.png' height='400' width='900' title='1337' alt='1337' /><pre> <b><h2>Hacked By HolaKo</h2> <h2>Free Palestine !</h2> <h2>Contact : v0v@outlook.com</h2></pre> </div> </html> | ||
http://nammi.ru/test404page.js | 200 OK Content-Length: 625 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: nammi.ru
Result:
HTTP/1.1 200 OK
Connection: close
Date: Wed, 25 Mar 2015 08:25:13 GMT
Server: Apache/2.2.16 (Debian)
Vary: Accept-Encoding
Content-Type: text/html
X-Powered-By: PHP/5.3.3-7+squeeze19
GET / HTTP/1.1
Host: nammi.ru
Result:
HTTP/1.1 200 OK
Connection: close
Date: Wed, 25 Mar 2015 08:25:13 GMT
Server: Apache/2.2.16 (Debian)
Vary: Accept-Encoding
Content-Type: text/html
X-Powered-By: PHP/5.3.3-7+squeeze19
Second query (visit from search engine):
GET / HTTP/1.1
Host: nammi.ru
Referer: http://www.google.com/search?q=nammi.ru
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: nammi.ru
Referer: http://www.google.com/search?q=nammi.ru
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=nammi.ru
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://nammi.ru/
Result: nammi.ru is not infected or malware details are not published yet.
Result: nammi.ru is not infected or malware details are not published yet.