Scanned pages/files
Request | Server response | Status |
http://www.patentim1.com/ | 200 OK Content-Length: 22477 Content-Type: text/html | suspicious |
Deface/Content modification. The following signature was found: Hacked By AnonGhost ...[20767 bytes skipped]... class='right'> </a> </span> <div class='clr'></div> </div><!--/ Codrops top bar --> <header> <p > <html> <head> <meta http-equiv='Content-Type' content='text/html; charset=ISO-8859-1'> <title>Hacked By AnonGhost </title> <meta name='Keywords' content='Hacked By AnonGhost'> <link rel='shortcut icon' href='http://www.iconj.com/ico/u/5/u5oywrf99u.ico' type='image/x-icon' /> <script language='JavaScript1.2'> function ejs_nodroit() { return(false); } document.oncontextmenu = ejs_nodroit; </script> <style type='text/css'> ...[5647 bytes skipped]... | ||
http://www.patentim1.com/googledrive.com/host/0B0FAryoVedK0Szk4WW9GR3ZKWDg/modernizr.custom.86080.js | HTTP/1.1 302 Redirect Date: Thu, 09 Apr 2015 08:37:12 GMT Location: http://www.patentim1.com/ Content-Length: 148 Content-Type: text/html; charset=UTF-8 X-Powered-By: ASP.NET | clean |
http://www.patentim1.com/test404page.js | HTTP/1.1 302 Redirect Date: Thu, 09 Apr 2015 08:37:13 GMT Location: http://www.patentim1.com/ Content-Length: 148 Content-Type: text/html; charset=UTF-8 X-Powered-By: ASP.NET | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: patentim1.com
Result:
GET / HTTP/1.1
Host: patentim1.com
Result:
Second query (visit from search engine):
GET / HTTP/1.1
Host: patentim1.com
Referer: http://www.google.com/search?q=patentim1.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: patentim1.com
Referer: http://www.google.com/search?q=patentim1.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=patentim1.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://patentim1.com/
Result: patentim1.com is not infected or malware details are not published yet.
Result: patentim1.com is not infected or malware details are not published yet.