Scanned pages/files
Request | Server response | Status |
http://popularsaudi.com/ | 200 OK Content-Length: 3900 Content-Type: text/html | suspicious |
Deface/Content modification. The following signature was found: Hacked By v3x3r LocalRooT ...[103 bytes skipped]... tml1-transitional.dtd"> <html xml:lang="en" xmlns="http://www.w3.org/1999/xhtml" lang="en"><head> <!--<link REL="SHORTCUT ICON" HREF="http://www.purevolume.com/favicon.ico">--> <meta http-equiv="content-type" content="text/html; charset=UTF-8"> <meta name="keywords" content="v3x3r LocalRoot - Was h3r3 "> <title>Hacked By v3x3r LocalRooT</title> <script>alert("Welcome LoL.....")</script> </head> <body oncontextmenu="return false;"> <style type="text/css" media="screen"> /* Default Style */ BODY { font-family: Verdana, Arial; font-size: 14px; color: #ffffff; background-color: #000000; background-image: url(http://i1004.photobucket.com/albums/af163/imnu11/openbg.gif); backgroun ...[3862 bytes skipped]... | ||
http://popularsaudi.com/test404page.js | 404 Not Found Content-Length: 12839 Content-Type: text/html | clean |
http://code.jquery.com/jquery-1.9.1.js | 200 OK Content-Length: 268381 Content-Type: application/x-javascript | clean |
http://suspended.hostgator.com/js/simple-expand.min.js | 200 OK Content-Length: 2782 Content-Type: text/javascript | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: popularsaudi.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Thu, 03 Apr 2014 18:54:06 GMT
Accept-Ranges: bytes
Server: nginx/1.4.7
Content-Length: 3900
Content-Type: text/html
Last-Modified: Tue, 10 Dec 2013 21:24:47 GMT
...3900 bytes of data.
GET / HTTP/1.1
Host: popularsaudi.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Thu, 03 Apr 2014 18:54:06 GMT
Accept-Ranges: bytes
Server: nginx/1.4.7
Content-Length: 3900
Content-Type: text/html
Last-Modified: Tue, 10 Dec 2013 21:24:47 GMT
...3900 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: popularsaudi.com
Referer: http://www.google.com/search?q=popularsaudi.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: popularsaudi.com
Referer: http://www.google.com/search?q=popularsaudi.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=popularsaudi.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://popularsaudi.com/
Result: popularsaudi.com is not infected or malware details are not published yet.
Result: popularsaudi.com is not infected or malware details are not published yet.