Scanned pages/files
Request | Server response | Status |
http://www.sanitas-segurosysalud.com/ | 200 OK Content-Length: 670 Content-Type: text/html | suspicious |
Deface/Content modification. The following signature was found: HACKED By FiHACK <html>
<head> <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> <title>HACKED By FiHACK</title> <link rel="shortcut icon" href="http://s1307.hizliresim.com/1c/n/qk7kn.png"/> <body bgcolor="black"> <center> <br><br> <img src="http://i.hizliresim.com/kk1mqy.jpg" width="480px" height="480px"> <br> <img src="http://i.hizliresim.com/PpzN4Q.png"> <br> <img src="http://i.hizliresim.com/AEPGVX.png"> ...[325 bytes skipped]... | ||
http://www.sanitas-segurosysalud.com/test404page.js | HTTP/1.1 302 Found Connection: close Date: Tue, 02 Jun 2015 20:08:11 GMT Location: http://www.sanitas-segurosysalud.com/404.html Server: Apache Content-Length: 229 Content-Type: text/html; charset=iso-8859-1 | clean |
http://www.sanitas-segurosysalud.com/404.html | HTTP/1.1 302 Found Connection: close Date: Tue, 02 Jun 2015 20:08:12 GMT Location: http://www.sanitas-segurosysalud.com/404.html Server: Apache Content-Length: 229 Content-Type: text/html; charset=iso-8859-1 | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: sanitas-segurosysalud.com
Result:
GET / HTTP/1.1
Host: sanitas-segurosysalud.com
Result:
Second query (visit from search engine):
GET / HTTP/1.1
Host: sanitas-segurosysalud.com
Referer: http://www.google.com/search?q=sanitas-segurosysalud.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: sanitas-segurosysalud.com
Referer: http://www.google.com/search?q=sanitas-segurosysalud.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=sanitas-segurosysalud.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://sanitas-segurosysalud.com/
Result: sanitas-segurosysalud.com is not infected or malware details are not published yet.
Result: sanitas-segurosysalud.com is not infected or malware details are not published yet.