Scanned pages/files
| Request | Server response | Status |
http://shoman-eg.com/ | 200 OK Content-Length: 4622 Content-Type: text/html | suspicious |
Deface/Content modification. The following signature was found: Hacked By Jarino8 ...[1366 bytes skipped]... ing="no" frameborder="0" style="border: medium none; overflow: hidden; height: 270px; width: 245px;background:#fff;" src="http://www.facebook.com/plugins/likebox.php?href=https://www.facebook.com/jarino8Officiel&width=245&colorscheme=light&show_faces=true&connections=9&stream=false&header=false&height=270"></iframe> </div><br><br> <title>Hacked By Jarino8</title><link href="http://fonts.googleapis.com/css?family=Cantarell" rel="stylesheet" type="text/css" /> <body style="background: black ;no-repeat center center fixed; -webkit-background-size: cover; -moz-background-size: cover; -o-background-size: cover; background-size: cover;" bgcolor="#000" marginheight="0" marginwidth="0"> </head><body><link rel="stylesheet" href="http://codersleet.cum.ir/Css/style.css" media="screen" type ...[3418 bytes skipped]... | ||
https://ajax.googleapis.com/ajax/libs/jquery/1.6.1/jquery.min.js | 200 OK Content-Length: 91342 Content-Type: text/javascript | clean |
http://shoman-eg.com/test404page.js | 404 Not Found Content-Length: 1245 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: shoman-eg.com
Result:
HTTP/1.1 200 OK
Cache-Control: private
Date: Sat, 25 Jul 2015 07:53:00 GMT
Server: Microsoft-IIS/7.5
Content-Length: 4622
Content-Type: text/html; charset=utf-8
Set-Cookie: ASP.NET_SessionId=z31yfxzor0d10eyuerohm5a3; path=/; HttpOnly
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
X-Powered-By-Plesk: PleskWin
...4622 bytes of data.
GET / HTTP/1.1
Host: shoman-eg.com
Result:
HTTP/1.1 200 OK
Cache-Control: private
Date: Sat, 25 Jul 2015 07:53:00 GMT
Server: Microsoft-IIS/7.5
Content-Length: 4622
Content-Type: text/html; charset=utf-8
Set-Cookie: ASP.NET_SessionId=z31yfxzor0d10eyuerohm5a3; path=/; HttpOnly
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
X-Powered-By-Plesk: PleskWin
...4622 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: shoman-eg.com
Referer: http://www.google.com/search?q=shoman-eg.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: shoman-eg.com
Referer: http://www.google.com/search?q=shoman-eg.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=shoman-eg.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://shoman-eg.com/
Result: shoman-eg.com is not infected or malware details are not published yet.
Result: shoman-eg.com is not infected or malware details are not published yet.