Scanned pages/files
Request | Server response | Status |
http://statheramprosta.gr/ | 200 OK Content-Length: 9080 Content-Type: text/html | suspicious |
Deface/Content modification. The following signature was found: ..::Hacked by X-Sec Team::.. ...[7566 bytes skipped]... if(currentStyle=='inline') { currentStyle='none'; } else { currentStyle='inline'; } document.getElementById('blink').style.display = currentStyle; setTimeout('blinkSpan()',400); }msg = "..::Hacked by X-Sec Team::.."; msg = " " + msg;pos = 0; function scrollMSG() { document.title = msg.substring(pos, msg.length) + msg.substring(0, pos); pos++; if (pos > msg.length) pos = 0 window.setTimeout("scrollMSG()",100); } scrollMSG(); </script> <img src= ...[2839 bytes skipped]... | ||
http://statheramprosta.gr/test404page.js | 200 OK Content-Length: 9080 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: statheramprosta.gr
Result:
HTTP/1.1 200 OK
Cache-Control: max-age=1
Connection: close
Date: Sat, 11 Jul 2015 07:24:51 GMT
Server: nginx
Content-Type: text/html
Expires: Sat, 11 Jul 2015 07:24:52 GMT
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-Powered-By: PleskLin
X-XSS-Protection: 0
GET / HTTP/1.1
Host: statheramprosta.gr
Result:
HTTP/1.1 200 OK
Cache-Control: max-age=1
Connection: close
Date: Sat, 11 Jul 2015 07:24:51 GMT
Server: nginx
Content-Type: text/html
Expires: Sat, 11 Jul 2015 07:24:52 GMT
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-Powered-By: PleskLin
X-XSS-Protection: 0
Second query (visit from search engine):
GET / HTTP/1.1
Host: statheramprosta.gr
Referer: http://www.google.com/search?q=statheramprosta.gr
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: statheramprosta.gr
Referer: http://www.google.com/search?q=statheramprosta.gr
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=statheramprosta.gr
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://statheramprosta.gr/
Result: statheramprosta.gr is not infected or malware details are not published yet.
Result: statheramprosta.gr is not infected or malware details are not published yet.