Scanned pages/files
| Request | Server response | Status |
http://sunny.it/ | 200 OK Content-Length: 10565 Content-Type: text/html | suspicious |
Deface/Content modification. The following signature was found: Hacked by Giud@M@ligno --- ...[12086 bytes skipped]... >SunnyWebArt</font></a></font></font></font></address> </font> </td> </tr> </table> </div></div> <p align="center"> <img border="0" src="gir05.PNG" width="1000" height="576"></td> </tr> </table> </div> <BR><FONT COLOR=BLACK>Hacked by Giud@M@ligno --->>> giudamaligno666@hotmail.com (sunny.it) </FONT> </body> </html> | ||
http://sunny.it/webtookit.openwindow.js | 200 OK Content-Length: 1806 Content-Type: application/javascript | clean |
http://webplayer.yahooapis.com/player.js | HTTP/1.1 302 Moved Temporarily Cache-Control: max-age=300 Connection: close Date: Wed, 23 Dec 2015 12:20:45 GMT Via: HTTP/1.1 web11.use45.mobstor.bf1.yahoo.com UserFiberFramework/1.0, http/1.1 l7.ycs.dea.yahoo.com (ApacheTrafficServer [cRs f ]) Age: 47 Location: http://bcp-usw45.zenfs.com/ptw/webplayer/player.js?noredirect=1&visited=gops.use45.mobstor.vip.bf1.yahoo.com Server: ATS Vary: Accept-Encoding Content-Length: 25 Content-Type: text/html; charset=iso-8859-1 Expires: Wed, 23 Dec 2015 12:25:45 GMT X-Ysws-Error-Detail: not_in_objectstore X-Ysws-Request-Id: 0d946106-5a1c-4a64-b0a3-e13118fdd6c3 X-Ysws-Visited-Replicas: gops.use45.mobstor.vip.bf1.yahoo.com Y-Trace: BAEAQAAAAADS2d3czb_DZwAAAAAAAAAA5pZehnIXJEYAAAAAAAAAAAAFJ4_DOijcAAUnj8M6KfZU9a5EAAAAAA-- | clean |
http://bcp-usw45.zenfs.com/ptw/webplayer/player.js?noredirect=1&visited=gops.use45.mobstor.vip.bf1.yahoo.com | 404 Not Found Content-Length: 25 Content-Type: text/html | clean |
http://bcp-usw45.zenfs.com/test404page.js | 400 Bad Request Content-Length: 18 | clean |
http://s7.addthis.com/js/250/addthis_widget.js | 200 OK Content-Length: 301778 Content-Type: text/javascript | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: sunny.it
Result:
HTTP/1.1 200 OK
Connection: close
Date: Wed, 23 Dec 2015 12:21:32 GMT
Accept-Ranges: bytes
Server: Apache
Content-Language: it
Content-Length: 10565
Content-Type: text/html
Last-Modified: Sat, 08 Nov 2014 13:17:45 GMT
...10565 bytes of data.
GET / HTTP/1.1
Host: sunny.it
Result:
HTTP/1.1 200 OK
Connection: close
Date: Wed, 23 Dec 2015 12:21:32 GMT
Accept-Ranges: bytes
Server: Apache
Content-Language: it
Content-Length: 10565
Content-Type: text/html
Last-Modified: Sat, 08 Nov 2014 13:17:45 GMT
...10565 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: sunny.it
Referer: http://www.google.com/search?q=sunny.it
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: sunny.it
Referer: http://www.google.com/search?q=sunny.it
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=sunny.it
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://sunny.it/
Result: sunny.it is not infected or malware details are not published yet.
Result: sunny.it is not infected or malware details are not published yet.