Scanned pages/files
Request | Server response | Status |
http://tasnaa.com/ | 200 OK Content-Length: 4557 Content-Type: text/html | suspicious |
Deface/Content modification. The following signature was found: HaCkeD By Lion.Hacker <html prefix="og: http://ogp.me/ns#"> <head> <meta http-equiv="Content-Language" content="en-us"> <meta name="keywords" content="HaCkeD By Lion.Hacker "> <meta name="description" content="HaCkeD By Lion.Hacker "> <title>HaCkeD By Lion.Hacker</title> <style> <!-- *{padding: 0px;margin: 0px;} .style68 { color: #FFFFFF; } .style69 { color: #CC0000; } --> </style> </head> <body bgcolor="#000000"> <p align="center"> </p ...[6100 bytes skipped]... | ||
http://tasnaa.com/test404page.js | 404 Not Found Content-Length: 331 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: tasnaa.com
Result:
HTTP/1.1 200 OK
Cache-Control: private, no-cache
Connection: close
Date: Tue, 15 Dec 2015 17:50:33 GMT
Pragma: no-cache
Server: Apache
Content-Type: text/html; charset=utf-8
Expires:
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Set-Cookie: 30c9842ac2fcb2759a8e20b182ca5203=09eb739bb78fb9f4a806f83a5b96b129; path=/; HttpOnly
Set-Cookie: jm_arise_tpl=jm_arise; expires=Sun, 04-Dec-2016 17:50:33 GMT; path=/
X-Logged-In: False
X-Powered-By: PHP/5.3.29
GET / HTTP/1.1
Host: tasnaa.com
Result:
HTTP/1.1 200 OK
Cache-Control: private, no-cache
Connection: close
Date: Tue, 15 Dec 2015 17:50:33 GMT
Pragma: no-cache
Server: Apache
Content-Type: text/html; charset=utf-8
Expires:
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Set-Cookie: 30c9842ac2fcb2759a8e20b182ca5203=09eb739bb78fb9f4a806f83a5b96b129; path=/; HttpOnly
Set-Cookie: jm_arise_tpl=jm_arise; expires=Sun, 04-Dec-2016 17:50:33 GMT; path=/
X-Logged-In: False
X-Powered-By: PHP/5.3.29
Second query (visit from search engine):
GET / HTTP/1.1
Host: tasnaa.com
Referer: http://www.google.com/search?q=tasnaa.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: tasnaa.com
Referer: http://www.google.com/search?q=tasnaa.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=tasnaa.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://tasnaa.com/
Result: tasnaa.com is not infected or malware details are not published yet.
Result: tasnaa.com is not infected or malware details are not published yet.