Scanned pages/files
Request | Server response | Status |
http://test-site-1.info/ | 200 OK Content-Length: 1265 Content-Type: text/html | suspicious |
Deface/Content modification. The following signature was found: Hacked By Mehdi.Hidden <head>
<style> @font-face { font-family: 'mh4'; src: url('http://mehdihidden.fulba.com/mh4.ttf'); format('opentype'); } </style> </head> <br><br><br> <body bgcolor ="#000000"> <center> <font color="#77fb59" size="90px" face="mh4"> Hacked By Mehdi.Hidden </font><BR> <font color="#77fb59" size="5" face="mh4"> Your Security Is Low !!!<BR> M3hd1.h1dd3n@live.com </font> <BR><br><br> <font color="#77fb59" size="2" face="mh4"> <pre> _ _ _____ _ ________ _____ _ | | | | /\ / ____| |/ / ____| __ \ | | | |__| | / \ | | | ' /| |__ | | | | | | ...[778 bytes skipped]... | ||
http://test-site-1.info/test404page.js | 404 Not Found Content-Length: 331 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: test-site-1.info
Result:
HTTP/1.1 200 OK
Connection: close
Date: Sun, 15 Jun 2014 21:07:12 GMT
Server: Apache mod_fcgid/2.3.10-dev
Content-Length: 1265
Content-Type: text/html
X-Powered-By: PHP/5.4.26
...1265 bytes of data.
GET / HTTP/1.1
Host: test-site-1.info
Result:
HTTP/1.1 200 OK
Connection: close
Date: Sun, 15 Jun 2014 21:07:12 GMT
Server: Apache mod_fcgid/2.3.10-dev
Content-Length: 1265
Content-Type: text/html
X-Powered-By: PHP/5.4.26
...1265 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: test-site-1.info
Referer: http://www.google.com/search?q=test-site-1.info
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: test-site-1.info
Referer: http://www.google.com/search?q=test-site-1.info
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=test-site-1.info
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://test-site-1.info/
Result: test-site-1.info is not infected or malware details are not published yet.
Result: test-site-1.info is not infected or malware details are not published yet.