Scanned pages/files
Request | Server response | Status |
http://thaurl.com/ | 200 OK Content-Length: 6441 Content-Type: text/html | suspicious |
Deface/Content modification. The following signature was found: Hacked By Skumfuk_45 <html>
<title>Hacked By Skumfuk_45</title> <link href="http://3.bp.blogspot.com/-p9Gpy4D9Fdk/Tkp7TcNp1KI/AAAAAAAAAH0/h9IFTpZMcCE/s1600/wido2.gif%29;%7D#intinya{padding:5px;border-style:solid;border-color:#33FF00;font-family:verdana;font-size:12px;}table{border-style:solid;color:#33FF00;border-color:#33FF00;padding:2px;width:900px;background:#000000;font-family:verdana;}td,tr{padding:2px;border-style:solid;border-color:#33FF00;background:black;}#gree ...[7004 bytes skipped]... | ||
http://thaurl.com/test404page.js | HTTP/1.1 302 Found Connection: close Date: Fri, 09 Oct 2015 14:42:35 GMT Location: http://thaurl.com/ Server: Apache/2.4 Content-Length: 0 Content-Type: text/html; charset=UTF-8 Set-Cookie: X-Mapping-imkmdhmf=92FA931C8738509259A18F949E4D1CCD; path=/ X-Cache-Info: not cacheable; response is 302 without expiry time | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: thaurl.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Fri, 09 Oct 2015 14:42:34 GMT
Accept-Ranges: bytes
Server: Apache/2.4
Content-Length: 6441
Content-Type: text/html; charset=UTF-8
Last-Modified: Thu, 21 Aug 2014 11:37:54 GMT
Set-Cookie: X-Mapping-imkmdhmf=AD6F91DA7A68DE22E49EE7822F7A9416; path=/
...6441 bytes of data.
GET / HTTP/1.1
Host: thaurl.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Fri, 09 Oct 2015 14:42:34 GMT
Accept-Ranges: bytes
Server: Apache/2.4
Content-Length: 6441
Content-Type: text/html; charset=UTF-8
Last-Modified: Thu, 21 Aug 2014 11:37:54 GMT
Set-Cookie: X-Mapping-imkmdhmf=AD6F91DA7A68DE22E49EE7822F7A9416; path=/
...6441 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: thaurl.com
Referer: http://www.google.com/search?q=thaurl.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: thaurl.com
Referer: http://www.google.com/search?q=thaurl.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=thaurl.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://thaurl.com/
Result: thaurl.com is not infected or malware details are not published yet.
Result: thaurl.com is not infected or malware details are not published yet.