Scanned pages/files
| Request | Server response | Status |
http://toniandguy.kz/ | 200 OK Content-Length: 15037 Content-Type: text/html | suspicious |
Deface/Content modification. The following signature was found: HACKED BY Prodigy TN ...[1586 bytes skipped]... /35318175d.png" width="200" /> </b></font></p> <p> </p> <div class="logo"> </div> <p> </p> <center><font face="cursive" size="4"><b><!-----------Powered--By----Fallag-Gassrini---------><br /> <font color="white" face="cursive" font-size="30px"><b>HACKED BY Prodigy TN</b></font></b></font></center> <center><font face="cursive" size="4"><b><font color="white" face="cursive" font-size="30px"><b>From FallaGa Team </b></font></b></font><br /> <font face="cursive" size="4"><b><b><b><font color="red">TUNISIAN FALLAGA TEAM | CYBER RESISTANCE </font></b></b></b></font>< ...[15172 bytes skipped]... | ||
http://apiadvanceelitec-a.akamaihd.net/gsrs?is=isgiwhTN&bp=PB3&g=426ef6d9-0909-4b56-a999-8b3521f80cfd | 200 OK Content-Length: 11274 Content-Type: application/javascript | clean |
http://toniandguy.kz/test404page.js | 404 Not Found Content-Length: 331 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: toniandguy.kz
Result:
HTTP/1.1 200 OK
Cache-Control: no-cache
Connection: close
Date: Mon, 22 Jun 2015 03:45:58 GMT
Pragma: no-cache
Server: nginx
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Set-Cookie: 54ae4bae4f6935c6f698623efc24c2d6=ovk3cnk8r16486ojs6mabesoe0; path=/
X-Cache: HIT from Backend
GET / HTTP/1.1
Host: toniandguy.kz
Result:
HTTP/1.1 200 OK
Cache-Control: no-cache
Connection: close
Date: Mon, 22 Jun 2015 03:45:58 GMT
Pragma: no-cache
Server: nginx
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Set-Cookie: 54ae4bae4f6935c6f698623efc24c2d6=ovk3cnk8r16486ojs6mabesoe0; path=/
X-Cache: HIT from Backend
Second query (visit from search engine):
GET / HTTP/1.1
Host: toniandguy.kz
Referer: http://www.google.com/search?q=toniandguy.kz
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: toniandguy.kz
Referer: http://www.google.com/search?q=toniandguy.kz
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=toniandguy.kz
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://toniandguy.kz/
Result: toniandguy.kz is not infected or malware details are not published yet.
Result: toniandguy.kz is not infected or malware details are not published yet.