Scanned pages/files
| Request | Server response | Status |
http://tuscan-houses.com/ | 200 OK Content-Length: 16083 Content-Type: text/html | suspicious |
Deface/Content modification. The following signature was found: hacked by hasani_farhad ...[10381 bytes skipped]... ng="es">hasani_farhad@yahoo.com</a><br /><center> <div id="example1"><img src="http://1-ps.googleusercontent.com/x/www.saksham.org/www.uploadax.com/images/400x400x10439476686455707351.jpg.pagespeed.ic.nzFiJ2sAJq.png" alt="" width="400" height="400" /><br /> <p id="example2"><br /> <span style="color: #0066ff; font-family: Orbitron; font-size: 300%;"> hacked by hasani_farhad </span> <br /> <span style="color: blueviolet; font-family: Orbitron; font-size: large;">[ http://www.irsecteam.org ]</span> <br /><span style="color: coral; font-family: Orbitron; font-size: large;">Greetz to:|YoSeF__HaCkeR| LinX86 | goldhat | armoon | alimp5 | alireza666| EnDLeSs | Shahram Black Hat | | R@DIK@L | 8aT H4cK3r | ÂHOt0N | Unique Saboteur | shell7x | Mosi.Pro | poya21 |& all Iran security members*} !!|</span&g ...[8051 bytes skipped]... | ||
http://tuscan-houses.com/js/jquery.js | 200 OK Content-Length: 248235 Content-Type: application/x-javascript | clean |
http://tuscan-houses.com/js/myFunc.js | 200 OK Content-Length: 14758 Content-Type: application/x-javascript | clean |
http://tuscan-houses.com/Scripts/AC_RunActiveContent.js | 200 OK Content-Length: 8029 Content-Type: application/x-javascript | clean |
http://tracker.stats.in.th/tracker.php?uid=15239 | 200 OK Content-Length: 586 Content-Type: text/javascript | clean |
http://tuscan-houses.com/index.php | 200 OK Content-Length: 16083 Content-Type: text/html | clean |
http://tuscan-houses.com/profile.php | 200 OK Content-Length: 10334 Content-Type: text/html | clean |
http://tuscan-houses.com/home.php | 200 OK Content-Length: 16083 Content-Type: text/html | clean |
http://tuscan-houses.com/gallery.php | 200 OK Content-Length: 21489 Content-Type: text/html | clean |
http://tuscan-houses.com/portfolio.php | 200 OK Content-Length: 11102 Content-Type: text/html | clean |
http://tuscan-houses.com/news.php | 200 OK Content-Length: 11728 Content-Type: text/html | clean |
http://tuscan-houses.com/interior.php | 200 OK Content-Length: 18445 Content-Type: text/html | clean |
http://tuscan-houses.com/js/prototype.js | 200 OK Content-Length: 126132 Content-Type: application/x-javascript | clean |
http://tuscan-houses.com/js/scriptaculous.js?load=effects,builder | 200 OK Content-Length: 2654 Content-Type: application/x-javascript | clean |
http://tuscan-houses.com/js/lightbox.js | 200 OK Content-Length: 18389 Content-Type: application/x-javascript | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: tuscan-houses.com
Result:
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Sun, 05 Oct 2014 10:04:32 GMT
Pragma: no-cache
Server: nginx
Content-Type: text/html
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Set-Cookie: PHPSESSID=ggrp0kgs6bv38cgsaksie5ndg7; path=/
X-Powered-By: PleskLin
GET / HTTP/1.1
Host: tuscan-houses.com
Result:
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Sun, 05 Oct 2014 10:04:32 GMT
Pragma: no-cache
Server: nginx
Content-Type: text/html
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Set-Cookie: PHPSESSID=ggrp0kgs6bv38cgsaksie5ndg7; path=/
X-Powered-By: PleskLin
Second query (visit from search engine):
GET / HTTP/1.1
Host: tuscan-houses.com
Referer: http://www.google.com/search?q=tuscan-houses.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: tuscan-houses.com
Referer: http://www.google.com/search?q=tuscan-houses.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=tuscan-houses.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://tuscan-houses.com/
Result: tuscan-houses.com is not infected or malware details are not published yet.
Result: tuscan-houses.com is not infected or malware details are not published yet.