Scanned pages/files
Request | Server response | Status |
http://urlaubskaffee.de/ | 200 OK Content-Length: 1055 Content-Type: text/html | suspicious |
Deface/Content modification. The following signature was found: Hacked by ./R1Z <head><title>Hacked by ./R1Z</title><script src="http://masterendi.googlecode.com/files/salju.js"></script><body oncontextmenu="return false;" onkeydown="return false;" onmousedown="return false;" bgcolor="black"><style type="text/css">body{background: url(http://dc693.4shared.com/download/-GAtduN2ce/emin.jpg) no-repeat center center fixed; #fff-webkit-background-size: cover;-moz-background-size: cover;-o-background-size: cover;b ...[721 bytes skipped]... | ||
http://masterendi.googlecode.com/files/salju.js | 200 OK Content-Length: 3302 Content-Type: text/plain | clean |
http://masterendi.googlecode.com/test404page.js | 404 Not Found Content-Length: 1439 Content-Type: text/html | clean |
http://masterendi.googlecode.com//www.google.com/ | 404 Not Found Content-Length: 1425 Content-Type: text/html | clean |
http://urlaubskaffee.de//www.google.com/ | 404 Not Found Content-Length: 213 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: urlaubskaffee.de
Result:
HTTP/1.1 200 OK
Connection: close
Date: Fri, 22 Aug 2014 19:49:23 GMT
Server: Apache
Vary: Accept-Encoding
Content-Length: 1055
Content-Type: text/html
...1055 bytes of data.
GET / HTTP/1.1
Host: urlaubskaffee.de
Result:
HTTP/1.1 200 OK
Connection: close
Date: Fri, 22 Aug 2014 19:49:23 GMT
Server: Apache
Vary: Accept-Encoding
Content-Length: 1055
Content-Type: text/html
...1055 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: urlaubskaffee.de
Referer: http://www.google.com/search?q=urlaubskaffee.de
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: urlaubskaffee.de
Referer: http://www.google.com/search?q=urlaubskaffee.de
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=urlaubskaffee.de
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://urlaubskaffee.de/
Result: urlaubskaffee.de is not infected or malware details are not published yet.
Result: urlaubskaffee.de is not infected or malware details are not published yet.