Scanned pages/files
Request | Server response | Status |
http://veronicasmith.com/ | 200 OK Content-Length: 2160 Content-Type: text/html | suspicious |
Hidden iFrame found. size: 1x1 src: http://www.youtube.com/embed/zog9l4_dbdm?rel=0&autoplay=1&loop=1&playlist=mq8lmjglizk <iframe width="1" height="1" src="http://www.youtube.com/embed/zog9l4_dbdm?rel=0&autoplay=1&loop=1&playlist=mq8lmjglizk" frameborder="0" allowfullscreen> Deface/Content modification. The following signature was found: israhell, if you are asking why your website got hacked by us, its basically because we want to sha ...[380 bytes skipped]... onmousedown='return false;'> <body bgcolor=#000000><center> <br><br><center> <font size="4" face="Courier New" color="#B40404"><b> ~ <br> <font size="4" face="Courier New" color="#FF0000">We are the sound of the forgotten people, the freedom fighter in the cyberworld and our main target is Sionisme and israhell, if you are asking why your website got hacked by us, its basically because we want to share our message and show the world who we are, we are not looking for fame but we have a goal to achieve we supporte all hackers teams and we supporte all the freedom mouvement in the world. #OpSaveAlAqsa decided , Expect us ! - Palestine Is Not Israel<br> <br> <center><img src="http://i0.kym-cdn.com/entries/icons/original/000/016/085/hqdefault.jpg" width="720" height=350" /></center> ...[1220 bytes skipped]... | ||
http://veronicasmith.com/test404page.js | 200 OK Content-Length: 2160 Content-Type: text/html | suspicious |
Hidden iFrame found. size: 1x1 src: http://www.youtube.com/embed/zog9l4_dbdm?rel=0&autoplay=1&loop=1&playlist=mq8lmjglizk <iframe width="1" height="1" src="http://www.youtube.com/embed/zog9l4_dbdm?rel=0&autoplay=1&loop=1&playlist=mq8lmjglizk" frameborder="0" allowfullscreen> |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: veronicasmith.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Thu, 07 May 2015 18:51:21 GMT
Server: Apache/2.2.29 (Unix) mod_ssl/2.2.29 OpenSSL/0.9.8e-fips-rhel5 mod_bwlimited/1.4 mod_perl/2.0.8 Perl/v5.8.8
Content-Type: text/html
X-Powered-By: PHP/5.2.17
GET / HTTP/1.1
Host: veronicasmith.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Thu, 07 May 2015 18:51:21 GMT
Server: Apache/2.2.29 (Unix) mod_ssl/2.2.29 OpenSSL/0.9.8e-fips-rhel5 mod_bwlimited/1.4 mod_perl/2.0.8 Perl/v5.8.8
Content-Type: text/html
X-Powered-By: PHP/5.2.17
Second query (visit from search engine):
GET / HTTP/1.1
Host: veronicasmith.com
Referer: http://www.google.com/search?q=veronicasmith.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: veronicasmith.com
Referer: http://www.google.com/search?q=veronicasmith.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=veronicasmith.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://veronicasmith.com/
Result: veronicasmith.com is not infected or malware details are not published yet.
Result: veronicasmith.com is not infected or malware details are not published yet.